Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Configuring the Data Loss Prevention (DLP) Policy of ScanMail for Exchange (SMEX) to Allow Internal Email and Block External Email Recipients on a Single Email

    • Updated:
    • 27 Aug 2021
    • Product/Version:
    • ScanMail for Exchange 14.0
    • Platform:
Summary

This article describes the steps in configuring the Data Loss Prevention (DLP) Policy to scan email recipients, so that the following actions are achieved:

  • Recipients with internal email addresses are not scanned
  • Recipients with external email addresses are scanned and the actions set on the DLP Policy are applied accordingly
Details
Public

Under the Data Loss Prevention > DLP Policies:

  • Enable transport Data Loss Prevention is checked
  • Sub-option Apply policies to "All messages" is selected
  1. On the left column, go to Administrations > Special Groups.
  2. Click the Add button to create a special group.

    create-special-group

    Click the image to enlarge.

  3. On the Add Special Group window, perform the following:
    1. Enter a name for the new group.
    2. On the Select Accounts section, choose the Enter SMTP Address option.
    3. Add the internal domain for the DLP exclusion.
    4. Click the Add button to add the internal domain.
    5. Click Save.

    add-special-group

    Click the image to enlarge.

  4. The created group should be listed on the Special Groups section afterwards.

    special-group

    Click the image to enlarge.

  1. Go to Data Loss Prevention > DLP Policies, and make sure that the Prerequisites are set.
  2. Click the name of the DLP policy to be edited (in this example, "TestPolicy"), then do the following:
    1. On the Accounts dropdown, choose Specific recipient(s).
    2. Click the Edit link on the Selected Recipients section.

    test-policy

    Click the image to enlarge.

  3. Choose Anyone under the Select Accounts window.

    set-to-anyone

    Click the image to enlarge.

  4. Expand Exclude Accounts section, then perform the steps below:
    1. On the dropdown, select the Browse from special groups option.
    2. Select the group containing the internal domain created in Section A.
    3. Click the Add button to add the group.
    4. Click Save.

    exclude-account

    Click the image to enlarge.

  5. Confirm the Recipient(s) list, click Save.

    confirm-recipient

    Click the image to enlarge.

  6. Click Save to apply the new settings.

    saving

    Click the image to enlarge.

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000286654
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.