Not sure which mail provider you are referring to, but more generally, Netskope does not scan HTTP GET requests for DLP. Which is how some email services handle saving drafts as you write.

However, this also allows data to be exfiltrated via URL query strings. I have raised this concern to Netskope before and, as far as I know this has not been addressed. Though, it has been well over a year since I last tested it.

We tested on both Gmail and Exchange. They both use HTTP POST requests so this DLP detection we assumed it should be supported by Netskope.

However, what surprised us is after 1 month back and forth, Support thinks this belongs to SMTP DLP module, instead of using NGSWG detection.

We understand that RFE could take a while to process and glad to know this also get other’s attention.

I would request escalation of the ticket, as that does not make any sense.

SMTP does not even come into play in this scenario.

​@AllenWu Please contact your local Netskope account team and mention this thread to them.  I believe we are/have added support for drafts on some of the more common providers but they require feature flags to enable.  Can you also DM me the support case so I can review? 

Possible also share the feature flag name so we can check with support if we have enabled it or not?

For all whom have same concern as I do,

Support said this should reach out to Netskope account team to raise an Enhancement Request (ER) for this feature.
So far, the name of this feature flag remain unclear.

​@AllenWu I have added internal notes to the support case but it looks like you have tested with the flag enabled already.  Just to confirm a few things, are you testing with Outlook, Gmail or something else? Additionally,  are you testing with the Outlook desktop application or web application?  

Outlook and web application.
Microsoft Office 365 Outlook.com

It said the activities like upload/download/edit/post/send/create support DLP.
ns#/cci/app_index_detail/index/2724