Difference between revisions of "HIDS 3351"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "'''Rule ID''' 3351 '''Status''' Active rule currently published. '''Description''' This rule detects multiple relaying attempts of spam through postfix. The default s...")
 

Latest revision as of 17:20, 7 July 2016

Rule ID

3351

Status

Active rule currently published.

Description

This rule detects multiple relaying attempts of spam through postfix. The default settings are to detect 6 attempts from the same IP, within 90 seconds. The IP is then blocked by default for 600 seconds.

False Positives

This rule can be falsely triggered if a user is attempting to relay mail through the system, but it not authorized to do so.

Tuning Recommendations

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_3351&oldid=5729"
Personal tools