Pattern 17 : Textmail General
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Pattern 17 : Textmail General | Base Rule | Ops/Information | General SMTP Information |
| Outbreak Threat Level Declaration | Sub Rule | Security/Failed Malware | Failed Virus Activity |
| Too Many Messages | Sub Rule | Ops/Warning | E-Mail Message Limit Exceeded |
| License Key Expiring | Sub Rule | Ops/Warning | License Expiring |
| Connection Failed | Sub Rule | Ops/Network Traffic | Connection Failed |
| Invalid DNS Response | Sub Rule | Ops/Warning | Invalid DNS Response |
| Double Bounce | Sub Rule | Ops/Warning | Email Message Bounced |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
| IP | <dip> | IP Address | |
| port | <dport> | Number | |
| domain | <domainorigin> | Text\String | |
| interface | <sip> | IP Address | |
| MID | <session> | Number | |
| DCID\ICID | <processid> | Number | |
| <tag1> | Text\String | ||
| <tag2> | Text\String |