DLP rules fail to fire on some messages with double byte content
Last Updated November 04, 2013
When using the Symantec Messaging Gateway (SMG) data loss protection (DLP) integration with Symantec DLP Prevent, the data loss prevention rules in Messaging Gateway (SMG) do not always filter messages which include double byte character set (DBCS) content.
This is a known issue with some versions of DLP Prevent.
Inspection of messages with DBCS content which are not filtered as expected show that they contain the X-CFilter-Loop header indicating that they were processed by DLP Prevent but do not contain the X-dlp-policyid or X-dlp-uniquemessageid headers. This means that while DLP processed the message, the expected DLP Prevent rules did not match the message.
Note: this issue does not appear to affect HI-ASCII encoded content and is limited to an intermittant issue with DBCS content.
This is a known issue with some versions of DLP Prevent and will be addressed in a future release of that product.
Please subscribe to this article to not automatically notified of any updates.
Imported Document ID: TECH211476
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe