Medium
Alert ID:
41950
First Published:
2015 November 5 14:40 GMT
Version:
1
Summary
Email messages that are related to this threat (RuleID19199) may contain the following files:
Name | Size in Bytes | MD5 Checksum |
---|---|---|
6305093.zip / 6305093.scr | ||
31,744 | ||
0x6A4CCE90BA28720FA9E6813F681B1F75 |
The following text is a sample of the email message that is associated with this threat outbreak:
> Subject: Undeliverable: Email from Transport for London
Message Body:
Your message couldn’t be delivered to multiple recipients. A custom mail flow rule created by an admin at preferredpump.com has blocked your message. The message content is not accepted at this domin. Blocked by mail flow rule Couldn’t deliver to the following recipients: How to Fix It An email admin at preferredpump.com has created a custom mail flow rule that blocks messages that meet certain conditions, and it appears that your message has met one or more of those conditions. Check the text above for a custom message from the email admin that may help explain why your message was blocked and how you might be able to fix it. For example, removing prohibited words from the message or sending the message from a different email account may be sufficient to deliver your message. If you’ve tried and you’re still not able to fix the problem, consider contacting the email admin at preferredpump.com to discuss what to do. While they’re unlikely to remove or relax the rule, if you have a legitimate need to deliver your message they may offer guidance for how to do so. More Info for Email Admins Status code: 550 5.7.1_ETR This error occurs because an email admin at preferredpump…com has created a custom mail flow rule that has blocked the sender’s message. In some cases, the sender can change the message so it no longer violates the rule. However, depending on the rule’s conditions, it’s possible that the only way to deliver the message is to change the rule itself, and only an email admin at preferredpump.com can do that. Although it’s possible the rule is unintentionally flawed or it’s stricter than the admin intended, it may be working exactly as they want it to. Original Message Details Created Date: 11/4/2015 12:37:13 PM Subject: Email from Transport for London Error Details Reported error: the message was rejected by organization policy
Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.
Related Links
Cisco Security
Cisco SenderBase Security Network
Revision History
* Version | Description | Section | Date |
---|---|---|---|
1 | Initial Release | 2015-November-05 14:40 GMT | |
Show Less |
Legal Disclaimer
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products