{"id":296860,"date":"2024-07-02T13:26:00","date_gmt":"2024-07-02T11:26:00","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=296860"},"modified":"2024-08-23T21:56:02","modified_gmt":"2024-08-23T19:56:02","slug":"hornetsecurity-sortiert-microsoft-exchange-mails-in-quarantne-2-7-2024","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2024\/07\/02\/hornetsecurity-sortiert-microsoft-exchange-mails-in-quarantne-2-7-2024\/","title":{"rendered":"HornetSecurity sortiert Microsoft Exchange-Mails in Quarant&auml;ne (2.7.2024)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Gmail\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2016\/07\/Mail.jpg\" alt=\"Mail\" width=\"88\" height=\"64\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/borncity.com\/win\/2024\/07\/03\/hornetsecurity-quarantines-microsoft-exchange-emails-july-2-2024\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Kurzer Rundruf an die Administratoren unter der Blog-Leserschaft, die HornetSecurity einsetzen, um Mails z.B. in Microsoft Exchange) zu filtern. Ein Leser informierte mich, dass die betreffenden Mails (f\u00fcr Exchange gleich in Quarant\u00e4ne wandern. Auf der Statusseite von HornetSecurity gibt es aktuell nur einen Degraded Performance-Hinweis. Erg\u00e4nzung: Zwischenzeitlich hei\u00dft es, dass der Anbieter mit Microsoft in Kontakt stehe.<\/p>\n<p><!--more--><\/p>\n<h2>Ein Leserhinweis<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg09.met.vgwort.de\/na\/4fe0137a213b41488a44a0420c99aecb\" alt=\"\" width=\"1\" height=\"1\" \/>Der Dienst von HornetSecurity wird von Unternehmen eingesetzt, um Mails auf Spam und Viren zu filtern (siehe auch <a href=\"https:\/\/web.archive.org\/web\/20240301202046\/https:\/\/www.hornetsecurity.com\/de\/services\/spamfilter-email-malware-protection\/\" target=\"_blank\" rel=\"noopener\">diese Unternehmensseite<\/a>). Erkannte Bedrohungen oder Spam sortiert der Dienst dann in Quarant\u00e4ne ein. Ein Blog-Leser hat sich vor einigen Minuten gemeldet (danke daf\u00fcr), weil HornetSecurity alle Mails in Quarant\u00e4ne schiebt.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" title=\"HornetSecurity: Quarant\u00e4nedetails f\u00fcr Mail\" src=\"https:\/\/i.postimg.cc\/FK0fj9gn\/image002.png\" alt=\"HornetSecurity: Quarant\u00e4nedetails f\u00fcr Mail\" width=\"519\" height=\"260\" \/><\/p>\n<p>Hier noch ein weiterer Screenshot mit den betreffenden Zustelldetails.<\/p>\n<p><img decoding=\"async\" title=\"HornetSecurity: Zustelldetails f\u00fcr Mail\" src=\"https:\/\/i.postimg.cc\/0jr8Pwx3\/image003.png\" alt=\"HornetSecurity: Zustelldetails f\u00fcr Mail\" \/><\/p>\n<p>Das passiert pl\u00f6tzlich wohl bei allen E-Mails, die durch HornetSecurity gefiltert werden &#8211; alles landet wegen Phishing-Verdacht in der Quarant\u00e4ne.<\/p>\n<p><img decoding=\"async\" title=\"HornetSecurity: Liste der Mails\" src=\"https:\/\/i.postimg.cc\/4NkJrnq8\/image004.png\" alt=\"HornetSecurity: Liste der Mails\" \/><\/p>\n<p><img decoding=\"async\" title=\"HornetSecurity: Freigabestatus der Mails\" src=\"https:\/\/i.postimg.cc\/h40yq53H\/image005.png\" alt=\"HornetSecurity: Freigabestatus der Mails\" \/><\/p>\n<p>Der Leser hat das telefonisch bei HornetSecurity gemeldet. Deren Statusseite lieferte zu diesem Zeitpunkt nur eine \"Degraded Performance\"-Meldung.<\/p>\n<p><img decoding=\"async\" title=\"HornetSecurtiy: Degraded Performance\" src=\"https:\/\/i.postimg.cc\/BbdcC2vf\/image.png\" alt=\"HornetSecurtiy: Degraded Performance\" \/><\/p>\n<p>Kann das noch jemand feststellen? Vom Leser habe ich nur den Hinweis, dass HornetSecurity sich mit Microsoft ins Benehmen setzen will. Erg\u00e4nzung: Inzwischen gibt es bei HornetSecurity eine Erg\u00e4nzung der Statusseite:<\/p>\n<blockquote><p>[HSE20240702-01-I] Incident: Degraded Performance: ATP Secure Links<\/p><\/blockquote>\n<blockquote><p>Incident Status: Degraded Performance<\/p>\n<p>Components: Advanced Threat Protection<\/p>\n<p>Locations: Switzerland, Global<\/p>\n<hr \/>\n<p><strong>July 2, 2024 13:28 CEST<br \/>\nJuly 2, 2024 11:28 UTC<\/strong><\/p>\n<p><strong>[Identified] <\/strong>We are in direct contact with Microsoft to resolve this issue. As soon as we have more information we will update you again.<\/p>\n<p><strong>July 2, 2024 11:59 CEST<br \/>\nJuly 2, 2024 09:59 UTC<\/strong><\/p>\n<p><strong>[Investigating] <\/strong>We received reports that Hornetsecurity Secure Links are recognized as phishing by Microsoft Defender. You will see something similar to \"The URL has malicious phishing traits based from high confidence intelligence source.\" The cause is currently being analysed in more detail. Other services and the email flow is not affected.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>[English]Kurzer Rundruf an die Administratoren unter der Blog-Leserschaft, die HornetSecurity einsetzen, um Mails z.B. in Microsoft Exchange) zu filtern. Ein Leser informierte mich, dass die betreffenden Mails (f\u00fcr Exchange gleich in Quarant\u00e4ne wandern. Auf der Statusseite von HornetSecurity gibt es &hellip; <a href=\"https:\/\/borncity.com\/blog\/2024\/07\/02\/hornetsecurity-sortiert-microsoft-exchange-mails-in-quarantne-2-7-2024\/\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2039,7862],"tags":[4353,4328,987],"class_list":["post-296860","post","type-post","status-publish","format-standard","hentry","category-mail","category-stoerung","tag-mail","tag-sicherheit","tag-storung"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/296860","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=296860"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/296860\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=296860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=296860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=296860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}