Due to a Gmail limitation,
SaaS Security
generates two
Email DLP logs () when a quarantined email is allowed. The first
Email DLP log describes the initial outbound email blocked by
Email DLP. The second Email DLP log describes the allowed
outbound email that is sent back to
Enterprise DLP
to add
x-panw-inspected: true
and
x-panw-action: monitor
to the
email header before it continues on its path to the intended
recipient.