Closed mlaferrera closed 4 years ago
I just tested the rule, and it's not hitting on many e-mails. I have a corpus of 4292 test e-mails from an operational network and it only identified 1969. Each of them are valid SMTP sessions.
I just tested the rule, and it's not hitting on many e-mails. I have a corpus of 4292 test e-mails from an operational network and it only identified 1969. Each of them are valid SMTP sessions.