RE: [sniffer] Last chance to renew at the old price!
We've always paid under the 'monthly' plan. How will this be affected? Should we switch to the yearly plan? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Murdoch Sent: Tuesday, December 27, 2005 11:14 AM To: sniffer@SortMonster.com Cc: Pete McNeil Subject: RE: [sniffer] Last chance to renew at the old price! Importance: High Hi Folks, Actually, here is some more detail as to the reasons for the price increase. In addition, please bear in mind that that prices haven't been raised in approximately 2 years and even with this increase we are priced very competitively. The new feature/benefits and more to come are as follows: * In the past 6 months we have more than doubled the number of updates per day and we will continue to increase our bandwidth and the speed of our updates. * We have more than tripled our staff to improve our monitoring, support, and rule generation capabilities. Come January, we are again doubling this staff as the black-hats have gotten much more sophisticated and this has become a 24x7 battle. Even Pete needs to sleep sometimes. :-) * We are adding new RD programs for AFF/419 spam and Malware mitigation (many of the results from these projects have already been implemented). * During this next year as part of our continuous improvement policy we will continue to roll out new features and enhancements such as fully automated reporting, in-band real-time updates, an optimized message processing pipeline, image and file attachment tagging, advanced header structure analysis, enhanced adaptive heuristics, improved machine learning systems, real-time wave-front threat detection, and many more... It's important to recognize that many of our improvements don't require new software to be installed on the client side since they are delivered through rulebase enhancements. Though this often causes our work to go unnoticed, it is actually a design feature since it means that your installation requires very little maintenance. This translates to lowered administration costs and higher reliability. As a result of this reliability-first design strategy, it may not always be obvious that our service is constantly being improved and enhanced - we never stand still ;-) We'd hate to see any of you go, but please do compare us with other services. I'm sure that you'll find we're well worth the money, but it's always good to keep your options open. In fact, best practice these days for spam filtering is to use a blended approach that leverages many services. We personally encourage that for best results. Please let me know if you have any questions. Thank you for your feedback and business! Sincerely Michael Murdoch The Sniffer Team ARM Research Labs, LLC Tel. 850-932-5338 x303 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fox, Thomas Sent: Tuesday, December 27, 2005 1:03 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] Last chance to renew at the old price! I said the same thing, and the response was, basically, We haven't raised the price in a long time, we need the money, like it or lump it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Koontz Sent: Tuesday, December 27, 2005 1:57 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] Last chance to renew at the old price! Pete, why over a 50% increase? That seems rather drastic -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, December 27, 2005 12:42 PM To: sniffer@sortmonster.com Subject: [sniffer] Last chance to renew at the old price! Hello Sniffer folks, This is just a friendly reminder that prices will be going up January 1. You can add a year to your SNF subscription at the current price if you renew before January 1. Details are here: https://www.armresearch.com/message-sniffer/forms/form-renewal.asp Thanks, _M Pete McNeil (Madscientist) President, MicroNeil Research Corporation Chief SortMonster (www.sortmonster.com) Chief Scientist (www.armresearch.com) This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions
RE: [sniffer] Last chance to renew at the old price!
