Would like to suggest a feature that would notify you if your email domain has been blacklist on services such spamhaus. It would be similar to how the harvested credentials notifications are triggered.
Heath
1 Like
Hi Heath,
I like the idea, I’ll submit a feature request on your behalf.
I just wanted to mention, the Harvested Credentials alert is different to our Account leak alert,
our built in alert for Harvested Credentials will trigger based on a series of authentication attempts to multiple unique accounts from a single unusual location. IDR will learn the typical egress IPs for your corporate network during its baselining period and these IPs should not alert for Harvested Credentials.
The Account Leak UBA alert is what I think you are referring to which will trigger if any user account (email address) IDR is aware of has been involved in a known breach/leaked credentials list. A user’s credentials may have been leaked to the public domain.
David
Can you share a little more detail as to why this feature would be an added value, and what would you intend to do with the information if you were provided with a notification about the user? I’ll use this in writing up the feature request.
Also, typically the best route to raise an enhancement request is through the support portal, via a support ticket. But I’m all for open discussion too, as this allows others to chime in with their ideas and suggestions.
Thanks
David
Hi David,
Thanks for the reply. You are correct. I was referring to the “Account Leak UBA alert” functionality.
Recently we had an email issue where our domain ended up blacklisted due to a device on our network. We eventually found the problem, but it took a while to pinpoint where exactely the issue was occuring. It would have been nice to get an alert or see in the dashboard that our domain ended up on a naughty list. My thought is that this would have provided a quicker time to resolution.
I also agree it is worthwhile posting feature requests on a public forum so that others can provide additional use cases or feedback.
Cheers!
Heath