Description
Detects inbound emails where the sender domain is less than 10 days old from untrusted senders.
References
No references.
Sublime Security
Created Aug 17th, 2023 • Last updated Nov 20th, 2024
Feed Source
Sublime Core Feed
Source
type.inbound
and network.whois(sender.email.domain).days_old <= 10
and not profile.by_sender().solicited
Playground
Test against your own EMLs or sample data.