Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

The Outbreak Filter delayed an outgoing mail for 1 hour

In there a bug in the Outbreak Filter ?

A legitimate outgoing mail was identified as a scam,               quarantined, and after one hour released from the quarantine and deliver.

Can someone explain this ?

11 Dec 2013 07:46:41 (GMT +02:00) Message 95180558               scanned by Anti-Virus engine. Final verdict: Negative
11 Dec 2013 07:46:41 (GMT +02:00) Message 95180558               scanned by Outbreak Filters. Verdict: Positive
11 Dec 2013 07:46:41 (GMT +02:00) Message 95180558 Virus               Threat Level=3
11 Dec 2013 07:46:41 (GMT +02:00) Message 95180558               quarantined to Outbreak by Outbreak Filters rule. Scam:               Money Mule
11 Dec 2013 08:40:18 (GMT +02:00) SMTP delivery               connection (DCID 37207337) opened from Cisco IronPort               interface 132.68.225.13 to IP address 173.194.70.27 on               port 25.
11 Dec 2013 08:40:20 (GMT +02:00) Message 95180558               released from quarantine Outbreak after 3219 seconds.               Reason: expiration.
11 Dec 2013 08:40:20 (GMT +02:00) Message 95180558               released from all quarantines.

Many thanks,

Amihai, CIS-Technion

Everyone's tags (2)
606
Views
0
Helpful
0
Replies