HIDS 3351

From Atomicorp Wiki
Revision as of 17:20, 7 July 2016 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Rule ID

3351

Status

Active rule currently published.

Description

This rule detects multiple relaying attempts of spam through postfix. The default settings are to detect 6 attempts from the same IP, within 90 seconds. The IP is then blocked by default for 600 seconds.

False Positives

This rule can be falsely triggered if a user is attempting to relay mail through the system, but it not authorized to do so.

Tuning Recommendations

None.

Personal tools