Has something happened lately (in the last 24-48 hours).
Normally, I get small amounts (less than 10 a day) of spam that fail to
be detected by my combination of Message Sniffer and Spam Assasin (most
of the times Message Sniffer is the one that get all the messages that
Spam Assasin fail to det
On Thursday, July 29, 2004, 10:42:40 AM, Jorge wrote:
JA> Has something happened lately (in the last 24-48 hours).
Nothing significant that I can see except for a higher than usual
spike in spam through the evening hours last night.
JA> Normally, I get small amounts (less than 10 a day) of spam
I have also noticed an increase in the amount of spam that got through,
mainly on gatewayed domains. I did forward a bunch in the last 18 hours,
hopefully that will help.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EM
On Thursday, July 29, 2004, 11:48:58 AM, John wrote:
JTL> I have also noticed an increase in the amount of spam that got through,
JTL> mainly on gatewayed domains. I did forward a bunch in the last 18 hours,
JTL> hopefully that will help.
What's interesting is that we're not seeing the increase i
To Pete, et al
FYI, we monitor our mail sever and spam filtering pretty closely, and we
have not noticed any increase in spam getting through lately. All seems
normal here.
Michael Stein
Computer House
www.computerhouse.com
- Original Message -
From: "Pete McNeil" <[EMAIL PROTECTED]>
By examples, you do mean names or types of client?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
> Behalf Of Pete McNeil
> Sent: Thursday, July 29, 2004 8:50 AM
> To: John Tolmachoff (Lists)
> Subje
On Thursday, July 29, 2004, 11:58:45 AM, Computer wrote:
CHS> To Pete, et al
CHS> FYI, we monitor our mail sever and spam filtering pretty closely, and we
CHS> have not noticed any increase in spam getting through lately. All seems
CHS> normal here.
That news is helpful, good, and bad.
Helpful
Let's try both - we don't know what we're looking for yet.
Feel free to send them off list if you wish.
Thanks,
_M
On Thursday, July 29, 2004, 12:06:25 PM, John wrote:
JTL> By examples, you do mean names or types of client?
JTL> John Tolmachoff
JTL> Engineer/Consultant/Owner
JTL> eServices For Y
p7ehr11u20040729151948 D158b005f017cd629.SMD 203 0
Clean 0 0 0 146136
Here is the sniffer log file for the attached message that did not get
caught.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PRO
On Thursday, July 29, 2004, 12:21:53 PM, John wrote:
JTL> p7ehr11u 20040729151948 D158b005f017cd629.SMD 203 0
JTL> Clean 0 0 0 146136
JTL> Here is the sniffer log file for the attached message that did not get
JTL> caught.
You may simply not have this rule yet
Would the new attached fall under the same rule?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
> Behalf Of Pete McNeil
> Sent: Thursday, July 29, 2004 9:56 AM
> To: John Tolmachoff (Lists)
> Subject:
I found a .fin file in my sniffer directory and didn't know if anyone
knew what it was and how it is produced. It is dated several days ago.
Thanks for the aid.
Keith
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sort
It's an orphan, you can safely delete it.
Bill
-Original Message-
From: Keith Johnson [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 10:29 AM
To: [EMAIL PROTECTED]
Subject: [sniffer] FIN File
I found a .fin file in my sniffer directory and didn't know if anyone
knew what it wa
On Thursday, July 29, 2004, 1:23:11 PM, John wrote:
JTL> Would the new attached fall under the same rule?
Yes. It looks like the same domain is involved.
I've launched a compile of your rulebase - you should be updated very
quickly.
In this case it seems that you started receiving these a few da
On Thursday, July 29, 2004, 1:28:45 PM, Keith wrote:
KJ> I found a .fin file in my sniffer directory and didn't know if anyone
KJ> knew what it was and how it is produced. It is dated several days ago.
KJ> Thanks for the aid.
An orphaned .FIN file represents a message scan that was completed by
Should I continue to forward spam that is not caught then?
I problem I have, is on the gatewayed domains, which are running Exchange,
Exchange strips out the Header that Declude puts in, making it difficult to
see what happened and caught by what tests.
John Tolmachoff
Engineer/Consultant/Owner
e
On Thursday, July 29, 2004, 2:52:07 PM, John wrote:
JTL> Should I continue to forward spam that is not caught then?
Always send spam that is not captured to [EMAIL PROTECTED]
If these keep coming through even after your update then we need to
hunt for why they are not being tagged...
If you fin
That's strange, our Exchange server does not strip off any of the Declude
headers.
Bill
-Original Message-
From: John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 11:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Re[6]: [sniffer] Effectiveness (lately)
Should I
Let me clarify. On the spam that is gotten through, but is to a non-existent
user, which then Exchange creates a NDR and attaches the spam to it, of
which I get a copy of the NDR, if I look at the headers of that spam message
that is now attached to the NDR, the header lines for all other servers a
Hi
I have Alt-N MDaemon 7.1.2 Installed with Message Sniffer. I get any users
who find that they have spam in their folder to move it to a public folder
called 'Missed Spam'.
How can I automatically get MDaemon to send these messages to SortMonster?
Thanks
Tom Norton
Network Manager - Taunton
> Let me clarify. On the spam that is gotten through, but is to a
> non-existent user, which then Exchange creates a NDR and attaches
> the spam to it, of which I get a copy of the NDR, if I look at the
> headers of that spam message that is now attached to the NDR, the
> header lines
That is besides the point.
Any yes, I am going to be implementing that as soon as I have the time too.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
> Behalf Of Sanford Whiteman
> Sent: Thursday,
I have Alt-N MDaemon 7.1.2 Installed with Message Sniffer. I get any users
who find that they have spam in their folder to move it to a public folder
called 'Missed Spam'.
You might want to ask this instead on the Alt-N's mailing lists... you
don't have to be specific. Just ask if it's possi
23 matches
Mail list logo