Solved

Netskope Email DLP with Mimecast

  • 20 February 2023
  • 2 replies
  • 37 views

  • Anonymous
  • 0 replies

Dear All  

 

I tried to setup Netskope Email DLP with Mimecast, however it seems like the message has not successfully deliver to mimecast MTA.

 

1. Configured SMTP settings (Domain, Tenant ID, Next Hop FQDN which is mimecast smart host, port)

2. Configured exchange flow connector to route message to Netskope smart host

3. Configured real time policy with action add X header: block when sensitive data is detect

4. Setup content examination definitions and policy from Mimecast when receive X header: block 

5. Test sending outbound email with sensitive info on the content. Tested sending another email without any sensitive info. (Both email had failed to deliver to recipient)

6. Checked on SKope IT > Alerts > noticed that Email DLP policy has triggered with email consisted of sensitive info.

7. Checked on Mimecast message tracking, however did't receive any message (for both sensitive and without sensitive message)

 

Is there any steps that I miss out?

 

Thank You

icon

Best answer by sshiflett 23 February 2023, 19:40

View original

2 replies

Userlevel 6
Badge +16

Good afternoon!

There is actually one more step with Mimecast.  By default Mimecast only accepts mail from Office365.  Since the mail is coming from Netskope, Mimecast is likely dropping it.  You can open a case with Mimecast to have your account added to their mechanism for allowing emails from Netskope:

 

  • Mimecast - If you have a Mimecast MTA, the Mimecast tenant must be moved to the Netskope umbrella account. Please reach out to Mimecast support for assistance.

This is my first suspcion but if this persists following the change or you've already performed this step, then I'd suggest a support case with Netskope to verify that emails are being properly forwarded.

 

Source:
https://docs.netskope.com/en/configure-the-upstream-mta-to-use-netskope-headers.html

Hi Sam Shiflett

 

Thanks for your response. The issue was resolved after added Netskope IP range into Mimecast authorized outbound.

 

 

Reply