The following table lists the mapping relationships between event types in the request and response.
|
Requested Event Type |
Returned Event Type |
Returned Event Subtype |
Sample of Returned details Parameter |
|---|---|---|---|
|
anti_spoof |
Domain-based Authentication |
Sender IP Match |
- |
|
SPF |
|||
|
DKIM |
|||
|
DMARC |
|||
|
DMARC - SPF |
|||
|
DMARC - DKIM |
|||
|
DMARC - Alignment |
|||
|
DMARC - Availability |
|||
|
threat |
Malware |
Predictive Machine Learning |
{
"threatNames": "Troj,SPY",
"fileInfo": [{
"fileName": "file1",
"fileSha256": "abcd1234dae60bcae54516be6c9953b4bb9644e188606ceac00feebf95bbf10e",
"threatName": "Troj,SPY"
}
]
}
|
|
Pattern-based scanning |
|||
|
Ransomware |
- |
|
|
|
Suspicious Objects |
Suspicious Files |
{
"fileInfo": [{
"fileName": "file1",
"fileSha256": "abcd1234dae60bcae54516be6c9953b4bb9644e188606ceac00feebf95bbf10e"
}
]
}
|
|
|
Suspicious URLs |
{
"urlInfo": [{
"url": "http://example.com",
"extractType": "body"
}
]
}
|
||
|
Advanced Persistent Threat |
Analyzed Advanced Threats (Files) |
{
"riskLevel": "3",
"fileInfo": [{
"fileName": "file1",
"fileSha256": "abcd1234dae60bcae54516be6c9953b4bb9644e188606ceac00feebf95bbf10e",
"riskLevel": "3"
}
]
}
|
|
|
Analyzed Advanced Threats (URLs) |
{
"riskLevel": "3",
"urlInfo": [{
"url": "http://example1.com",
"extractType": "attachment",
"attachmentName": "file1.zip",
"attachmentSha256": "30ce5b4bd4e74f258fea84746b18fdc4790828fc256419b51bf8bcc7e4d38ecc",
"riskLevel": "3"
}
]
}
|
||
|
Probable Advanced Threats Note:
The details parameter is returned only when the threat is detected by Social Engineering Attack Protection. |
{
"spamReport": {
"enginePatternVersion": "9.0.0.1006;27324006",
"spamResultHeader": "11-12.747600-7.000000",
"spamRidHeader": "wjdoQEOKyrY5rof3b4z0VOZgbl4O3Ko30zWxVR+05p1F5bM86HNXD6PFjJEFr+olq+Ty"}
}
|
||
|
Scan Exception |
Virtual Analyzer scan exception |
- |
|
|
Virtual Analyzer submission quota exception |
|||
|
Password protected attachment |
|||
|
Other exceptions |
|||
|
Web Reputation |
- |
{
"urlInfo": [{
"url": "http://example1.com",
"extractType": "attachment",
"attachmentName": "file1.zip",
"attachmentSha256": "abcd1234dae60bcae54516be6c9953b4bb9644e188606ceac00feebf95bbf10e"
}, {
"url": "http://example2.com",
"extractType": "attachment",
"attachmentName": "file2.zip",
"attachmentSha256": "ace8f873c55a3c0ee1d54a2dd1864a47bee3aab36cbeccd0a417e87054758756"
}
]
}
|
|
|
spam |
Spam |
- |
{
"spamReport": {
"enginePatternVersion": "9.0.0.1006;27324006",
"spamResultHeader": "11-12.747600-7.000000",
"spamRidHeader": "wjdoQEOKyrY5rof3b4z0VOZgbl4O3Ko30zWxVR+05p1F5bM86HNXD6PFjJEFr+olq+Ty"}
}
|
|
Graymail |
Marketing message and newsletter |
||
|
Social network notification |
|||
|
Forum notification |
|||
|
Bulk email message |
|||
|
phishing |
Phishing |
- |
{
"spamReport": {
"enginePatternVersion": "9.0.0.1006;27324006",
"spamResultHeader": "11-12.747600-7.000000",
"spamRidHeader": "wjdoQEOKyrY5rof3b4z0VOZgbl4O3Ko30zWxVR+05p1F5bM86HNXD6PFjJEFr+olq+Ty"}
}
|
|
Business Email Compromise (BEC) |
Detected by Antispam Engine |
||
|
Detected by writing style analysis |
|||
|
Suspected by Antispam Engine |
|||
|
content_filter |
Content |
- |
- |
|
Attachment |
- |
||
|
dlp |
Data Loss Prevention |
- |
- |