You can use Detected Items - IP Reputation to view information about email messages that are sent from ip addresses that does not match the organisation security level.
In the IP Reputation section, you can use up to three of the following search filters:
Note: This information is derived from McAfee TrustedSource. This is a global threat correlation engine that is incorporated into products across McAfee's appliance and service suite, as well as into appliances and services of other companies and organizations. The information provided by TrustedSource data enables appliances and services to more accurately filter communications and transactions between users and organizations.
Logical Operator: Select an appropriate operator to use multiple search filters.
Against each search filter you can choose a condition for a particular text from the following options to further narrow the search.
Select the option Case Sensitive if you want to execute the search for text in upper or lower case.
You can also specify a date range. If you want to see all entries, select All Dates.
If you want to limit the search to a specific date range, select Date Range, and use the date fields or
date calendars to specify the date range.
You can use:
In the View Results section, you can use: