TrendMicro HES (Hosted Email Security) is cloud-based hosted email
filtering service.
You can define rules, and in action, add "Notification" to
Accept/Reject/Quarantine policies.
I know they use AWS cloud, so it seems to be legit.
The only problem is that only customer (recipient) can issue a ticket on
their portal... :-/
Le 16/01/2020 à 08:57, Benoit Panizzon via mailop a écrit :
Hi Gang
I wonder if others have also started seing such emails:
Source:
Received: from routemea20.hes.trendmicro.eu (routemea20.hes.trendmicro.eu
[3.125.147.66])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by idefix.imp.ch (Postfix) with ESMTPS id A7510C008C
for <*HIDDEN*@imp.ch>; Wed, 15 Jan 2020 02:15:38 +0100 (CET)
Hosted on Amazon AWS. Of course they never react to inquiries.
But the PTR looks legit. So I assume they are indeed sent by Trendmicro.
Content:
-------------
From: <emailsecur...@hes.trendmicro.eu>
To:
Subject: Email quarantined
Date: Wed, 15 Jan 2020 00:51:57 +0000 (UTC)
An email sent to you has been placed in quarantine by Hosted Email Security
(HES).
-------------
Yes, this is all, not Link no hint what email we possibly could have
sent which could have caused this message. It's just 'out of the blue'.
Or do they 'backscattter' such a message to every single email them
receive?
Opened a Case with Trendmicro NOC about one week ago when this first
occurred. No reaction yet.
Mit freundlichen Grüssen
-Benoît Panizzon-
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