I'm curious. If it get's shot down by your management what will you replace it with that's equivalent? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dave Koontz Sent: Tuesday, December 27, 2005 11:42 AM To: sniffer@SortMonster.com Cc: 'Pete McNeil' Subject: RE: [sniffer] Last chance to renew at the old price! Thanks for the explaination. While this is all fine and good, the reality is that many IT shops are on fixed budgets outside of their control. I can justify a 10-15% increase to our CFO, but over 50% will get shot down immediately. The fact that you haven't raised prices in years is noble, but if you need additional revenue, you should phase the increases in over a period of time, or a modest increase each year. Some customers simply can not turn up the cash buckets into over-drive whenever you deem you need a substantial cash influx. You've got a great product, and I would really hate to lose it as a tool. What will the Educational Institution pricing look like? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Murdoch Sent: Tuesday, December 27, 2005 2:14 PM To: sniffer@SortMonster.com Cc: Pete McNeil Subject: RE: [sniffer] Last chance to renew at the old price! Importance: High Hi Folks, Actually, here is some more detail as to the reasons for the price increase. In addition, please bear in mind that that prices haven't been raised in approximately 2 years and even with this increase we are priced very competitively. The new feature/benefits and more to come are as follows: * In the past 6 months we have more than doubled the number of updates per day and we will continue to increase our bandwidth and the speed of our updates. * We have more than tripled our staff to improve our monitoring, support, and rule generation capabilities. Come January, we are again doubling this staff as the black-hats have gotten much more sophisticated and this has become a 24x7 battle. Even Pete needs to sleep sometimes. :-) * We are adding new RD programs for AFF/419 spam and Malware mitigation (many of the results from these projects have already been implemented). * During this next year as part of our continuous improvement policy we will continue to roll out new features and enhancements such as fully automated reporting, in-band real-time updates, an optimized message processing pipeline, image and file attachment tagging, advanced header structure analysis, enhanced adaptive heuristics, improved machine learning systems, real-time wave-front threat detection, and many more... It's important to recognize that many of our improvements don't require new software to be installed on the client side since they are delivered through rulebase enhancements. Though this often causes our work to go unnoticed, it is actually a design feature since it means that your installation requires very little maintenance. This translates to lowered administration costs and higher reliability. As a result of this reliability-first design strategy, it may not always be obvious that our service is constantly being improved and enhanced - we never stand still ;-) We'd hate to see any of you go, but please do compare us with other services. I'm sure that you'll find we're well worth the money, but it's always good to keep your options open. In fact, best practice these days for spam filtering is to use a blended approach that leverages many services. We personally encourage that for best results. Please let me know if you have any questions. Thank you for your feedback and business! Sincerely Michael Murdoch The Sniffer Team ARM Research Labs, LLC Tel. 850-932-5338 x303 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fox, Thomas Sent: Tuesday, December 27, 2005 1:03 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] Last chance to renew at the old price! I said the same thing, and the response was, basically, We haven't raised the price in a long time, we need the money, like it or lump it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Koontz Sent: Tuesday, December 27, 2005 1:57 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] Last chance to renew at the old price! Pete, why over a 50% increase? That seems rather drastic -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, December 27, 2005 12:42 PM To: sniffer@sortmonster.com Subject: [sniffer] Last chance to renew at the old price! Hello Sniffer folks, This is just a friendly reminder that prices will be going up January 1. You can add a year to your SNF subscription at the current price if you renew before January 1. Details are here: https://www.armresearch.com/message-sniffer/forms/form
RE: Re[2]: [sniffer] Last chance to renew at the old price!
The thought does occur to me of how other companies have dealt with similar issues. That issue being how to address a market requiring internal expansion (i.e. expanded reinvestment) while not alienating an existing satisifed customer base. Many companies simply split their product line into 'basic' and 'premium' services. If the need is as great as Michael says, and the new revisions will result in vastly improved service, than most of their existing customers should want to move forward. However, giving people the option to 'stand still' is viable, good marketing, and good strategy. At this point, you have a certain catch 22. Everyone that pays now (for next year) is still paying you at the same rate (meaning no expanded funds), but is now wondering if they're doing the right thing. Almost seems like the only way to make the current strategy pay off would have been to demand the increased fees from all clients and not given the grace period for renewing at the old rate. At least that way, you'd have gotten something in return for any perceived customer dissatisfaction. Consider expanding to a two-tier service option. It really can work well, especially when in the future you might want to charge even more, but not alienate 'new' customers who need a lower buy-in. Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Fox, Thomas Sent: Tuesday, December 27, 2005 2:40 PM To: sniffer@SortMonster.com Subject: RE: Re[2]: [sniffer] Last chance to renew at the old price! Your interpretation of a bit as being 50+% is disingenuous at best, and thievery at the worst. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, December 27, 2005 5:34 PM To: Fox, Thomas Subject: Re[2]: [sniffer] Last chance to renew at the old price! On Tuesday, December 27, 2005, 5:14:13 PM, Thomas wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Murdoch If you don't feel that's the case, then you are free to decide if you think otherwise. Thanks and take care! FT EASY FOX TRANSLATION: FT Like it, or lump it. Translated another way... We could keep things as they are, stand still while spam generation technology advances rapidly, whither away, and die. OR We could charge a bit more, accelerate development and make sure that SNF stays out in front and even expands the gap. I, for one, am not willing to make the first choice, and I doubt that it would be in anyone's best interests - except, perhaps, the blackhats. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: Re[4]: [sniffer] can auto-forward be disabled when spam is detected?
