smtp.rules

This is the snapshot of Snot Latest Rules

# Autogenerated skeleton rules file.  Do NOT edit by hand
alert tcp $EXTERNAL_NET any <> $HOME_NET 25 (msg:"SMTP BDAT buffer overflow attempt"; sid:13718; gid:3; rev:1; classtype:attempted-admin; reference:bugtraq,4204; reference:cve,2002-0055; reference:url,www.microsoft.com/technet/security/bulletin/ms02-012.mspx; metadata: engine shared, soid 3|13718, policy security-ips drop, service smtp;)
alert tcp any any -> $HOME_NET 25 (msg:"SMTP Microsoft Exchange Server MIME base64 decoding code execution attempt"; sid:12028; gid:3; rev:2; classtype:attempted-admin; reference:url,www.microsoft.com/technet/security/Bulletin/MS07-026.mspx; reference:cve,2007-0213; reference:bugtraq,23809; metadata: engine shared, soid 3|12028;)
alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"SMTP RCPT TO IPSwitch proxy overflow attempt"; sid:12692; gid:3; rev:2; classtype:attempted-admin; reference:cve,2006-4379; reference:url,www.ipswitch.com/support/imail/releases/im20061.asp; metadata: engine shared, soid 3|12692;)
alert tcp $EXTERNAL_NET any <> $HOME_NET 25 (msg:"SMTP Microsoft Outlook Web Access From field cross-site scripting attempt"; sid:13894; gid:3; rev:1; classtype:misc-attack; reference:cve,2008-2247; reference:url,www.microsoft.com/technet/security/bulletin/ms08-039.mspx; metadata: engine shared, soid 3|13894, service smtp, policy security-ips drop;)
alert tcp $EXTERNAL_NET any <> $HOME_NET 25 (msg:"SMTP Microsoft Outlook Web Access invalid CSS escape sequence script execution attempt"; sid:13895; gid:3; rev:1; classtype:misc-attack; reference:cve,2008-2248; reference:url,www.microsoft.com/technet/security/bulletin/ms08-039.mspx; metadata: engine shared, soid 3|13895, service smtp, policy security-ips drop;)