Postmark's spam API, Spamcheck, is a RESTfull interface to the Spam filter tool SpamAssassin.
-
Navigate to Settings > Integrations > Servers & Services.
-
Search for Postmark Spamcheck.
-
Click Add instance to create and configure a new integration instance.
Parameter Description Required URL Postmark Spamcheck API URL True Trust any certificate (not secure) When ‘trust any certificate’ is selected, the integration ignores TLS/SSL certificate validation errors. Used to test connection issues or connect to a server without a valid certificate. False Use system proxy settings Runs the integration instance using the proxy server (HTTP or HTTPS) that you defined in the server configuration. False -
Click Test to validate the URLs, token, and connection.
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
Check the spamscore of your email message
postmark-spamcheck
Argument Name | Description | Required |
---|---|---|
entryid | Entry ID of mail EML file. | Required |
short | Only return spam score. Possible values are: True, False. | Optional |
Path | Type | Description |
---|---|---|
Postmark.Spamcheck.score | unknown | Value of SpamAssassin score |
Postmark.Spamcheck.success | unknown | State of SpamAssassin check |
Postmark.Spamcheck.rules | unknown | List the matched SpamAssassin rules |
Postmark.Spamcheck.report | unknown | Detailed SpamAssassin report |
!postmark-spamcheck entryid="654@731f1b54-bdea-4d4a-860f-328527df0cd7"
{
"Postmark": {
"Spamcheck": {
"entryid": "654@731f1b54-bdea-4d4a-860f-328527df0cd7",
"report": " pts rule description \n---- ---------------------- --------------------------------------------------\n-0.0 NO_RELAYS Informational: message was not relayed via SMTP \n 0.6 TVD_FW_GRAPHIC_NAME_LONG BODY: Long image attachment name \n 1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words \n 0.0 HTML_MESSAGE BODY: HTML included in message \n 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was \n blocked. See \n http://wiki.apache.org/spamassassin/DnsBlocklists\u2026\n #dnsbl-block for more information. [URIs: \n phpclasses.org] \n-0.0 NO_RECEIVED Informational: message has no Received headers \n-0.0 T_SCC_BODY_TEXT_LINE No description available. ",
"rules": [
{
"description": "Informational: message was not relayed via SMTP",
"score": "-0.0"
},
{
"description": "BODY: Long image attachment name",
"score": "0.6"
},
{
"description": "BODY: HTML: images with 800-1200 bytes of words",
"score": "1.6"
},
{
"description": "BODY: HTML included in message",
"score": "0.0"
},
{
"description": "ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: phpclasses.org]",
"score": "0.0"
},
{
"description": "Informational: message has no Received headers",
"score": "-0.0"
},
{
"description": "No description available.",
"score": "-0.0"
}
],
"score": "2.3",
"success": true
}
}
}
Spamcheck completed
entryid report rules score success 654@731f1b54-bdea-4d4a-860f-328527df0cd7 pts rule description
---- ---------------------- --------------------------------------------------
-0.0 NO_RELAYS Informational: message was not relayed via SMTP
0.6 TVD_FW_GRAPHIC_NAME_LONG BODY: Long image attachment name
1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists…
#dnsbl-block for more information. [URIs:
phpclasses.org]
-0.0 NO_RECEIVED Informational: message has no Received headers
-0.0 T_SCC_BODY_TEXT_LINE No description available.{'score': '-0.0', 'description': 'Informational: message was not relayed via SMTP'},
{'score': '0.6', 'description': 'BODY: Long image attachment name'},
{'score': '1.6', 'description': 'BODY: HTML: images with 800-1200 bytes of words'},
{'score': '0.0', 'description': 'BODY: HTML included in message'},
{'score': '0.0', 'description': 'ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: phpclasses.org]'},
{'score': '-0.0', 'description': 'Informational: message has no Received headers'},
{'score': '-0.0', 'description': 'No description available.'}2.3 true
!postmark-spamcheck entryid="654@731f1b54-bdea-4d4a-860f-328527df0cd7" short=True
{
"Postmark": {
"Spamcheck": {
"entryid": "654@731f1b54-bdea-4d4a-860f-328527df0cd7",
"score": "2.3",
"success": true
}
}
}
Spamcheck completed
entryid score success 654@731f1b54-bdea-4d4a-860f-328527df0cd7 2.3 true