abnormal-security-messageslisted

# Abnormal Security Message Analysis ## Overview Abnormal Security provides deep message analysis capabilities beyond basic threat detection. This skill covers message retrieval, header inspection, attachment analysis, sender authentication results, and delivery context. Use it when performing forensic analysis of specific emails or investigating delivery patterns. ## Message Field Reference ### Core Message Fields | Field | Type | Description | |-------|------|-------------| | `abxMessageId` | long | Abnormal internal message ID | | `subject` | string | Email subject line | | `fromAddress` | string | From header email address | | `fromName` | string | From header display name | | `toAddresses` | string[] | All To: recipients | | `ccAddresses` | string[] | All CC: recipients | | `bccAddresses` | string[] | All BCC: recipients (if available) | | `sentTime` | datetime | When the email was sent | | `receivedTime` | datetime | When the email was received by Abnormal | | `internetMessageId` | string | RFC 5322 Message-ID header | ### Sender Analysis Fields | Field | Type | Description | |-------|------|-------------| | `senderAddress` | string | Envelope sender address | | `senderName` | string | Sender display name | | `senderDomain` | string | Sender domain | | `senderIpAddress` | string | Originating IP address | | `returnPath` | string | Return-Path header (envelope sender) | | `replyToEmails` | string[] | Reply-To header addresses | ### Authentication Fields | Field