[sniffer] spam leakage up
In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] spam leakage up
Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html --- [This E-mail scanned for Spam and Viruses by http://www.innovationnetworks.ca] --- [This E-mail scanned for Spam and Viruses by http://www.innovationnetworks.ca] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: [sniffer] spam leakage up
wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. Delivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 Good Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 Spam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 Spam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% Mal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 Spam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 Spam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 No Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 White Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 General Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 Experimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 Obfuscation 240 183 158 189 196 336 151 1,453 352 Grey Hosts 355 196 29 33 213 343 315 1,484 166 Gambling 272 202 263 261 215 303 161 1,677 124 Refinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 Business opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 Ink and toner cartridges 159 124 41 91 100 89 63 667 121 Pornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 Send money scams 57 63 66 57 85 84 82 494 65 Online pharmacies 6,792 6,098 5,419 4,907
Re: [sniffer] spam leakage up
Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiff>Delivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiff>Good Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiff>Spam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiff>Spam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiff>Mal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiff>Spam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiff>Spam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiff>No Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiff>White Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiff>General Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiff>Experimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiff>Obfuscation 240 183 158 189 196 336 151 1,453 352 image.tiff>Grey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiff>Gambling 272 202 263 261 215 303 161 1,677 124 image.tiff>Refinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiff>Business opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiff>Ink and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiff>Pornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiff>Send money scams 57 63 66 57 85 84 82 494 65 image.tiff>Online pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiff>Cable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiff>Norton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiff>Insurance quotes, etc. 706 493 374 354 526 552 547 3,552 649 image.tiff>Travel/vacation offers 216 135 82 61 87 160 121 862 238 image.tiff>Viruses Detected 649 440 223 201 537 498 493 3,041 344 image.tiff>Virus Vulnerabilities 581 431 365 304 531 518 580 3,310 406 Dan Stratton wrote: Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way.
Re: [sniffer] spam leakage up
On 24 Jun 2004 at 10:46, Herb Guenther wrote: Herb, very kool - nice output. How do you compile the info if you don't mind me asking? -Nick Hayer Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: [sniffer] spam leakage up
I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code. Herb Aaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiffDelivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiffGood Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiffSpam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiffSpam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiffMal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiffSpam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiffSpam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiffNo Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiffWhite Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiffGeneral Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiffExperimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiffObfuscation 240 183 158 189 196 336 151 1,453 352 image.tiffGrey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiffGambling 272 202 263 261 215 303 161 1,677 124 image.tiffRefinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiffBusiness opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiffInk and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiffPornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiffSend money scams 57 63 66 57 85 84 82 494 65 image.tiffOnline pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiffCable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiffNorton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiffInsurance quotes, etc. 706 493 374 354 526 552 547 3,552 649 image.tiffTravel/vacation offers 216 135 82 61 87 160 121 862 238 image.tiffViruses Detected 649 440 223 201 537 498 493 3,041 344 image.tiffVirus Vulnerabilities 581 431 365 304 531 518 580 3,310 406 Dan Stratton wrote: Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an
Re: [sniffer] spam leakage up
Yes, I would also like to know how you generated that nice spam report. Michael SteinComputer Housewww.computerhouse.com - Original Message - From: Herb Guenther To: [EMAIL PROTECTED] Sent: Thursday, June 24, 2004 11:46 AM Subject: Re: [sniffer] spam leakage up wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today.Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. Delivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 Good Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 Spam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 Spam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% Mal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 Spam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 Spam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 No Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 White Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 General Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 Experimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 Obfuscation 240 183 158 189 196 336 151 1,453 352 Grey Hosts 355 196 29 33 213 343 315 1,484 166 Gambling 272 202 263 261 215 303 161 1,677 124 Refinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 Business opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 Ink and toner cartridges 159 124 41 91 100 89 63 667 121 Pornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 Send money scams 57 63 66 57 85 84 82 494 65 Online pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 Cable/Satellite descramblers 1,250
