#alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg:"ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from|3a|"; nocase; threshold: type limit, track by_src, count 1, seconds 60; reference:url,doc.emergingthreats.net/2003864; classtype:misc-activity; sid:2003864; rev:6; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 20:57:04 UTC


#alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg:"ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from|3a|"; nocase; threshold: type limit, track by_src, count 1, seconds 60; reference:url,doc.emergingthreats.net/2003864; classtype:misc-activity; sid:2003864; rev:6;)

Added 2015-03-06 18:33:52 UTC


#alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg:"ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from|3a|"; nocase; threshold: type threshold, track by_src, count 1, seconds 60; reference:url,doc.emergingthreats.net/2003864; classtype:misc-activity; sid:2003864; rev:4;)

Added 2011-10-12 19:14:20 UTC


#alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg:"ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from|3a|"; nocase; threshold: type threshold, track by_src, count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; sid:2003864; rev:4;)

Added 2011-09-14 22:27:27 UTC


#alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg:"ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from|3a|"; nocase; threshold: type threshold, track by_src, count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Unauthorized_SMTP; sid:2003864; rev:4;)

Added 2011-02-04 17:22:48 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Unauthorized_SMTP; sid:2003864; rev:3;)

Added 2010-06-28 22:46:59 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Unauthorized_SMTP; sid:2003864; rev:3;)

Added 2010-06-28 22:46:59 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Unauthorized_SMTP; sid: 2003864; rev:3;)

Added 2009-02-11 19:24:43 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; reference:url,doc.emergingthreats.net/2003864; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Unauthorized_SMTP; sid: 2003864; rev:3;)

Added 2009-02-11 19:24:43 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; sid: 2003864; rev:2;)

Added 2008-01-31 18:48:10 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "ET POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; sid: 2003864; rev:2;)

Added 2008-01-31 18:48:10 UTC


alert tcp !$SMTP_SERVERS any -> !$HOME_NET 587 (msg: "BLEEDING-EDGE POLICY Outbound SMTP on port 587"; flow:established; content:"mail from\:"; nocase; threshold: type threshold, track by_src,count 1, seconds 60; classtype: misc-activity; sid: 2003864; rev:1;)

Added 2007-05-18 16:23:23 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats