Data Loss Prevention

Hello everybody,

 

I want to configure SMTP settings on the DLP, the company is using office 365 for email. We created a new user on the office365s like dlp@mycompany.com, and give it a password, we can successfully login with this acoount and see inbox. And enforce server succesfully telnet smtp.office365.com on port 587. Then we configured smtp settings on enforce like;

Server : smtp.office365.com

System mail: dlp@mycompany.com

User ID : dlp@mycompany.com

Password: <pasww of dlp@mycompany.com>

And In the Reports and Alerts section, we selected "Send report data with emails"

 

After that, we created a new alert,

In the alert we configured to send email notification when event ID 2112 is occured. (Lookup Plugin reload event id). After this configuration we reloaded lookup plugin and saw this event on the enforce server; but there is no email notification. 

 

Is this correct? Or do I need to configure anything other than I mentioned above?

 

Hi Emre,

 

What version of DLP are you using? This will help me determine what could be going wrong.

 

Thanks

 

Alan

Hi Emre,

When you configured the Alert for Event 2112, you only added a single condition for the event 2112 right ?

I'm assuming that you are able to successfully received other email notifications for reports and only for this specific alert you are not receiving any email notificaiton.

I've tested this scenario on my Lab of DLP 15.5 where i configured the SMTP Server settings and then added an Alert for an event and the email notification was successfully sent.

Kind regards

Hello,

 

Our DLP version is 15.1 MP1. Due to oracle version we cannot upgrade to DLP 15.5. And yes we only configured to event id 2112. When the event id 2112 is logged, it should send the notification email, but won't work. Does DLP enforce use 25 SMTP port number? Do I need to change it to 587? If so, where can I change the default port number?

 

Thanks

Hi Emre ,

DLP Enforce can only send emails on port 25 by default .  

Have you tried to whitelist port 587 on the Server level firewall where Enforce is installed, You may give that a shot ?

In order to change the port , You will have to update it at the schema level on DB. Recommend you to open support case with Symantec . They should have this infomation under the existing Enhancement request for this feature .

 

Cheer's

Ridhi Singh 

Hello Ridhi,

 

Thanks for your recomendation. port 587 is open on the server level (I can successfully telnet on port 587). Then I will create a support case.

 

Thank you.

Hello Emre,

 

Please follow below action plan to fix the issue -

 

In order to send email to office365 SMTP account we need to install SMTP server on enforce server, which we did install by performing below steps -

Step 2: Install SMTP
Open Server Manager and select Add Roles and Features.

Select Server Selection and make sure that the server that will be running the SMTP server is selected and then select Features.

On the Select Features screen, choose SMTP Server. You may be prompted to install additional components. If that's the case, select Add Required Features and select Next.

Select Install. After the installation is finished, you may have to start the SMTP service by using the Services snap-in for the Microsoft Management Console (MMC).

Step 3: Set up SMTP
Open Server Manager, select Tools, and then select Internet Information Services (IIS) 6.0.

Expand the current server, right-click the SMTP Virtual Server, and then select Properties.

On the General tab, select Advanced > Add.

In the IP Address box, specify the address of the server that's hosting the SMTP server.

In the Port box, enter 587 and select OK.

On the Access tab, do the following:

Select Authentication and make sure that Anonymous Access is selected.

Select Connection > Only the List Below, and then specify the IP addresses of the devices that will be connecting to the SMTP server, such as printers.

Select Relay > Only the List Below, and then specify the IP address of the devices relaying through this SMTP server

On the Delivery tab, select Outbound Security, and then do the following:

Select Anonymous Authentication.

Select TLS Encryption.

Select Outbound Connections, and in the TCP Port box, enter 587 and select OK.

Select Advanced and specify petgaz-com-tr.mail.protection.outlook.com as the Smart Host.

Step 4: Restarted the IIS service and the SMTP service.

 

Thanks and Regards,

Namrata Javane

Hello Namarta,
since this thread is from 2019 i wondered if there is a better way sending email notification with Office 365..?
i installed DLP version 15.8MP2 and didnt manage to configure that from the GUI.

appreciate your help,
Thanks
Original Message:
Sent: Aug 21, 2019 10:25 AM
From: Namrata Javane
Subject: DLP Enforce SMTP settings with Office 365 mail

Hello Emre,

 

Please follow below action plan to fix the issue -

 

In order to send email to office365 SMTP account we need to install SMTP server on enforce server, which we did install by performing below steps -

Step 2: Install SMTP
Open Server Manager and select Add Roles and Features.