Really! so simply renaming the forward.ima to main.fwd accomplishes what he's talking about? Where is that documented in the Imail system? Is that feature reflected/available in the windows Imail admin interfaces? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sanford Whiteman Sent: Friday, September 02, 2005 12:19 PM To: Rick Robeson Subject: Re[4]: [sniffer] can auto-forward be disabled when spam is detected? I'm afraid I'm not that up on my email standards. They're not standards in the RFC sense, just IMail features. What exactly does forwarding by main.fwd do and how does one implement that type of solution? Create mailboxname.fwd using the same format as forward.ima and the forwarding actions will only apply to messages slated to be delivered to that mailbox. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
[sniffer] can auto-forward be disabled when spam is detected?
I'm using Sniffer with MXGuard, and Ipswitch Imail Server. For accounts whohave auto-forwarding setup totransfer mail to a remote mail account,I've noticed that they're transferring all mail, including detectable spam. Is there a way to block forwarding when spam is detected? Thanks. Rick Robeson getlocalnews.com [EMAIL PROTECTED]
RE: [sniffer] can auto-forward be disabled when spam is detected?
How would that address the fact that imail processes the auto-forward rule before processing the incoming messages rules (which is where I trigger x-header sniffer flag)? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Craig Deal Sent: Thursday, September 01, 2005 11:43 AM To: sniffer@SortMonster.com Subject: RE: [sniffer] can auto-forward be disabled when spam is detected? You can change your rules to forward spam to separate user quarantine mailbox (not a subfolder or sub-mailbox) that does not have forwarding setup. You just cannot make the rules forward (or move)the spam to a sub-mailbox like [EMAIL PROTECTED] on an account that is forwarded. Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Robeson Sent: Thursday, September 01, 2005 1:17 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] can auto-forward be disabled when spam is detected? I think I see the problem, though not a quick solution. Mxguard merely handles traffic between imail and sniffer and calculates its spam score and probability. IT has no override capability excepting its own white and black lists blocking calling for sniffer processing. IMail's processing order of activies (as listed in http://www.ipswitch.com/support/imail/guide/imailug8.1/Chapter %204%20process ing2.html#47027 ) show that forwarding instructions are handled before domain or user incoming rule execution. It is the domain and user incoming rule execution that is the first level of being able to pick up sniffer/mxguard instructions (via x-header presence/value). Only connection or content filtering is used by imail prior to the forwarding process. I don't see any way to have mxguard or sniffer affect the connection or content filtering rules unless they were somehow able to (for example) add a dummy url to the content of the email which would trigger the content filtering url blacklist. Ipswitch probably considers the current forwarding processing order a feature (after all it allows another external mail server rulebase to inject it's rules). Unfortunately, in large quantity, lumping multiple aliases from multiple sites to a one or more users who then want auto-forward to another email server for internet mail (i.e. gmail) makes it look like my server is generating spam to gmail/yahoo/etc. Ideas? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil Sent: Thursday, September 01, 2005 8:44 AM To: Rick Robeson Subject: Re: [sniffer] can auto-forward be disabled when spam is detected? On Thursday, September 1, 2005, 9:12:17 AM, Rick wrote: RR I'm using Sniffer with MXGuard, and Ipswitch Imail Server. RR RR For accounts who have auto-forwarding setup to transfer mail to a RR remote mail account, I've noticed that they're transferring all RR mail, including detectable spam. Is there a way to block forwarding RR when spam is detected? That's an mxGuard question. SNF makes no distinctions on where the message is going in an IMail environment... My guess is that mxGuard is either not scanning these messages, or that it either can't or doesn't take action in those cases. If I had to guess it's probably most likely that IMail doesn't give mxGuard a chance to effect these messages, or that in a similar way mxGuard doesn't effect them due to the split envelope problem. Please let me know what you find out. Thanks, _M PS: Split Envelop Problem - When the SMTP envelope of a messages indicates multiple recipients, and one of the recipients has rules that would dispose of the message in some way there is an inherent conflict. It goes against RFCs to deliver the message to one recipient and not the other (though that is probably desirable and may be/become the best practice) since that would require splitting the envelope and the message into two copies with each copy following a different path. In a strict interpretation of email processing rules the message must be either delivered to all recipients on the envelope or not delivered. In many cases the final rule turns out to be: If anyone is supposed to receive this message then everyone must. Once they have received it they can discard it if they wish, but an MTA shouldn't make that call since it has essentially 'signed up' to be responsible for delivering the message as is. This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail
