|Alert Message||Known brute force attacker.|
ASL has detected a known brute force attacker that is attempting to brute force accounts in your mail server.
If you wish to prevent ASL from shunning on these events, simply set Active Response for the rule to off. This will of course allow this attacker to continue to brute force accounts in your mail server.
 False Positives
None. Please do not report this as a false positive unless ASL is incorrectly reporting an event that is:
1) not exim
2) you know this is not a brute force attacker, and please provide your mail logs if you believe this is the case and any other information you have have to help us understand what is happening with your system.
 Additional Information
 Similar Rules
 Knowledge Base Articles
 External Articles