运用IDS自定义策略检测SMTP、POP3邮件主题
SMTP邮件主题检测自定义策略内容:
CLIENT:any SERVER:25
msg:"SMTP主题过滤"; content: "virus"; pcre:"/^Subject:/smi"; nocase;
POP3邮件主题检测自定义策略内容:
SERVER:110 CLIENT:any
msg:"POP3主题过滤"; content: "virus" ;pcre:"/^Subject:/smi"; nocase;
搜索更多相关主题的帖子:
IDS SMTP POP3 邮件过滤
