|Applies To||RSA Product Set: RSA Archer|
RSA Product/Service Type: RSA Archer (On-Premise)
RSA Version/Condition: 6.x
- The Data Feed successfully finds and processes the email message.
- The body_text source definition field is mapped on the "Data Map" tab.
- All the components of the email are transferred to the Archer records but the body_text data is not transferred into the field that it's been mapped into.
- In some situations mapping, body_text is required. For example, situations where emails sent to the mailbox are forwarded IT Risk / Cyber Incidents / Phishing / Spam / Malicious emails, and so forth, that have been forwarded to Archer as context for incident investigation and resolution. For these situations, there is a need to transfer plaintext instead of HTML to Archer records.
- The body_text component of the email message is processed from the plaintext component of the email received. Some emails are entirely HTML and do not have a plaintext component. For these emails, body_plain will be empty.
- The emails process by the Mail Monitor data feed must have a plaintext component for body_text to have a value and transfer over into the Archer record.
|Resolution||Configure all email clients that send mail to the mailbox monitored by the Archer Mail Monitor Feed to force outgoing emails into plaintext.|
- File -> Options -> Mail -> Message Format (at bottom) -> Convert to Plaintext
- File -> Options -> Mail ->Compose (at top) -> Plaintext
- File -> Options -> Trust Center -> Trust Center Settings -> Email Security -> Read all standard mail in plaintext (check) -> Read all digitally signed mail in plaintext (check)
- Restart outlook.
- Options -> Delivery format -> Plaintext only.
Outlook For Web:
- Change formatting from "HTML" to "Plaintext" for each email sent/forwarded and/or change the default in the options (if sufficient permissions available).