[Snort-sigs] email spammer sigs?

Tony Hernandez tonyh at ...1915...
Mon Dec 1 20:19:45 EST 2003


Any possible way to do a e-mail message count or a rule to catch email messages with long bcc: lists? We constantly have issues with spam trojans etc here on our 7,000+ node network and would be nice if someone could shed some light on any spammer rules they have come up with? We also have a mail server here and it would have to ignore messages bieng sent from there.. I also assume this can be done via a rule.

Any help is greatly appreciated.


Thanks -
Tony Hernandez




More information about the Snort-sigs mailing list