Email Headers Check - Generic
This playbook executes one sub-playbook and one automation to check the email headers: - **Process Microsoft's Anti-Spam Headers** - This playbook stores the SCL, BCL and PCL scores if they exist to the relevant incident fields (Phishing SCL Score, Phishing PCL Score, Phishing BCL Score). - **CheckEmailAuthenticity** - This automation checks email authenticity based on its SPF, DMARC, and DKIM.
Common Playbooks · 9 tasks · 2 inputs · 2 outputs
Inputs
AuthenticateEmail— Whether the authenticity of the email should be verified using SPF, DKIM and DMARC.CheckMicrosoftHeaders— Whether to Check Microsoft headers for BCL/PCL/SCL scores and set the "Severity" and "Email Classification" accordingly.
Outputs
Email.AuthenticityCheck— Possible values are: Fail / Suspicious / Undetermined / PassEmail.MicrosoftHeadersSeverityCheck— Possible Values: Medium: PCL or BCL scores are equal to or greater than 4. High: BCL score is equal to or greater than 8.
Commands used
setIncident