An attack source is the first MTA with a public IP address that routes a
suspicious message. For example, if a suspicious message travels the
following route: IP1 (sender) > IP2 (MTA: 225.237.59.52) > IP3
(company mail gateway) > IP4 (recipient), Deep Discovery Email
Inspector
identifies 225.237.59.52 (IP2) as the attack source. By studying attack
sources, you can identify regional attack patterns or attack patterns that
involve the same mail server.
The table shows detections based on the selected time period. Click a number
under Detections or High Risk Messages to learn more
about the detections. Detections includes all detected email messages,
including high-risk messages.
Click View all attack sources to see all detected attack sources over
the selected time period.
 |
NoteA dash (-) indicates that the location information is not
available.
For example, if Deep Discovery Email
Inspector is unable to obtain a public IP address from the message
routing information, no location information is available.
|
For general widget tasks, see Widget Tasks.