Re: [Declude.JunkMail] weird random .htm attachments

No, unfortunately I haven't found a good test here and yes they are on the increase. Gr -Marc - Original Message - From: Glenn Brooks To: [EMAIL PROTECTED] Sent: Monday, March 29, 2004 8:02 PM Subject: RE: [Declude.JunkMail] weird random .htm attachments Has anyone set up a

Re: [Declude.JunkMail] weird random .htm attachments

I filter on this + String.fromCharCode( This is common in all of them. Combined with other tests it catches most. Mike - Original Message - From: Glenn Brooks [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 29, 2004 20:02 Subject: RE: [Declude.JunkMail] weird random .htm

Re: [Declude.JunkMail] weird random .htm attachments

so you do a body filter? At 09:00 AM 3/30/2004 -0500, you wrote: I filter on this + String.fromCharCode( This is common in all of them. Combined with other tests it catches most. Mike - Original Message - From: Glenn Brooks [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March

Re: [Declude.JunkMail] weird random .htm attachments

yes Mike - Original Message - From: Glenn Brooks [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 30, 2004 09:20 Subject: Re: [Declude.JunkMail] weird random .htm attachments so you do a body filter? At 09:00 AM 3/30/2004 -0500, you wrote: I filter on this +

RE: [Declude.JunkMail] Strange MONKEYFORMMAIL problems

Great idea! -Original Message- From: Joe Wolf [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 23, 2004 9:51 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Strange MONKEYFORMMAIL problems I try to look at the config files on a regular basis, but I have to print both of them out

[Declude.JunkMail] OT: Internet Usage Monitoring

Management wants to do web usage mainitoring. They do not at this time want to do blocking. We have a pix firewall that does what Cisco calls URL logging but in relaity it does not log the url but the ip address of the server and the path on the server to the document being viewed. What they want

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

web trends firewall suite maybe? - Original Message - From: Kevin Bilbee [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 30, 2004 2:43 PM Subject: [Declude.JunkMail] OT: Internet Usage Monitoring Management wants to do web usage mainitoring. They do not at this time want

RE: [Declude.JunkMail] OT: Internet Usage Monitoring

Monster.com?? LOL -Just kidding. Can the PIX log to a syslog server? Todd Holt Xidix Technologies, Inc Las Vegas, NV USA 702.319.4349 www.xidix.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Bilbee Sent: Tuesday, March 30, 2004 12:43 PM

RE: [Declude.JunkMail] OT: Internet Usage Monitoring

PIX connected to WebSense connected to SQL(or MSDE) will accomplish this goal. -Original Message- From: Doug Anderson [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 30, 2004 12:52 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] OT: Internet Usage Monitoring web trends

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

One caveat to the suggestions is that many smaller sites now share the same IP with host headers. If you can't capture the domain used, this information will be lost in those instances. I'm not sure that there is a reliable way to convert IP's to domains on static sites either since all that

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

Yep...We use it with Kiwi for logging. Didn't give us everything we wanted though (for monitoring bandwidth needs of various servers), so we now use logging from managed switches instead. Darin. - Original Message - From: Todd Holt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent:

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

On 30 Mar 2004 at 12:43, Kevin Bilbee wrote: Here we *used* a product called LittleBrother. It would produce complete tracking reports for every user. Very complete. Simple to use. Not sure if it is still avail. We stopped using it because of privacy/union concerns. -Nick

RE: [Declude.JunkMail] OT: Internet Usage Monitoring

I am in the process of reviewing replacements for WebSense in our network (it is much too expensive for our small organization). I have found 2 products so far that show promise: Web Inspector from Zixcorp.com And Sentian at N2H2.com The former uses a pass-by model with packet spoofing to

RE: [Declude.JunkMail] OT: Internet Usage Monitoring

Yes it does log to a syslog server. And I am currently doing that. They do not like the format. This is from our Kiwi syslog 10.1.50.253 pixfirewall %PIX-5-304001: 68.123.166.135 Accessed URL 12.9.25.243:/diyguide.shtm Notice the Accessed URL it is an ip address not the host name. This is

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

What they want is a log of client ip and url including the host name. They also do not want to abandon the PIX. You might seriously want to consider putting up an HTTP proxy--transparent or standard. And though I'm not the type to blindly tout Unix-only stuff in Windows

Re: [Declude.JunkMail] OT: Internet Usage Monitoring

The Pix doesn't log the hostname...at least not the 515s we usually work withonly the IP address. Darin. - Original Message - From: Kevin Bilbee [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 30, 2004 5:47 PM Subject: RE: [Declude.JunkMail] OT: Internet Usage

RE: [Declude.JunkMail] OT: Internet Usage Monitoring

I called Cisco and the reason the 515s do not log the host name is because the pix does not look at the data in the packet(s) for the host header information Kind of usless as a url looger. Kevin Bilbee -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf

[Declude.JunkMail] Declude Logs / Whitelisting

1. I've been reviewing the log files and what is the meaning of the following log entries: 03/30/2004 00:08:28 Q0ecf080d00fe32c8 L2 Message OK 03/30/2004 18:30:27 Q111b18cd00a62426 L1 Message OK 2. How can you disable or adjust the score for disabling Bypassing whitelisting? Bypassing

Re: [Declude.JunkMail] Declude Logs / Whitelisting

1. I've been reviewing the log files and what is the meaning of the following log entries: 03/30/2004 00:08:28 Q0ecf080d00fe32c8 L2 Message OK 03/30/2004 18:30:27 Q111b18cd00a62426 L1 Message OK The L means a local recipient (incoming E-mail); an R means a remote recipient (outgoing). The

Re: [Declude.JunkMail] weird random .htm attachments

So you use something like like. BODY 10CONTAINS+ String.fromCharCode( - Original Message - From: Glenn Brooks [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 30, 2004 9:20 AM Subject: Re: [Declude.JunkMail] weird random .htm attachments so you do a body

[Declude.JunkMail] Error #183

Below is a log for a single email, the last line indicates that ther was an error # 183. I have checked and these files are still sitting in the spool directory, Virus scanning is excluding the following directories z:\IMAIL Z:\IMAIL\SPOOL Z:\IMAIL\SPOOL\VIRUS Any ideas as to other possible

Re: [Declude.JunkMail] Error #183

Try the following, assuming that you are running McAfee as your scanner: http://www.mail-archive.com/[EMAIL PROTECTED]/msg13155.html There are also other mentions of error #183 in the archive that may be of use. Matt Kornitz, David wrote: Below is a log for a single email, the last line

RE: [Declude.JunkMail] Error #183

Matt, Thanks, but I had already reviewed that series of postsI should also mention that the C:\temp and c:\windows\temp are also exclude from Virus Scanning. David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matt Sent: Tuesday, March 30,