Re: [sniffer] spam leakage up
Thanks Herb but we don't have Coldfusion. Looks great tho! Aaron www.vantech.net On Jun 24, 2004, at 8:55 AM, Herb Guenther wrote: I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code. Herb Aaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiff>Delivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiff>Good Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiff>Spam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiff>Spam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiff>Mal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiff>Spam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiff>Spam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiff>No Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiff>White Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiff>General Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiff>Experimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiff>Obfuscation 240 183 158 189 196 336 151 1,453 352 image.tiff>Grey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiff>Gambling 272 202 263 261 215 303 161 1,677 124 image.tiff>Refinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiff>Business opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiff>Ink and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiff>Pornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiff>Send money scams 57 63 66 57 85 84 82 494 65 image.tiff>Online pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiff>Cable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiff>Norton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiff>Insurance quotes, etc. 706 493 374 354 526 552 547 3,552 649 image.tiff>Travel/vacation offers 216 135 82 61 87 160 121 862 238 image.tiff>Viruses Detected 649 440 223 201 537 498 493 3,041 344 image.tiff>Virus Vulnerabilities 581 431 365 304 531 518 580 3,310 406 Dan Stratton wrote: Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] spam leakage up
Didnt you post this a long time ago? If you'll post it again i'll copy it and maybe convert it to perl ( I have coldfusion but do most of my reports in perl.. tends to be a little faster ) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Herb GuentherSent: Thursday, June 24, 2004 10:55 AMTo: [EMAIL PROTECTED]Subject: Re: [sniffer] spam leakage up I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code.HerbAaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiffDelivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiffGood Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiffSpam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiffSpam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiffMal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiffSpam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiffSpam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiffNo Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiffWhite Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiffGeneral Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiffExperimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiffObfuscation 240 183 158 189 196 336 151 1,453 352 image.tiffGrey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiffGambling 272 202 263 261 215 303 161 1,677 124 image.tiffRefinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiffBusiness opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiffInk and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiffPornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiffSend money scams 57 63 66 57 85 84 82 494 65 image.tiffOnline pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiffCable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiffNorton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiffInsurance quotes, etc. 706 493 374 354 526 552 547 3,552 649 image.tiffTravel/vacation offers 216 135 82 61 87 160 121 862 238 image.tiffViruses Detected 649 440 223 201 537 498 493 3,041 344 image.tiffVirus Vulnerabilities 581 431 365 304 531 518 580 3,310 406 Dan Stratton wrote: Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. This E-Mail came from the Message Sniffer mailing list. For information and
Re[2]: [sniffer] spam leakage up
On Thursday, June 24, 2004, 12:23:22 PM, Herb wrote: HG Yes, I did about a year or so ago as I remember. I don't HG know, isthere a spot for this on the message sniffer site? HG Sniffer folks Then it would be available to whoever wanted it. Sure. Please package it up in a .zip file for us with a good readme.txt included and we will post it on the site in the appropriate help section. Thanks! _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] Reporting
