It would be nice for when a phishing email is reported that isn't apart of a campaign it provide some header information from the reported email. As it stand we have phishing emails going to our support email so that we can create a ticket and distribute them to the HD team to review with users. It would be nice to have the report also provide header details of the reported email, like SPF, DMARC, DKIM, Pass or fail. Might be extra but show what the sender is vs the reply. Would make aiding users easier as we can more quickly diagnose a phishing email with these in the report.

When an email is reported via the Dee Dee Report a Phish button, it is configured to forward to a distro group for review. It loads as an *.eml file which to my organization seems like a security risk. We just need the header information of the email. Our technicians are having to open the email and are concerned about doing so on their devices. Could you add the original header information in the notification email to prevent the requirement to open a potentially hazardous email?

Ask: Include email header information in the notification sent from the Report Phish button. There is no way to parse out the sender and recipient email information that is received from the report phish button. In scenarios where PSA ticket integrations parse out the email header data for their support teams' use, this is not possible at this current time.

Outcome: Summarized report of the email header information included with a preview of the reported email