How does CA Data Protection (DataMinder) map email events to a specific user?
CA Data Protection (DataMinder) uses different mechanisms for identifying or differentiating between users, depending on the agent and the method of capture.
Outlook Endpoint Agent
In order for an Endpoint Agent to apply policy triggers, it needs to identify the user and load the correct user policy. The Data Protection Agent for MS Outlook uses the Windows NetBios network account name (i.e. DOMAIN\username) as the primary identifier.
A Data Protection user should consist of a network account name populated with the users email addresses. When Outlook is launched the network account name is used to load the users policy and any events that trigger policy are associated with the users email address.
Before a policy engine can apply policy triggers to an intercepted e-mail, it needs to map the sender's e-mail address to a CA Data Protection user. The mapping identifies the e-mail owner and determines which policy to apply.
Where an email sender or recipient address is populated in the Data Protection (DataMinder) Hierarchy this is mapped to the internal user and the appropriate user policy is loaded/ applied. Where the address is not known but matches the internal e-mail address pattern (i.e. domain.com) the "unknowninternalsender" policy is applied or where the address does not match either a defined Data Protection (DataMinder) user or the internal e-mail address pattern does not match then the "ExternalSender" policy is applied.
For more information of address mapping please refer to the CA Data Protection (DataMinder) product documentation.