Monitoring/Blocking data sent to external domains through Web-email Clients
I wanted to monitor the data moving from our internal mail domain to external mail domains.
I have successfully created and tested an email protection rule which monitors/blocks data sent to external mail domains like gmail etc . but I am unable to do the same with Web application mail clients.
I tried creating WEB protection rule but it is only allowing me to monitor sensitive data being posted like the user visits the particular Web-app( say outlook web)and paste something there and hit send if the classification criteria matches it will block/monitor that particular data as per the configured policy.
Now what I want to do is regardless of what sensitive/insensitive content is being posted, If it is sent to gmail or any other domain, incident must be generated in the incident manager.