/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
Spear phishing was received from one of the IP addresses provided by SAP, for example from AWS mail traffic
Environment
SAP Cloud for Customer
Resolution
- SAP provides IP ranges for whitelisting so that email traffic from C4C mail servers can be delivered to the mail server.
- These IP ranges (3193919 - IP Address Ranges for Cloud for Customer Data Centers - SAP for Me) are hosted on AWS infrastructure and are not dedicated exclusively to C4C. They may also be used by other SAP products or services.
- Because the IP ranges are shared, there is a possibility of phishing emails coming from other public or external sources.
- SAP ensures that C4C-generated emails are sent securely, but SAP is not responsible for phishing emails that may originate outside of C4C but still use AWS IPs.
- In such cases, to mitigate the risk, they can quarantine emails received from such IP addresses.
- Alternatively, request SAP to configure C4C to send all outgoing emails directly from the customer’s own SMTP server.
Note: This feature will be available after August 25th. For further information, please refer to the related KBA.(https://me.sap.com/notes/0003650434)
See Also
Keywords
Spear Phishing, IP addres , KBA , LOD-CRM-ADM , Administration UI , How To
Product
SAP Cloud for Customer core applications all versions
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)