Hi Pete: I think XML is the way to go. The lack of feedback may not be due to your choice of format - but rather that there really isn't too much to discuss about the obviousyfields that your sample offered. I did provide some feedback - but overall I felt you were on the right track and people probably don't just want to seem like they are talking JUST to hear themselves talk. Best Regards Andy Schmidt HM Systems Software, Inc. 600 East Crescent Avenue, Suite 203 Upper Saddle River, NJ 07458-1846 Phone: +1 201 934-3414 x20 (Business) Fax:+1 201 934-9206 http://www.HM-Software.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Thursday, June 24, 2004 02:00 PM To: Aaron Caviglia Subject: [sniffer] Reporting - was: spam leakage up We are working on specs for real-time reporting out of Sniffer and haven't had a lot of feedback on the XML based format. We were looking at this format because, in theory anyway, it's easy to port into a database or even directly into a web page or other format. Am I guessing right that the reason we didn't get a lot of feedback is because not many folks can really use XML data in practice? Should we adopt a different format for a real-time scoreboard output file? Tab delimited? CSV? --- perhaps directly to HTML? (if HTML then I will continue with the XML concept and use DOM to read the XML as a data island and format the output - anybody have experience with this - it seems harder in practice than the examples let on.) Any thoughts would be appreciated. Thanks, _M (The idea of a scoreboard was to create some useful indicators that could be read in near real-time - without a lot of heavy lifting. At the time it seemed there was a pressing need for this kind of functionality. I'm beginning to wonder - I don't want to spend effort on something that nobody really cares about. There are plenty of other features planned that we could focus on. I need some feedback. Thanks!) On Thursday, June 24, 2004, 12:02:06 PM, Aaron wrote: AC Thanks Herb but we don't have Coldfusion. AC Looks great tho! AC Aaron AC www.vantech.net AC On Jun 24, 2004, at 8:55 AM, Herb Guenther wrote: I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code. Herb Aaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiffDelivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiffGood Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiffSpam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiffSpam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiffMal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiffSpam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiffSpam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiffNo Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiffWhite Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiffGeneral Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiffExperimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiffObfuscation 240 183 158 189 196 336 151 1,453 352 image.tiffGrey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiffGambling 272 202 263 261 215 303 161 1,677 124 image.tiffRefinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiffBusiness opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiffInk and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiffPornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiffSend money scams 57 63 66 57 85 84 82 494 65 image.tiffOnline pharmacies 6,792 6,098 5,419 4,907 5,766 5,526
Re: [sniffer] Reporting - was: spam leakage up
Pete, If the data is normalized, tab delimited seems like the most widely available choice. I've never played with XML, and although it might be more useful in many places, in others it presents overhead, especially as far as a learning curve goes. It may also be that real-time reporting isn't that widely sought after, especially on systems where Sniffer is just one part of an overall system. For me there would be no real value to this except for a rare occasion that I'm researching a problem or my interest is peaked (which isn't a good justification for work). Those that desire real-time functionality may well be more experienced DB admins or programmers and may be able to handle whatever format that you throw at them. Matt Pete McNeil wrote: We are working on specs for real-time reporting out of Sniffer and haven't had a lot of feedback on the XML based format. We were looking at this format because, in theory anyway, it's easy to port into a database or even directly into a web page or other format. Am I guessing right that the reason we didn't get a lot of feedback is because not many folks can really use XML data in practice? Should we adopt a different format for a "real-time scoreboard" output file? Tab delimited? CSV? --- perhaps directly to HTML? (if HTML then I will continue with the XML concept and use DOM to read the XML as a data island and format the output - anybody have experience with this - it seems harder in practice than the examples let on.) Any thoughts would be appreciated. Thanks, _M (The idea of a "scoreboard" was to create some useful indicators that could be read in near real-time - without a lot of heavy lifting. At the time it seemed there was a pressing need for this kind of functionality. I'm beginning to wonder - I don't want to spend effort on something that nobody really cares about. There are plenty of other features planned that we could focus on. I need some feedback. Thanks!) On Thursday, June 24, 2004, 12:02:06 PM, Aaron wrote: AC Thanks Herb but we don't have Coldfusion. AC Looks great tho! AC Aaron AC www.vantech.net AC On Jun 24, 2004, at 8:55 AM, Herb Guenther wrote: I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code. Herb Aaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiffDelivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiffGood Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiffSpam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiffSpam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiffMal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiffSpam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiffSpam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiffNo Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiffWhite Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiffGeneral Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiffExperimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiffObfuscation 240 183 158 189 196 336 151 1,453 352 image.tiffGrey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiffGambling 272 202 263 261 215 303 161 1,677 124 image.tiffRefinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiffBusiness opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiffInk and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiffPornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiffSend money scams 57 63 66 57 85 84 82 494 65 image.tiffOnline pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiffCable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiffNorton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiffInsurance quotes, etc. 706 493 374 354 526 552 547