On 10/16/22 8:14 AM, Alex wrote:
Hi,
Hi,
What do you know about "Gmail confidential mode" emails?
Not much.
I'm starting to see a few of these come in to users now, and not sure how to treat them.
I think the /notification/ emails that Gmail sends for confidential messages are /probably/ benign.
My understanding is that the actual confidential message is retained on Google's system and that users navigate there using a web browser to see the confidential message.
As such, the /notification/ message that comes through your system is probably largely opaque.
They are sent through gmail, but require a one-time passcode sent to the recipient, so any potential threat is not transferred through the same email (or any email at all).
Yep.So there's nothing that your filtering system will have to detect and react to.
IMHO this is no different than a "Come check out my new fancy website!" email linking to a web page laden with malware. -- Eliding detection of suspect URLs.
The messages I've received were all tagged as spam due to bayes, but they otherwise have no other spam indicators.
I expect that the /notification/ emails will be fairly, if not quite, benign.
This doesn't appear to be anything new, but it's the first time I'm seeing it. Just thought I'd share and see if anyone had any input on how they're managing them.
:-) -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
