Why isn't the Destination shown within the Incident Report after a protection policy detects email sent from Webmail?

FAQ ID:    FAQ1948
Version:    1.0
Status:    Published
Published date:    02/27/2012


Email sent from Webmail is sent through the ProxySG as HTTP decode and is subsequently sent to DLP as HTTP data, so the DLP can only show the match part of the data; either as the sender, receiver, or  mail body, but it cannot determine the source or destination. From the DLP appliance point of view, these email addresses (source or destination) are strings, and are matchable within the data, but it's unable to determine the source or destination based on strings.

Be aware that different Webmail providers use different programming syntax/scripts.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question