[Oisf-users] Alert on unencrypted IMAP/POP3 traffic

[Orion Poplawski]

I'd like to alert on unencrypted IMAP/POP3 traffic.  I don't notice this being
part of the standard suricata rule set.  Anyone have any rules for this or
know where some might be?  Thanks!

-- 
Orion Poplawski
Manager of NWRA Technical Systems          720-772-5637
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion at nwra.com
Boulder, CO 80301                 https://www.nwra.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3799 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190930/6533e077/attachment.bin>