The email sent by one of our client (a well known Deutsche bank) to a skynet.be account, get a warning message "[Is deze mail veilig?] [Is this e-mail safe?] [Cet e-mail est-il sans danger?]". It was not the case previously. It is not spam as only client received them.
It seems that Skynet is protected by "IronPort Spam" and I looking to understand what is wrong with thus email.
Could you help me?
Part of the header:
X-IronPort-Outbreak-Delimiter: ------------ Suspicious threat disclaimer ends here ------------ X-IronPort-Original-Subject: TEST - Nieuwe obligaties bij Deutsche Bank X-IronPort-Redirect-Domain: secure-web.cisco.com/%(auth)s/%(url)s Subject: [Is deze mail veilig?] [Is this e-mail safe?] [Cet e-mail est-il sans danger?] TEST - Nieuwe obligaties bij Deutsche Bank X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AuAUzFzqyFNQqW+g/2dsb2JhbABDBgEPgkdHUlcBgnevMgGSIQQYAQaHYG8WdoIKAQGBfwIgHRsfDi8GAg0BCQICAgFyiEEBCJAwAYNkgyICk3h3hQiBd4lVAgFehhsRBoFDX4oKgjUBBxEBCYMFDzINBYE8gTKuH4NGOy8BgQsLAQEEAQ
Looking at the anti-spam score, I can advise that this was scored low - and did not trip on the scale of spam, or possible spam.
Something else has to be coming into play in order to have this pre-pend the subject modification. Seeing as that it isn't a standard [SPAM] or [SUSPECT SPAM], this most likely hitting something else in message processing -- perhaps based on subject?
Without full message tracking, would be hard to see where/why it is being tagged. It may be also that there is another outside/3rd party scanning occurring that is triggering.
I hope this helps!
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...