Data Loss Prevention Cloud Service for Email

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud 



Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------

Hiya.

Please confirm your Cloud Service was originally setup to use ESS (Email Security.cloud). And then I would check this KB:
Emails rejected by DLP Cloud Service when sending messages from new domains

Domains need to be added to the ESS portal, and then they will be updated on the Cloud Service side afterward.

Cheers,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division
------------------------------

Original Message:
Sent: 07-29-2020 09:23 AM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud

Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------

Original Message:
Sent: 7/30/2020 12:50:00 PM
From: Stephen Heider
Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode

Hiya.

Please confirm your Cloud Service was originally setup to use ESS (Email Security.cloud). And then I would check this KB:
Emails rejected by DLP Cloud Service when sending messages from new domains

Domains need to be added to the ESS portal, and then they will be updated on the Cloud Service side afterward.

Cheers,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division
------------------------------

Original Message:
Sent: 07-29-2020 09:23 AM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud

Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------

Thanks Sorin.

Does your ClientNet portal have the following displayed for your setup?


If not, then you should definitely open a support case. With DLP Cloud Service. We will ask the Order Fulfillment Team to get that fixed.

If it is there already, we may still need a case - troubleshooting setup and other details. We would need to verify config outside of this more public forum!

Thanks,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division
------------------------------

Original Message:
Sent: 07-30-2020 03:57 PM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

Hi Stephen

Thank you for your response.

At the time I configured the Cloud Detection Service, the Email Security .cloud Domains section was not completly configured. There was a problem also, resolved by the support team. The domain was stucked in „propagating" state. In the configuration steps I specified the correct ClientNet ID of the Email Security .cloud service. 

Now, the domain is activated in Email Security .cloud and receive emails from the configured domain when addressed from O365 directly.

Our intention is to trigger the PBE policy by a content-aware DLP policy configured in the on-premise DLP. So I need the Cloud Detection Service before Email Security .cloud in the email flow.

I have to underline that the Cloud Detection Service for Email was ordered separate from the Email Security .cloud service order, as a Standalone service.

Your specified article mentioned an "original provisioning form". I do not find the domain to be whitelisted in the provisioning form. How do I contact the support team who is able to whitelist the required domain (of the company who bought the product) in this cloud service? I tried to contact a support team but no chance/response for more weeks.

As I mentioned, we need to use the forwarding mode and I don't have the interface to make it on my own.

Thank you,

Sorin

Original Message:
Sent: 7/30/2020 12:50:00 PM
From: Stephen Heider
Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode

Hiya.

Please confirm your Cloud Service was originally setup to use ESS (Email Security.cloud). And then I would check this KB:
Emails rejected by DLP Cloud Service when sending messages from new domains

Domains need to be added to the ESS portal, and then they will be updated on the Cloud Service side afterward.

Cheers,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division

Original Message:
Sent: 07-29-2020 09:23 AM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud

Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------

Original Message:
Sent: 7/30/2020 8:53:00 PM
From: Stephen Heider
Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode

Thanks Sorin.

Does your ClientNet portal have the following displayed for your setup?

If not, then you should definitely open a support case. With DLP Cloud Service. We will ask the Order Fulfillment Team to get that fixed.

If it is there already, we may still need a case - troubleshooting setup and other details. We would need to verify config outside of this more public forum!

Thanks,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division
------------------------------

Original Message:
Sent: 07-30-2020 03:57 PM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

Hi Stephen

Thank you for your response.

At the time I configured the Cloud Detection Service, the Email Security .cloud Domains section was not completly configured. There was a problem also, resolved by the support team. The domain was stucked in „propagating" state. In the configuration steps I specified the correct ClientNet ID of the Email Security .cloud service. 

Now, the domain is activated in Email Security .cloud and receive emails from the configured domain when addressed from O365 directly.

Our intention is to trigger the PBE policy by a content-aware DLP policy configured in the on-premise DLP. So I need the Cloud Detection Service before Email Security .cloud in the email flow.

I have to underline that the Cloud Detection Service for Email was ordered separate from the Email Security .cloud service order, as a Standalone service.

Your specified article mentioned an "original provisioning form". I do not find the domain to be whitelisted in the provisioning form. How do I contact the support team who is able to whitelist the required domain (of the company who bought the product) in this cloud service? I tried to contact a support team but no chance/response for more weeks.

