|Email Plug-in (Reporting):||1.1.0-114|
|Email Plug-in (Encryption):||1.2.1-118|
i often get the following alert message from or ESA.
How can i check which email is affected or what does the error message exactly mean? Thanks for your help.
The Info message is:
Retrospective verdict received. SHA256: 48e556de275d4917be7556a337ae390e4eb3133fc2c7fcbd3e32ce2304e81efb, Verdict: malicious, Reputation Score: 0, Spyname: W32.Auto.48e556.MASH.SR.SBX.VIOC
Serial Number: 4222DBC341F4D7E4D812-A8A488F3B03D
Timestamp: 23 May 2016 15:27:47 +0200
To learn more about alerts, please visit our Knowledge Base. In many cases, you can find further information about this specific alert. Please click the Knowledge Base link after logging into our Support Portal at:
Solved! Go to Solution.
You have received this message because most likely you have configured your appliance to send "Anti-Virus and AMP" alerts at Info level.
You can review your configuration from the webUI(GUI) > System Administration > Alerts.
Informational alerts are generated in the routine functioning of this device. Said that, the message you received simply indicates that AMP is working as expected and classified an email with Verdict: malicious.
So everything is running fine, it's just an informational Alert.
Do you know if there is an easy way to track who would have received the message that now contains the malicious attachment.?