Hi, I've whitelisted dropbox so I can use some aggressive rules to block phishing attacks involving dropbox. The problem I'm now having is legitimate dropbox accounts are being used to send malware with links to dropbox accounts to download these malicious files.
https://pastebin.com/raw/PFpJeYDX This email likely would have been tagged if it wasn't for being whitelisted by SPF. The language in the body is clearly spam. Does anyone have any recommendations on how to handle this? I found this because two of my users reported it. We can report it to dropbox, but that's after the fact.
