Thread Info
  • State Not Answered
  • Replies 1 reply
  • Subscribers 13 subscribers
  • Views 1105 views
  • Users 0 members are here
Options
Suggested

DLP to check about various external domains in an e-mail message.

Cleber Vicentini

Hi, 

Anyone knows how to configure Sophos DLP, or other tool, to check fields To, CC, Bcc for existing multiple external domains?
Example: TO: cccc@gmail.com;bbbbb@hotmail.com

In cases when more than one external domain is fond, stop to send e-mail, notify user and quarantine the message until user confirm to send.



Added tags
[edited by: GlennSen at 12:51 PM (GMT -7) on 3 Oct 2024]
Parents
  • 0

    Hi Cleber,

    Thanks for reaching out to the Sophos Community Forum.

    I suggest checking the article Sophos Endpoint: Known limitations with data loss prevention (DLP)

    The following is listed as "Not scanned"

    • Email message content
    • Forwarded attachments
    • Attachments made using the Send email option within applications (for example, Windows Explorer and Microsoft Office)
    • Attachments using the Email this file option within Windows Explorer
    • Attachments copied from one email to another email
    • Saved attachments
      (however, in a small number of cases, files may be scanned when saved)
    • Drag and drop of files on certain versions of Outlook.
    • Drag and drop of files on the Windows Store Application version of the Windows Mail App.

    An email protection solution such as Sophos Email would be better suited. 

    Could you elaborate on what the end goal in creating such a CCL (Content Control List) would be? Would such a rule be implemented to prevent a compromised email account from sending out spam or something similar? 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • 0

    Hi Cleber,

    Thanks for reaching out to the Sophos Community Forum.

    I suggest checking the article Sophos Endpoint: Known limitations with data loss prevention (DLP)

    The following is listed as "Not scanned"

    • Email message content
    • Forwarded attachments
    • Attachments made using the Send email option within applications (for example, Windows Explorer and Microsoft Office)
    • Attachments using the Email this file option within Windows Explorer
    • Attachments copied from one email to another email
    • Saved attachments
      (however, in a small number of cases, files may be scanned when saved)
    • Drag and drop of files on certain versions of Outlook.
    • Drag and drop of files on the Windows Store Application version of the Windows Mail App.

    An email protection solution such as Sophos Email would be better suited. 

    Could you elaborate on what the end goal in creating such a CCL (Content Control List) would be? Would such a rule be implemented to prevent a compromised email account from sending out spam or something similar? 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data
Unfiltered HTML