Microbe 6 Posted April 23 Share Posted April 23 Hi ESET Team, See the below concern of our client: Since earlier today I notice emails coming through with the subject line {disarmed} before the subject - this so far affects at least two different accounts. These are very standard emails and I don't know why these emails suddenly have this additional flag. Has anything changed in how Eset Endpoint Security is handling Email processing? I would like to ask, is there steps that we need about this case? Link to comment Share on other sites More sharing options...
Microbe 6 Posted April 24 Author Share Posted April 24 Hi ESET Team, I asked the client if they have existing Mail scanner, but he is not sure I am not sure how to answer the question about mail scanner. With respect to Eset, we are using Eset Protect Cloud for the office - the installation is standard and we did not set up anything special re mail scanning. Obviously once emails are downloaded to the relevant workstations, Eset Endpoint Security will scan. I attach a screenshot of how the "disarmed" subject line looks. I also attach a screenshot on how Web and Mail appears in my desktop. Most is greyed out, managed via cloud as standard. The change to have "disarmed" attached to the subject line started only yesterday and does not seem to affect all emails. I also attached the screenshot of the (disarmed subject line for your reference) SCREENSHOTS.zip Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,238 Posted April 24 Administrators Solution Share Posted April 24 The string is not added by ESET to the subject of email. The best I could find is the following explanation although without a reference to particular software that adds it: The {disarmed} flag in the subject line of a filtered email indicates the system has located a "Web Bug" or tracking code and has disabled it. A "Web Bug" is a piece of code attached to an email that is invisible to the reader, but sends tracking information to a remote server that would then keep track of information such as when you opened the email, what kind of computer you are using, what your IP address is and so forth which the sender (or sending server) could use to identify you. This type of tracking code is most often found in HTML "newsletters" and spam messages to track when users open and read their e-mails. The filters prevent that information from getting back to the sender to protect privacy. This helps prevent the further propagation of spam, because once an email address is verified as real, and that a human viewed it, the now-confirmed email address will tend to make its way to other senders. https://www.virtbiz.com/client/index.php?rp=/knowledgebase/14/Email-arrives-that-says-it-has-been-disarmed.html Link to comment Share on other sites More sharing options...
Microbe 6 Posted April 24 Author Share Posted April 24 Thank you Marcos, i will let our client know about the above information. Thank you very much! Link to comment Share on other sites More sharing options...
Recommended Posts