RE: Re[2]: [sniffer] reporting spam in bulk
100's of spams a problem, LOL! Before sniffer I was facing around 10 thousand spams a day. But then I'm coordinating 1000's of domains, so on a per domain basis, it's actually very small. I think what I'll do is route a combined spam report email to a server script which will break it down and resubmit individual messages to your spam@ address. However, this will still be sent to you as an attachment. The advantage is that the original header info will be in place, the disadvantage is that you might still be ignoring messages with attachments, right? If you don't take spam report messages with attachments, how would you be able to get the original internet header mail info? Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil Sent: Wednesday, January 05, 2005 11:49 AM To: Rick Robeson Subject: Re[2]: [sniffer] reporting spam in bulk On Wednesday, January 5, 2005, 1:23:59 PM, Rick wrote: RR It would be incredibly convenient if we could report spam emails in bulk RR rather than individually (i.e. select all the spam emails in outlook and RR then forward via one email (with all the emails as attachments to you). RR During this latest storm, I'm finding that I don't have time to report 100's RR of spam emails and just delete most of them. RR Any way this process can be streamlined? Unfortunately there really is no practical way for us to break down packages like this and deal with them efficiently. In any case, 100's of spam sounds like a more serious problem than a spam storm. Have you checked for other problems? _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] new spam storm?
I've sure been seeing it. My db updates are triggered off email update notices from sniffer, so I know I have the latest. Feels like something's gone wrong with sniffer due to the year change. Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kirk Mitchell Sent: Tuesday, January 04, 2005 2:56 PM To: sniffer@SortMonster.com Subject: [sniffer] new spam storm? Seems like I've been getting a ton of spam in the last few days that's been scored as either LOW or CLEAN, many of them for cheap drugs, watches or my cheating wife. I have AutoSNF running every 2 hours, so it shouldn't be due to outdated rulesets. Is anyone else seeing this, or could I be missing something? Thanks, -- Kirk Mitchell-General Manager[EMAIL PROTECTED] Keystone Connect Unlock Your World Altoona, PA 814-941-5000 http://www.keyconn.net This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] Required reload question?
it's the 'definition' of what is my rulebase that is unclear here. Specifically, if I add a domain name in the file 'whitelist.sender' in my mxguard directory (under my imail directory), will this be recognized without restarting my sniffer process? I'm not changing the 'cfg' file in this example. Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil Sent: Friday, December 10, 2004 10:06 AM To: Rick Robeson Subject: Re: [sniffer] Required reload question? On Friday, December 10, 2004, 12:14:22 PM, Rick wrote: RR If I make a change to any of the whitelist,blacklist, or trusted files, and RR I'm using sniffer in a 'persistent' mode, do I have to restart anything to RR pick up the changes? I'm not sure I completely understand. If there are changes to your rulebase then they will be recognized on the next update. If you adjust the .cfg file, it will be recognized on the next reload, by default every 10 minutes, or you can issue the reload command and the persistent server will loop right away. Nothing else should be necessary. Hope this helps, _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] repeat offender not being blocked properly
We're still getting effectively the same spam ad (for weeks now) from something who's subject is always: Global FiberNet Order Confirmation It's been reported at least a couple dozen times by me and I'm sure more by others. Is there some reason this isn't being blocked by your filters? It seems a simple enough spam to filter out. Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil Sent: Friday, June 04, 2004 1:18 PM To: [EMAIL PROTECTED] Subject: [sniffer] Prototype real time performance monitor and logging - please comment Hello Sniffer Folks, For version 2-3.1 we are creating a real time monitoring system for persistent instances of Message Sniffer. The persistent instance will update a snflicid.perf.now.xml file approximately once per minute (adjustable). This file can be read as needed to monitor the current performance statistics of the email system - or at least the Message Sniffer part of it. This makes it possible to understand the system's performance at a glance and may eliminate the need for heavy log processing. A prototype of the scorecard file format is here: http://www.sortmonster.com/MessageSniffer/Demo/snfrv2r3.perf.now.xml (The data in the file is entirely simulated at this point.) Since the file is in xml format it can be readily imported into a database or processed into a real-time web display etc... Also, it will be relatively easy to add elements to the file as new features are added or to accommodate requests for additional statistics. The plan is also to have these records appended to a snflicid.perf.log.xml file so that a running series of performance snapshots can be easily captured - perhaps for later import into a database and/or graphing engines. If you are interested in real time performance statistics then please review the sample file and respond/discuss your thoughts about it in this thread. I will be taking all comments into consideration before finalizing the specifications for the file format. --- additional note: I have used a fixed space format within the xml file so that it can be easily read with an ordinary text editor. As a result, the size of the file would remain constant. Interpreters should not depend on this, however, since this feature may be dropped to save space. --- additional note: Another section will be added to this file format which will count specific error conditions which are encountered by the system. There are a number of low-grade error conditions which occur as a normal consequence of the cellular peer-server protocols. When debugging problems it can be helpful to know that these errors are occurring at acceptable and nominal rates. --- Also: If anyone is interested in taking a stab at a .css file to make the output of this file pretty please let us know. Right now I am concentrating on well formed data so it will be some time before I get to any aesthetic work ;-) Thanks, _M Pete McNeil (Madscientist) President, MicroNeil Research Corporation Chief SortMonster (www.sortmonster.com) This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] FYI and Thanks
Hey Pete: FYI: Spam filters seem to be working exceptionally well the past 2 days. Almost nothing gets through (I've also got my spam route rule set to level20). Thanks. Rick Robeson getlocalnews.com [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil Sent: Friday, June 04, 2004 1:18 PM To: [EMAIL PROTECTED] Subject: [sniffer] Prototype real time performance monitor and logging - please comment Hello Sniffer Folks, For version 2-3.1 we are creating a real time monitoring system for persistent instances of Message Sniffer. The persistent instance will update a snflicid.perf.now.xml file approximately once per minute (adjustable). This file can be read as needed to monitor the current performance statistics of the email system - or at least the Message Sniffer part of it. This makes it possible to understand the system's performance at a glance and may eliminate the need for heavy log processing. A prototype of the scorecard file format is here: http://www.sortmonster.com/MessageSniffer/Demo/snfrv2r3.perf.now.xml (The data in the file is entirely simulated at this point.) Since the file is in xml format it can be readily imported into a database or processed into a real-time web display etc... Also, it will be relatively easy to add elements to the file as new features are added or to accommodate requests for additional statistics. The plan is also to have these records appended to a snflicid.perf.log.xml file so that a running series of performance snapshots can be easily captured - perhaps for later import into a database and/or graphing engines. If you are interested in real time performance statistics then please review the sample file and respond/discuss your thoughts about it in this thread. I will be taking all comments into consideration before finalizing the specifications for the file format. --- additional note: I have used a fixed space format within the xml file so that it can be easily read with an ordinary text editor. As a result, the size of the file would remain constant. Interpreters should not depend on this, however, since this feature may be dropped to save space. --- additional note: Another section will be added to this file format which will count specific error conditions which are encountered by the system. There are a number of low-grade error conditions which occur as a normal consequence of the cellular peer-server protocols. When debugging problems it can be helpful to know that these errors are occurring at acceptable and nominal rates. --- Also: If anyone is interested in taking a stab at a .css file to make the output of this file pretty please let us know. Right now I am concentrating on well formed data so it will be some time before I get to any aesthetic work ;-) Thanks, _M Pete McNeil (Madscientist) President, MicroNeil Research Corporation Chief SortMonster (www.sortmonster.com) This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
