Having configured Integrations with your mailboxes and mail controls, every delivr.to campaign you send will provide rich detail into the emails that made it to your inbox, the state in which they arrived, and the assessment of them as they travel through each stage of your mail stack.
To highlight the most notable findings, your campaign results include Insights. These cover everything from:
- Key payload delivery results: For example, the successful delivery of a prevalent malware family we’ve recreated.
- Indication of mail control performance: Which tools blocked or flagged most emails? Which rules or signatures were most effective?
- Attack surface reduction opportunities: Which uncommon file types known to be weaponised by threat actors could potentially be blocked?
An exhaustive list of the insights available to Enterprise users can be seen below. Users with Premium & Free subscriptions are limited to Informational insights only.
If there’s an insight you’d like to see added to the platform, contact us!
Legend
| High Severity | |
| Medium Severity | |
| Low Severity | |
| Informational | |
| Negative Outcome | |
| Positive Outcome |
Insights
| Name | Severity | Outcome | |
|---|---|---|---|
 | Attachments: Extensions successfully delivered | ||
| Attachments: High-risk attachment types permitted | ||
| Attachments: QR code payload delivered | ||
 | Containers: All password-protected zip attachments blocked | ||
| Containers: Password-protected zip attachments permitted | ||
 | Executables: All EXEs blocked | ||
| Executables: EXEs permitted | ||
| Executables: PowerShell scripts permitted | ||
 | HTML Smuggling: HTML Smuggling payload delivered | ||
| HTML Smuggling: Potentially unwanted attachment types permitted | ||
| HTML Smuggling: SVG Smuggling payload delivered | ||
 | Integration: Breakdown of Defender Org-level Policies | ||
| Integration: Breakdown of Defender User-level Policies | ||
| Integration: Breakdown of Defender signatures flagged | ||
| Integration: Breakdown of Sublime rules flagged | ||
| Integration: Emails blocked by Defender 365 | ||
| Integration: Emails blocked by Sublime | ||
| Integration: Emails flagged by Sublime | ||
 | Links: Active content fetch origins | ||
| Links: All actively fetched | ||
| Links: All rewritten | ||
| Links: Inconsistent rewrites | ||
| Links: No active content fetching | ||
| Links: Not rewritten | ||
| Links: SMB link delivered | ||
| Links: search-ms link delivered | ||
 | Office: All password-protected Office attachments blocked | ||
| Office: Password-protected Office attachments permitted | ||
| Office: Potentially unwanted attachment types permitted | ||
| Office: Word remote template injection attachment delivered | ||
 | Threat Intel: Agent Tesla attachment delivered | ||
| Threat Intel: AsyncRat attachment delivered | ||
| Threat Intel: BumbleBee attachment delivered | ||
| Threat Intel: CVE-2024-21413 delivered | ||
| Threat Intel: Callback phishing attachment delivered | ||
| Threat Intel: DarkGate attachment delivered | ||
| Threat Intel: IcedId attachment delivered | ||
| Threat Intel: Nobelium attachment delivered | ||
| Threat Intel: Pikabot attachment delivered | ||
| Threat Intel: QakBot attachment delivered | ||
| Threat Intel: SocGholish attachment delivered |