Security Incident Phishing Email getting corrupted when the content type of phishing email attachments matches the eml content type. - Known Error

Security Incident Phishing Email getting corrupted when the content type of phishing email attachments matches the eml content type. Description Phishing emails are not parsed correctly.

The behaviour is observed when the reported phishing email contains an inline attachment of any format. As a result of this behaviour, the Header and the body of the email is seen as garbage values resulting in large content on the SIR which is Inserted.

Steps to Reproduce

1) Have an email with an attachment (Attachment content type should be either applicaion/octet -stream (or) message/rfc822 ) 2) Forward the email as an attachment to the instnace which has URP setup 3) Verify that phishing email created for the reported email

Actual Result : Instead of creating phishing email record for the reported email , phishing record created for the attached document. Expected Result : we should never process the files for phishing email record creation other than .eml.

Workaround The fix to this is tentative to be included with the Paris release.