I need a little bit of help please.
We have a generic firewall rule which checks for more than 30 SMTP connections and then adds the clients IP to a src-address list.
What we want to do now is whenever an IP address is added to this src-list, we want it to email through to our support department so they can be aware of who was added.
Code: Select all
37 ;;; Detect SMTP Spammers chain=SMTP action=add-src-to-address-list protocol=tcp address-list=smtp_spammers address-list-timeout=3h dst-port=25 connection-limit=30,32
Can anyone give some ideas?