[Oisf-users] Block Spammer
Mesra.net CEO
admin at mesra.my
Sun Sep 17 15:51:03 UTC 2017
Dear All,
To block spammer by mail subject or contents, i’m using below rules:
drop tcp any any -> any [25,143,465,587,993] (msg:"***** SPAMMER *****"; dsize:>0; content:"Sample Greeting"; sid:10000; rev:1;)
And i found on my mail server the email send by spammer similar with content:"Sample Greeting"; are not reach the receipent, But on mail server log i still found the attacker IP are still get connected to SMTP services and that make my SMTP services are going high, so how can i make the attacker are didnt reach at all to SMTP services ?
Please help. TQ so much
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170917/af0b2b5d/attachment.html>
More information about the Oisf-users
mailing list