What is header anomaly detection?
Header anomaly detection identifies suspicious patterns in email headers: inconsistent routing, forged timestamps, unusual server chains, and authentication failures. Headers reveal message path and can indicate **spoofing** or manipulation.
Detected anomalies: headers showing multiple origination points, timestamps inconsistent with routing, Received headers indicating unusual paths, and discrepancies between envelope and header addresses.
Application: security tools analyze headers automatically, flagging anomalies for scrutiny or blocking. Combined with content analysis and reputation, header analysis provides additional detection signals.
Was this answer helpful?
Thanks for your feedback!