Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Capture Spam mail traffic using snort

From: Jose Maria Lopez Hernandez <jkerouac () bgsec com>
Date: Wed, 30 Mar 2005 10:14:00 +0200
El mié, 30-03-2005 a las 07:23 +0100, lokesh.khanna () accelonafrica com
escribió:

Thanks. But is there any other way. If Spammer sends less than 10 mail
in 60 sec, then snort will not be able to capture that.
Is there any way to generate Alert based on content in Mail, or header
of mail?

Cordially,
Lokesh


You obviously can generate alerts based on the content of the email
or the header, but you would need lots of rules and it's not the
smartest way of solving the problem of spam.

You better try something like Spamassasin. It will treat spam
traffic much better than Snort.

Regards.

-- 

Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac () bgsec com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: