Email / SMTP Test

Test your DLP solution's ability to detect sensitive data in outbound email messages and attachments.

How Email DLP Works: Email DLP solutions typically deploy a Mail Transfer Agent (MTA) between your mail server and the email gateway. This MTA inspects outbound messages and attachments for sensitive content matching your DLP policies. Some solutions also integrate directly with email providers like Microsoft 365 or Google Workspace via API.

Email Test Instructions

1

Download Sample Data

Copy the sample sensitive data from the tabs below or download sample files from the Sample Data page. These contain synthetic PII, PCI, and PHI data.

2

Compose an Email

Open your email client and compose a new message. Paste the sample data into the email body or attach the downloaded files. Address it to a test recipient.

3

Send & Monitor

Send the email and check your DLP console for alerts. The DLP solution should detect the sensitive content and create an incident based on your configured policies.

Sample Email Body Content

Copy the content below and paste it into an email body to test your email DLP policies.

Confidential Employee Records - Q4 2024

Name: John A. Smith
SSN: 078-05-1120
Date of Birth: 01/15/1985
Department: Engineering

Name: Jane B. Doe
SSN: 219-09-9999
Date of Birth: 03/22/1990
Department: Marketing

Name: Robert C. Johnson
SSN: 323-45-6789
Date of Birth: 07/04/1978
Department: Finance
Customer Payment Information

Cardholder: John Smith
Card Number: 4111-1111-1111-1111
Expiration: 12/2026
CVV: 123
Type: Visa

Cardholder: Jane Doe
Card Number: 5500-0000-0000-0004
Expiration: 06/2027
CVV: 456
Type: Mastercard

Cardholder: Bob Wilson
Card Number: 3400-000000-00009
Expiration: 09/2025
CVV: 7890
Type: American Express
Patient Medical Record

Patient: James T. Anderson
MRN: MRN-2024-78456
DOB: 05/12/1965
Diagnosis: Type 2 Diabetes Mellitus (E11.9)
Secondary: Essential Hypertension (I10)
Health Plan ID: HP-882931-A
Provider: Dr. Emily Chen, MD
Prescription: Metformin 500mg twice daily
Lab Result: HbA1c 7.2%
Next Appointment: 03/15/2025
INTERNAL MEMO - STRICTLY CONFIDENTIAL

To: HR Department
From: Payroll Division
Subject: Employee Verification Data

Employee: Sarah M. Williams
SSN: 167-23-4567
Email: sarah.williams@example.com
Phone: (555) 234-5678
Bank Account: 021000021 / 123456789012
Annual Salary: $87,500

Please verify the above information before processing
the direct deposit change request.

Ref: HR-2024-0892

Email DLP Test Scenarios

Test each of the following scenarios to thoroughly validate your email DLP deployment.

Body Content

Paste sensitive data directly into the email body. DLP should scan the message text for patterns like SSN, credit card numbers, and PHI.

Attachment Scanning

Attach files containing sensitive data (PDF, DOCX, XLSX, CSV). DLP should extract and inspect file contents before delivery.

Subject Line

Include sensitive data or classification keywords in the subject line. Some DLP policies also inspect email headers and subject fields.

Compressed Attachments

Place sensitive files inside ZIP or RAR archives and attach them. Advanced DLP solutions should decompress and scan archive contents.

External vs Internal

Send the same content to both internal and external recipients. Many DLP policies differentiate based on recipient domain.

BCC/CC Testing

Add recipients in the BCC and CC fields. Verify that DLP inspects all recipient fields, not just the primary "To" address.