To enable server-side interactive warnings, the Exchange Server Agent (ESA) must exist on each Hub Transport (HT) server (Exchange 2007 or 2010) or each Mailbox server (Exchange 2013\2016). The following is an example of the SSW routing behavior.
Step 1: A user sends an e-mail from Exchange OWA (Outlook Web Access) or mail client where the Data Protection client is not installed.
Step 2: A Hub Transport HUB (HT1) receives the mail which is passed to a Policy Engine and processed accordingly. If the policy action triggerss a warning, the event is called back into the HUB and a warning e-mail is generated.
While creating the warning mail, Data Protection applies an algorithm using Message ID + Host ID (IP address of HT1 intercommunication IP Address) this unique ID is inserted in Subject line. For example; CA DLP Advisory [ID=FJDCLHHNPNVBQNBCBW]
Step 3: When the user replies to the warning e-mail the mail can reach to any HUB Transport.
Step 4: The HUB Transport that receives the message applies a reverse algorithm on the unique ID to get IP address and Message ID.
Step 5: The Data Protection code compares the decoded IP address with its internal Host id and if it matches, then it will process the mail (release).
Step 6: If it does not match then, it will send a messages to the IP address extracted from the Unique ID along with message ID. This inter communication between Data Protection Exchange Server Agents (ESA's) is sent over a dynamically allocated port and received by the listening port assigned to the "IntercomPort" specified in the registry (defaults to 8102).
Note: All "IntercomPort" listening port addresses must be set the same on all ESAs.
Step 7: When the originating HUB receives the release request the original e-mail is released.