Select Server Selection and make sure that the server that will be running the SMTP server is selected and then select Features.

On the Select Features screen, choose SMTP Server. You may be prompted to install additional components. If that's the case, select Add Required Features and select Next.

Select Install. After the installation is finished, you may have to start the SMTP service by using the Services snap-in for the Microsoft Management Console (MMC).

Step 3: Set up SMTP
Open Server Manager, select Tools, and then select Internet Information Services (IIS) 6.0.

Expand the current server, right-click the SMTP Virtual Server, and then select Properties.

On the General tab, select Advanced > Add.

In the IP Address box, specify the address of the server that's hosting the SMTP server.

In the Port box, enter 587 and select OK.

On the Access tab, do the following:

Select Authentication and make sure that Anonymous Access is selected.

Select Connection > Only the List Below, and then specify the IP addresses of the devices that will be connecting to the SMTP server, such as printers.

Select Relay > Only the List Below, and then specify the IP address of the devices relaying through this SMTP server

On the Delivery tab, select Outbound Security, and then do the following:

Select Anonymous Authentication.

Select TLS Encryption.

Select Outbound Connections, and in the TCP Port box, enter 587 and select OK.

Select Advanced and specify petgaz-com-tr.mail.protection.outlook.com as the Smart Host.

Step 4: Restarted the IIS service and the SMTP service.

 

Thanks and Regards,

Namrata Javane

Just wanted to update that I succeeded with configure SMTP notification with office 365.
I used the MX record as the host name and that worked for me.

Moshe
Original Message:
Sent: May 19, 2022 10:18 AM
From: Moshe Dadush
Subject: DLP Enforce SMTP settings with Office 365 mail

Hello Namarta,
since this thread is from 2019 i wondered if there is a better way sending email notification with Office 365..?
i installed DLP version 15.8MP2 and didnt manage to configure that from the GUI.

appreciate your help,
Thanks
Original Message:
Sent: Aug 21, 2019 10:25 AM
From: Namrata Javane
Subject: DLP Enforce SMTP settings with Office 365 mail

Hello Emre,

 

Please follow below action plan to fix the issue -

 

In order to send email to office365 SMTP account we need to install SMTP server on enforce server, which we did install by performing below steps -

Step 2: Install SMTP
Open Server Manager and select Add Roles and Features.

Select Server Selection and make sure that the server that will be running the SMTP server is selected and then select Features.

On the Select Features screen, choose SMTP Server. You may be prompted to install additional components. If that's the case, select Add Required Features and select Next.

Select Install. After the installation is finished, you may have to start the SMTP service by using the Services snap-in for the Microsoft Management Console (MMC).

Step 3: Set up SMTP
Open Server Manager, select Tools, and then select Internet Information Services (IIS) 6.0.

Expand the current server, right-click the SMTP Virtual Server, and then select Properties.

On the General tab, select Advanced > Add.

In the IP Address box, specify the address of the server that's hosting the SMTP server.

In the Port box, enter 587 and select OK.

On the Access tab, do the following:

Select Authentication and make sure that Anonymous Access is selected.

Select Connection > Only the List Below, and then specify the IP addresses of the devices that will be connecting to the SMTP server, such as printers.

Select Relay > Only the List Below, and then specify the IP address of the devices relaying through this SMTP server

On the Delivery tab, select Outbound Security, and then do the following:

Select Anonymous Authentication.

Select TLS Encryption.

Select Outbound Connections, and in the TCP Port box, enter 587 and select OK.

Select Advanced and specify petgaz-com-tr.mail.protection.outlook.com as the Smart Host.

Step 4: Restarted the IIS service and the SMTP service.

 

Thanks and Regards,

Namrata Javane

Hello Namrata,

 

Sorry for late answer :( Thank you for your support. It was a pleasure to me work with you this issue. I marked your post as solution. 

 

Thank you again.