HIDS 3351

From Atomicorp Wiki
Jump to: navigation, search

Rule ID

3351

Status

Active rule currently published.

Description

This rule detects multiple relaying attempts of spam through postfix. The default settings are to detect 6 attempts from the same IP, within 90 seconds. The IP is then blocked by default for 600 seconds.

False Positives

This rule can be falsely triggered if a user is attempting to relay mail through the system, but it not authorized to do so.

Tuning Recommendations

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_3351&oldid=5729"
Personal tools