It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Reporting a Missed Attack

  • Last updated on

Sometimes a suspicious message will get past Barracuda Sentinel. Should this happen, forward the suspicious message to the Barracuda Sentinel team so we can analyze it, learn from it, and improve Barracuda Sentinel for everyone. 

Reporting a Missed Attack

Be sure to forward the email as an EML file, including any attachments, as described below. Forwarding the message inline or as a MSG file does not provide enough information to the Sentinel Analysts Team.

To report a missed attack:

  1. Open Outlook in a web browser. Usually, you will navigate to http://outlook.office.com/ and log in with your credentials for your organization.
  2. Click New Message
  3. Locate the suspicious email in the Inbox. 
  4. Click the suspicious email and drag it into the new, blank message. It appears as an attachment. 
  5. Add the following information:
    • To: SentinelAnalysts_Team@barracuda.com
    • Subject: Report Missed Attack, or something similar
    • Body: Optionally, add a note to the Sentinel Analysts Team to provide additional information or context.
  6. Click Send.

The Barracuda Sentinel team will send you an email, confirming receipt of your submission. At this time, we are unable to follow up on individual submissions.

Why an Attack Might Be Missed  

On somewhat rare occasions, an attack might pass by Barracuda Sentinel. Some of the reasons this might happen include:

  • The attack might have come through on a mailbox that is not using Microsoft Office 365. For information on what is protected, see Getting Started
  • You recently purchased Barracuda Sentinel and it is still learning about your environment.
  • Each user is treated as an individual, based on their individual attributes. The same email might have been considered an attack and blocked for one user, and allowed through for another user. 
  • The email might have been opened automatically in a mobile app before Barracuda Sentinel can get it from the main environment. 
  • Gateway policies or DMARC might not be configured properly. For more information, refer to the Configuring SPF, DKIM, and DMARC section of this document.
  • Your Barracuda Email Security Service might have permissive inbound policies that allowed the email through. For information on updating your policies, refer to Inbound Filtering Policy in the Barracuda Email Security Service documentation.  
Last updated on