hello ,
we're currently testing a modified mail packet parser provided by the content team.
It processes the comments part of the email addresses from the email fields.
Specifically, for any fields tagging email.src/dst [mail options] it will tag the comment (quite often the sender's alleged name) into fullname.src and fullname.dst .
i.e. To: "Alice Jones" <ajones@example.com>, Bob <bsmith@example.com>, charles@example.com <--- This header has three targets. The first two targets contain a comment. and will get tagged into fullname.dst]
should feel this a feature worth keeping in the parser (e.g. for phishing email detection), please contact your account manager or support for an RFE to incorporate it into the parser officially (or perhaps to if you wish to test it as well) .
