Outbound message with multiple recipients creates multiple Data Loss Prevention incidents

Article:TECH205770  |  Created: 2013-04-30  |  Updated: 2013-10-30  |  Article URL http://www.symantec.com/docs/TECH205770
Article Type
Technical Solution


Issue



When an outbound email with multiple recipients (e.g. 3 Hotmail address and 1 Gmail address) was sent through Symantec Messaging Gateway (SMG) with Data Loss Prevention (DLP) inspection, SMG did not include all the Hotmail addresses in 1 SMTP sessions when forwarding the message to DLP. Instead, it separated into 2 SMTP sessions. The first session had 2 Hotmail addresses as recipients and the second session has 1 Hotmail address and the Gmail addresses as recipients. As a result, DLP network report shows 2 incident events.

This happens even when an outbound email was sent to multiple recipients under same domain only. 

 


Environment



SMG 10.0.1


Cause



SMG has submitted the same message for more than once to DLP.


Solution



This issue has been resolved in Symantec Messaging Gateway version 10.0.2.


Supplemental Materials

SourceETrack
Value3056748


Article URL http://www.symantec.com/docs/TECH205770


Terms of use for this information are found in Legal Notices