Vendor: Postfix

April 15, 2026 · View on GitHub

Product: Postfix

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
5724843
Use-CaseActivity Types/ParsersMITRE ATT&CK® TTPContent
Data Leakdlp-email-alert-out
postfix-postfix-str-email-subject
postfix-postfix-kv-email-queue
postfix-postfix-mix-email-sent

dlp-email-alert-out-failed
postfix-postfix-str-email-send-fail-statusdeferred
postfix-postfix-str-email-send-fail-deliveryfailure
T1048 - Exfiltration Over Alternative Protocol
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 34 Rules
  • 16 Models
Lateral Movementnetwork-connection-failed
postfix-postfix-str-smtp-close-connectionfail
T1090 - Proxy
T1090.003 - Proxy: Multi-hop Proxy
T1190 - Exploit Public Fasing Application
TA0010 - TA0010
TA0011 - TA0011
  • 18 Rules
  • 7 Models
Phishingdlp-email-alert-out
postfix-postfix-str-email-subject
postfix-postfix-kv-email-queue
postfix-postfix-mix-email-sent
T1048 - Exfiltration Over Alternative Protocol
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 1 Rules
  • 1 Models
Workforce Protectiondlp-email-alert-out
postfix-postfix-str-email-subject
postfix-postfix-kv-email-queue
postfix-postfix-mix-email-sent
T1048 - Exfiltration Over Alternative Protocol
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 4 Rules
  • 1 Models
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Valid Accounts

Exploit Public Fasing Application

Valid Accounts

Valid Accounts

Valid Accounts

Proxy: Multi-hop Proxy

Proxy

Exfiltration Over Alternative Protocol

Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol