Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gmail Clarify Bypassing Spam Filters #149

Closed
adhilto opened this issue Jan 15, 2024 · 5 comments · Fixed by #324
Closed

Gmail Clarify Bypassing Spam Filters #149

adhilto opened this issue Jan 15, 2024 · 5 comments · Fixed by #324
Assignees
@jkaufman-mitre
Labels
Gmail Internal Discussion scb update tracking
Milestone
Coast

Comments

@adhilto
Copy link
Collaborator

adhilto commented Jan 15, 2024

(Using the numbers of the gmail-changes-1 branch)

GWS.GMAIL.14.1v0.1 instructs users to not use an email allowlist, referring to this feature here:
image

However, there is another way to create an allowlist that the baseline does not address:
image

What was previously GWS.GMAIL.18 touched on some of these settings, but this group is being deleted. I agree with the deletion of this group--the guidance there was confusing and contradictory--but I would recommend adding a new control group that rules out the various ways users could bypass spam protections.

Proposed group name: "Spam Filtering"

Policies:

  1. "Domains SHALL NOT be added to lists that bypass spam filters." With a note: "Note: Allowed senders MAY be added."
  2. "Domains SHALL NOT be added to lists that bypass spam filters and hide warnings."
  3. "Bypass spam filters and hide warnings for all messages from internal and external senders SHALL NOT be enabled."
@jkaufman-mitre
Copy link
Collaborator

@adhilto Will discuss this with the team to determine which changes should be made. @prodjom

@jkaufman-mitre
Copy link
Collaborator

@adhilto We will implement the recommended changes.

@buidav buidav added this to the Backlog milestone Jan 24, 2024
@jkaufman-mitre jkaufman-mitre mentioned this issue Apr 10, 2024
Closed
14 tasks
@jkaufman-mitre
Copy link
Collaborator

PR has been created. TTP Mappings still need to be done and drift rules need to be created.

@jkaufman-mitre
Copy link
Collaborator

Drift Rules have been completed. Now only waiting on TTP mappings.

@adhilto adhilto modified the milestones: Barracuda, Coast Jun 5, 2024
@jkaufman-mitre
Copy link
Collaborator

Followed-up on the status of the TTP mappings.

@jkaufman-mitre jkaufman-mitre mentioned this issue Jun 21, 2024
Merged
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jkaufman-mitre jkaufman-mitre

Labels
Gmail Internal Discussion scb update tracking
Projects
None yet
Milestone
Coast
4 participants
@buidav @adhilto @jkaufman-mitre @mdueltgen