hello,
Reconciliation works for both linux and windows but usually it is used for same detection channel to take into account that one copy of email is sent to all recipient so if your system is plugged after this operation (done by a mail gateway), you will screen several times same email content and may raise many incident for same original message.
I dont think it will work in your case.
If it does not work you have different possibilities :
- Remove email monitoring in DLP agent configuration
- Define different policies for endpoint and mail prevent
- Add some exceptions in policies (mainly prevent ones as they are executed on server side) to avoid some overhead
each solution has some pros and cons depending on your DLP solution setup and risk you cover with it.
Regards.