Originating IP Address Visibility
We need to be able to see the originating IP address for all malware-containing email. Currently, the originating IP address is completely unavailable.
This is a security software product, and yet the the most basic item of an email, the originating IP address, is not available, at all, anywhere! How do you expect accurate forensics to be conducted? How can we trace down where malware actually came from? Domain names can be easily spoofed. IP addresses are much more difficult to spoof.
This should have been built in since day one!
Matthew Larrivee commented
Agreed as well, should be a basic requisite
Jie Hu commented
Sometimes our mail server receives over 200,000 email per day. The GrayList does great job but it's not enough, I'd like to know the sender's IP in the Log/Dashboard page then I can block them in the firewall level in order to increase the server performance.
Please kindly help.
Jonathan Fischer commented
[Comment date: 2015-01-27]
We need this going forward to be able to meet some newly minted regulatory reporting requirements. This is rapidly turning into a must-have line-item, at least for us.