Skip to main content

Postmark Spamcheck

This Integration is part of the Postmark Spamcheck Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Postmark's spam API, Spamcheck, is a RESTfull interface to the Spam filter tool SpamAssassin.

Configure Postmark Spamcheck on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for Postmark Spamcheck.

  3. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    URLPostmark Spamcheck API URLTrue
    Trust any certificate (not secure)When ā€˜trust any certificateā€™ is selected, the integration ignores TLS/SSL certificate validation errors. Used to test connection issues or connect to a server without a valid certificate.False
    Use system proxy settingsRuns the integration instance using the proxy server (HTTP or HTTPS) that you defined in the server configuration.False
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

postmark-spamcheck#


Check the spamscore of your email message

Base Command#

postmark-spamcheck

Input#

Argument NameDescriptionRequired
entryidEntry ID of mail EML file.Required
shortOnly return spam score. Possible values are: True, False.Optional

Context Output#

PathTypeDescription
Postmark.Spamcheck.scoreunknownValue of SpamAssassin score
Postmark.Spamcheck.successunknownState of SpamAssassin check
Postmark.Spamcheck.rulesunknownList the matched SpamAssassin rules
Postmark.Spamcheck.reportunknownDetailed SpamAssassin report

Command example#

!postmark-spamcheck entryid="654@731f1b54-bdea-4d4a-860f-328527df0cd7"

Context Example#

{
"Postmark": {
"Spamcheck": {
"entryid": "654@731f1b54-bdea-4d4a-860f-328527df0cd7",
"report": " pts rule description \n---- ---------------------- --------------------------------------------------\n-0.0 NO_RELAYS Informational: message was not relayed via SMTP \n 0.6 TVD_FW_GRAPHIC_NAME_LONG BODY: Long image attachment name \n 1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words \n 0.0 HTML_MESSAGE BODY: HTML included in message \n 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was \n blocked. See \n http://wiki.apache.org/spamassassin/DnsBlocklists\u2026\n #dnsbl-block for more information. [URIs: \n phpclasses.org] \n-0.0 NO_RECEIVED Informational: message has no Received headers \n-0.0 T_SCC_BODY_TEXT_LINE No description available. ",
"rules": [
{
"description": "Informational: message was not relayed via SMTP",
"score": "-0.0"
},
{
"description": "BODY: Long image attachment name",
"score": "0.6"
},
{
"description": "BODY: HTML: images with 800-1200 bytes of words",
"score": "1.6"
},
{
"description": "BODY: HTML included in message",
"score": "0.0"
},
{
"description": "ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: phpclasses.org]",
"score": "0.0"
},
{
"description": "Informational: message has no Received headers",
"score": "-0.0"
},
{
"description": "No description available.",
"score": "-0.0"
}
],
"score": "2.3",
"success": true
}
}
}

Human Readable Output#

Postmark - Spamcheck#

Spamcheck completed

entryidreportrulesscoresuccess
654@731f1b54-bdea-4d4a-860f-328527df0cd7pts rule description
---- ---------------------- --------------------------------------------------
-0.0 NO_RELAYS Informational: message was not relayed via SMTP
0.6 TVD_FW_GRAPHIC_NAME_LONG BODY: Long image attachment name
1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklistsā€¦
#dnsbl-block for more information. [URIs:
phpclasses.org]
-0.0 NO_RECEIVED Informational: message has no Received headers
-0.0 T_SCC_BODY_TEXT_LINE No description available.
{'score': '-0.0', 'description': 'Informational: message was not relayed via SMTP'},
{'score': '0.6', 'description': 'BODY: Long image attachment name'},
{'score': '1.6', 'description': 'BODY: HTML: images with 800-1200 bytes of words'},
{'score': '0.0', 'description': 'BODY: HTML included in message'},
{'score': '0.0', 'description': 'ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: phpclasses.org]'},
{'score': '-0.0', 'description': 'Informational: message has no Received headers'},
{'score': '-0.0', 'description': 'No description available.'}
2.3true

Command example#

!postmark-spamcheck entryid="654@731f1b54-bdea-4d4a-860f-328527df0cd7" short=True

Context Example#

{
"Postmark": {
"Spamcheck": {
"entryid": "654@731f1b54-bdea-4d4a-860f-328527df0cd7",
"score": "2.3",
"success": true
}
}
}

Human Readable Output#

Postmark - Spamcheck#

Spamcheck completed

entryidscoresuccess
654@731f1b54-bdea-4d4a-860f-328527df0cd72.3true