As I mentioned, we need to use the forwarding mode and I don't have the interface to make it on my own.

Thank you,

Sorin

Original Message:
Sent: 7/30/2020 12:50:00 PM
From: Stephen Heider
Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode

Hiya.

Please confirm your Cloud Service was originally setup to use ESS (Email Security.cloud). And then I would check this KB:
Emails rejected by DLP Cloud Service when sending messages from new domains

Domains need to be added to the ESS portal, and then they will be updated on the Cloud Service side afterward.

Cheers,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division

Original Message:
Sent: 07-29-2020 09:23 AM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud

Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------

Thanks Sorin.

Without the DLP Cloud Service add on listed in Client Net - your ESS account is not integrated with the DLP Cloud Service. Thus, no messages through DLP are possible.

Sidebar: by "MS" you seem to mean on-premise Microsoft exchange?
We need to verify your setup.

Please open a case with DLP Cloud Service for Email, and when you do, please message me privately with that case number - I will see to it that one of my colleagues or I can help!


------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division
------------------------------

Original Message:
Sent: 07-30-2020 11:51 PM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

Helo Stephen

My ClientNet portal doesn't have that option.

I choosed the O365 option from the 2 available options, because our emails are hosted on MS servers.

The errors are reported from the Cloud Detection Service for Email FQDN server so I understand the issue is reported to Cloud Detection Service for Email service.

The Email Security .cloud support team tell me they can't help me with this problem.

Where should I get this errors fixed? I have opened support cases at Cloud Detection Service for Email support but no feedback.

Thank you,

Sorin

Original Message: Sent: 7/30/2020 8:53:00 PM From: Stephen Heider Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode Thanks Sorin. Does your ClientNet portal have the following displayed for your setup?

If not, then you should definitely open a support case. With DLP Cloud Service. We will ask the Order Fulfillment Team to get that fixed. If it is there already, we may still need a case - troubleshooting setup and other details. We would need to verify config outside of this more public forum! Thanks, Stephen ------------------------------ Global Support Lead, DLP Broadcom, Symantec Enterprise Division
Original Message: Sent: 07-30-2020 03:57 PM From: Sorin Alexandru Hasegan Subject: 550 5.7.1 Domain not authorized in forwarding mode

Hi Stephen

Thank you for your response.

At the time I configured the Cloud Detection Service, the Email Security .cloud Domains section was not completly configured. There was a problem also, resolved by the support team. The domain was stucked in „propagating" state. In the configuration steps I specified the correct ClientNet ID of the Email Security .cloud service. 

Now, the domain is activated in Email Security .cloud and receive emails from the configured domain when addressed from O365 directly.

Our intention is to trigger the PBE policy by a content-aware DLP policy configured in the on-premise DLP. So I need the Cloud Detection Service before Email Security .cloud in the email flow.

I have to underline that the Cloud Detection Service for Email was ordered separate from the Email Security .cloud service order, as a Standalone service.

Your specified article mentioned an "original provisioning form". I do not find the domain to be whitelisted in the provisioning form. How do I contact the support team who is able to whitelist the required domain (of the company who bought the product) in this cloud service? I tried to contact a support team but no chance/response for more weeks.

As I mentioned, we need to use the forwarding mode and I don't have the interface to make it on my own.

Thank you,

Sorin

Original Message:
Sent: 7/30/2020 12:50:00 PM
From: Stephen Heider
Subject: RE: 550 5.7.1 Domain not authorized in forwarding mode

Hiya.

Please confirm your Cloud Service was originally setup to use ESS (Email Security.cloud). And then I would check this KB:
Emails rejected by DLP Cloud Service when sending messages from new domains

Domains need to be added to the ESS portal, and then they will be updated on the Cloud Service side afterward.

Cheers,
Stephen

------------------------------
Global Support Lead, DLP
Broadcom, Symantec Enterprise Division

Original Message:
Sent: 07-29-2020 09:23 AM
From: Sorin Alexandru Hasegan
Subject: 550 5.7.1 Domain not authorized in forwarding mode

How can be resolved the error "550 5.7.1 Domain not authorized" for the emails sent from MS365 to Cloud Detection Service for Email?
We need to use Forwarding mode in order to use the PBE add-on of the Email Security .cloud service.
The emails are accepted and everything is fine directly to Email Security .cloud

Thank you!

------------------------------
Information Security Consultant
Romania
------------------------------