[edit] Description

ASL has detected a known brute force attacker that is attempting to brute force accounts in your mail server.

[edit] Troubleshooting

[edit] Solutions

If you wish to prevent ASL from shunning on these events, simply set Active Response for the rule to off. This will of course allow this attacker to continue to brute force accounts in your mail server.

[edit] False Positives

None. Please do not report this as a false positive unless ASL is incorrectly reporting an event that is:

1) not exim

or

2) you know this is not a brute force attacker, and please provide your mail logs if you believe this is the case and any other information you have have to help us understand what is happening with your system.

[edit] Additional Information

[edit] Similar Rules

None.

[edit] Knowledge Base Articles

None.

[edit] External Articles

None.