When your Security rules are set to block emails and notify the recipients when an issue occurs a notification email like this one below will be sent:
Below you can find an explanation of the information found in the notification.
This is the value of the "Date" header in the original email. This date represents when the email was originally sent in UTC timezone.
The date in the notification email is not the same as the date in the email history. The date in the email history is the date Email Gateway Security received or modified the email.
Message id is a unique id for every email generated by email clients or mail servers. Some email clients can omit generating a message id so if the original email does not have it then "N/A" will be displayed. This id can be used to easily track down the email in different parts of it's flow. You can also use this id in the search fields in the Web Management Console to locate emails.
I f an email without a valid message-id is quarantined Email Gateway Security will automatically generate a unique message-id for the email.
The value of the sender email address specified in the MAIL FROM command sent by the remote MTA . It is used to identify who submitted the message. This is usually the same as the From header (which is who the message is from) but it can differ in some cases where a mail agent is sending messages on behalf of someone else.
The value of the original email's "From" header. This identifies who the message is from.
The value of the original email's "To" header.
The value of the original email's "CC" header.
The subject of the original email (value of the "Subject" header).
Result will show the main reason about why the email was blocked. This is often the scan result from the MetaDefender Core but it can be anything else, like a failed sanitization.
Scan result contains a link for viewing the public scan details on the given MetaDefender Core where the scan took place.