Cybersecurity
DevOps Cloud
IT Operations Cloud
OpenText product name changes coming to the community soon! Learn more.
Spam by-passing text filters that should hit on subjects.
Spammers are encoding the subject and SMG does not decode the subject prior to running text filters.
The actual solution would be for SMG to decode subjects. But here is a workaround for the problem.
Create a separate text filter (I called mine "Encoded Subjects" so I could easily see it in the QMS and Message Tracker). Select "Look in message header" and add the criteria
Subject: =?UTF-8?B?
This will block encoded subjects that use the UTF-8 character set. What we found was that the people we do business with are not going to encode subjects. It is typically spammers trying to get past filters or social media sites trying to get cute with subject line emojis.
The day after setting up the filter, I checked the QMS (it is easy to filter on the rule) and reviewed the blocked emails. All were spam except for one business related social media site. It was easy enough to make an email address exception to attach to my rule to allow that one social media site through.