IMAP long tag anomaly

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

IMAP long tag anomaly

L3 Networker

I know this was kind of asked here, and I was wondering if the best option would be to create a rule like the one mentioned in this post..

 

https://live.paloaltonetworks.com/t5/General-Topics/SMTP-long-MAIL-anomaly-Vulnerability-30392/m-p/2...

 

Since I am getting these almost everyday, and they seem to be always from one user account, and they happen to use gmail.

 

I also use gmail but I never seem to see my account as the "attacker" which I'm not sure why his account keep showing up as the attacker.

 

Should I just create the block rule and see if his email still works? He says he uses teh Windows Mail app with all gmail accounts.

1 REPLY 1

L3 Networker

A very smart network engineer I know informed me this is due to the way google changed the way their email system worked, and is caused when users who particularly use gmail with multiple folders will cause this Threat to be triggered.

 

He provided one of two options to help correct it. 

 

1) get my colleague to clean up his gmail. reduce folder, etc (not likly to happen)

 

2) adjust the profile monitor and change it so that particular vulnerability isn't alerted on, this leave it open to exploitation.

 

Both options are not great, thus at this point I'll simply have to ingore in.. *Sticks head in the sand*

 

Thanks for all the replies *Cough none*

  • 1858 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!