Outbound message with multiple recipients creates multiple Data Loss Prevention incidents

Article:TECH205770  |  Created: 2013-04-30  |  Updated: 2013-10-30  |  Article URL http://www.symantec.com/docs/TECH205770
Article Type
Technical Solution


When an outbound email with multiple recipients (e.g. 3 Hotmail address and 1 Gmail address) was sent through Symantec Messaging Gateway (SMG) with Data Loss Prevention (DLP) inspection, SMG did not include all the Hotmail addresses in 1 SMTP sessions when forwarding the message to DLP. Instead, it separated into 2 SMTP sessions. The first session had 2 Hotmail addresses as recipients and the second session has 1 Hotmail address and the Gmail addresses as recipients. As a result, DLP network report shows 2 incident events.

This happens even when an outbound email was sent to multiple recipients under same domain only. 



SMG 10.0.1


SMG has submitted the same message for more than once to DLP.


This issue has been resolved in Symantec Messaging Gateway version 10.0.2.

Supplemental Materials


Article URL http://www.symantec.com/docs/TECH205770

Terms of use for this information are found in Legal Notices