This is a signature triggered on ips. So i just wanted to know when it will trigger.
Kindly help me with this
The traffic is actually from mail gateway to 220.127.116.11(dns)
This is related to CVE-2010-0024.
Presumably there is something related to the MX response being received from 18.104.22.168 that can cause a problem in some older, unpatched versions of Windows Server, which don't parse MX records properly.
By default, this signature is not enabled except on the Strict profile in Detect mode only.
If you think this is in error, you should open a TAC case OR add an exception in your Threat Prevention profile.
Retrieving data ...