================================================================
This example incident report is void - for testing purposes only
================================================================

From Some_IDS@foreign_domain.com Fri Oct 12 09:30:53 2001
Date: Thu, 23 Aug 2001 01:12:41 +0400
From: Intrusion Detection System <some_ids@foreign_domain.com>
To: contact1@our_domain.pl, contact2@our_domain.pl, contact3@our_domain.pl
Cc: some_ids@foreign_domain.com
Subject: Attack(s) from your network (source address: 10.1.1.1).
Resent-Date: Thu, 23 Aug 2001 11:14:31 +0200 (MET DST)
Resent-From: Contact Person <contact2@our_domain.pl>
Resent-To: Abuse Team <abuse@our_domain.pl>
Resent-Subject: Attack(s) from your network (source address: 10.1.1.1).

Hi, 
Intrusion-detection system at 172.16.1.1 detected attack(s) from your network and now sending you this automated notification.
There were 1 attack(s) from address 10.1.1.1, that you are responsible for, according to whois.ripe.net.
Logged intrusion attempt(s) was:

/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00

PLEASE FIX THE PROBLEM!
If you need more details, feel free to reply to some_ids@foreign_domain.com ASAP - we clean our logs weekly.
Thank you!