[Oisf-users] sid 220006
erik clark
philosnef at gmail.com
Mon Jul 2 13:37:15 UTC 2018
app-layer-event:smtp.no_server_welcome_message;
flowint:smtp.anomaly.count,+,1
Can someone explain to me how this is determined? My payload_printable is:
220 $hostname ESMTP Postfix
where $hostname is actually the hostname. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180702/426c24cd/attachment.html>
More information about the Oisf-users
mailing list