Email Clients

CPM monitors email transmitted through various email clients. CPM checks the email’s subject, body, and attachments for data identifiers. For a list of supported email clients, see:

http://docs.trendmicro.com/en-us/enterprise/data-protection-reference-documents.aspx

Monitoring occurs when a user attempts to send the email. If the email contains data identifiers, CPM will either allow or block the email.

You can define monitored and non-monitored internal email domains.

  • Monitored email domains: When CPM detects email transmitted to a monitored domain, it checks the action for the policy. Depending on the action, the transmission is allowed or blocked.

    Note: If you select email clients as a monitored channel, an email must match a policy for it to be monitored. In contrast, an email sent to monitored email domains is automatically monitored, even if it does not match a policy.

  • Non-monitored email domains: CPM immediately allows the transmission of emails sent to non-monitored domains.

    Note: Data transmissions to non-monitored email domains and to monitored email domains where "Monitor" is the action are similar in that the transmission is allowed. The only difference is that for non-monitored email domains, CPM does not log the transmission, whereas for monitored email domains, the transmission is always logged.

Specify domains using any of the following formats, separating multiple domains with commas:

  • X400 format, such as /O=Trend/OU=USA, /O=Trend/OU=China

  • Email domains, such as example.com

For email messages sent through the SMTP protocol, CPM checks if the target SMTP server is on the following lists:

  1. Monitored targets

  2. Non-monitored targets

  3. Monitored email domains

  4. Non-monitored email domains

This means that if an email is sent to an SMTP server on the monitored targets list, the email is monitored. If the SMTP server is not on the monitored targets list, CPM checks the other lists.

For emails sent through other protocols, CPM only checks the following lists:

  1. Monitored email domains

  2. Non-monitored email domains