Hi,
Is there anyone else who would like to see Message Sniffer incorporated
into Amavis-new? This would be a great addition to my IMGate - Postfix
mail gateway. Currently I use message sniffer on my Imail box but would
like to offload that server and do the sniffing before the mail hits
Imail.
Harry,
(please don't post your entire license code to a public
list.)
regarding the reliability of sniffer we should know that
errors sometimes can happen, even at sniffer-side after they've worked for years
now very relaible. I don't expect that such errors will happen now more
often.
thank you
Sorry for the licence goof. Just finished 4 hours
going through spam
Harry Vanderzand inTown Internet Computer Services 519-741-1222
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Markus
GuflerSent: Wednesday, February 08, 2006 10:48 AMTo:
I have an idea. These problems seem to stem
mostly from changes in the methods of handling rulebase updates.
We were lucky enough not to be affected with the
latest rule issue, but the previous one made for a very long day
andsomedisgruntled customers.
Would it be feasible to announce in
If I understand right you mean that if "experimental" rules
are introduced you want to know about and so temporaly disable ruelbase updates
on you server.
As I know Sniffer has a much smarter way for doing this.
They introduce experimental rules in a separate category (sniffer-exp) and look
On Wednesday, February 8, 2006, 10:59:09 AM, Darin wrote:
DC I have an idea. These problems seem to stem mostly from changes
DC in the methods of handling rulebase updates.
snip/
DC Would it be feasible to announce in advance when such changes
DC are to be implemented? With advance notice
There was no error in my comment. I completely understand that some issues
will not be foreseeable... I did say mostly, not entirely. The switch to
the automated bots caused a rash of false positives in our system. I'm not
pointing fingers, but instead want to make sure I have the ability to
What is the correct Sniffer string in Declude Global.cfg
file.
SNIFFER external nonzero d:\imail\declude\sniffer\sniffer.exe
code12
0
of
SNIFFER external nonzero d:\imail\declude\sniffer\sniffer.exe
code10
0
Thanks
Filippo
On Wednesday, February 8, 2006, 11:06:07 AM, Markus wrote:
MG If a experimental rule showed to be reliable they move them in
MG the appropriate category (rich, fraud,...)
MG
MG
MG
MG I'm not sure about this but I think it's so and so it shouldn't
MG be necessary to do something like
On Wednesday, February 8, 2006, 11:19:52 AM, Andy wrote:
AS Pete,
AS The only idea I came up with, would be to have ALL new rules go into a 6
AS hour proving category (=return code) before they are moved into their
AS final category.
AS By using Sniffer return codes, folks could decide to trust
Is there anyone else who would like to see Message Sniffer
incorporated into Amavis-new? This would be a great addition
to my IMGate - Postfix mail gateway. Currently I use message
sniffer on my Imail box but would like to offload that server
and do the sniffing before the mail hits
Does not require spamassassin or amavis. You can do it just with postfix.
DustyC
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Craig Deal
Sent: Wednesday, February 08, 2006 10:41 AM
To: sniffer@SortMonster.com
Subject: RE: [sniffer] Message sniffer in
On Wednesday, February 8, 2006, 11:26:46 AM, Darin wrote:
DC There was no error in my comment. I completely understand that some issues
DC will not be foreseeable... I did say mostly, not entirely. The switch to
DC the automated bots caused a rash of false positives in our system.
snip/
Does not require spamassassin or amavis. You can do it just
with postfix.
DustyC
True, but he wanted it to work with amavisd-new. Less risk of a false
positive if its part of a weighted system.
Craig
This E-Mail came from the Message Sniffer mailing list. For information and
Correct, the weighted system that amavis uses would be better in my
situation. Having said that I am going to try DustyC's method put the
spam in the users junk folder (still using the weighted system). Do you
have the problem of the user's junk mail using up their mail box quota?
Jacques
Perhaps I used the wrong terminology about what changed, since I do not know
what your system architecture is, but I remember you mentioning a
significant change at the time. Immediately afterwards we saw a rash of
false positives. That is what I would like to have controls in place to
avoid.
It was actually simple. And I have the update process automated too. We
did have a little issue where we had to run sniffer under bash shell on our
FreeBSD box but that was resolved quickly.
I am running one box with sniffer on it. All the external gateways send
their inbound mail to this box
On Wednesday, February 8, 2006, 12:34:44 PM, Darin wrote:
DC Perhaps I used the wrong terminology about what changed, since I do not know
DC what your system architecture is, but I remember you mentioning a
DC significant change at the time. Immediately afterwards we saw a rash of
DC false
I am using a smtp proxy called Ewall with Message Sniffer.
I just checked inside the Ewall folders and found one named TEMP where I
found tens of thousands of files with the .xhdr extension.
What are these? Are they needed? Why are they in the ewall directory and not
the message sniffer
On Wednesday, February 8, 2006, 12:54:56 PM, David wrote:
DP I am using a smtp proxy called Ewall with Message Sniffer.
DP I just checked inside the Ewall folders and found one named TEMP where I
DP found tens of thousands of files with the .xhdr extension.
DP What are these? Are they needed?
On Wednesday, February 8, 2006, 1:32:05 PM, David wrote:
The .xhdr files are created by SNF and can be turned off in SNF's .cfg
file. They contain text that could be added to the headers of the
message to help debug false positives and/or to trigger other
filtering systems.
DP Well I see
I am not running Declude. I am just using the filters in Imail to push it
in their junk mail. Depends on ones requirements. We were spending 6-8 man
hours per day dealing with spam. Now we just let the users decide.
Dusty
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
Jacques,
I am pretty sure that you would also need to install SpamAssassin in order
to get Sniffer to work. I do not believe that there is any way to plug
Sniffer into Amavis-new directly, nor would you necessarily want it to.
William Van Hefner
Network Administrator
Vantek Communications, Inc.
Wednesday, February 8, 2006, 11:19:52 AM, you wrote:
AS The only idea I came up with, would be to have ALL new rules go into a 6
AS hour proving category (=return code) before they are moved into their
AS final category.
AS By using Sniffer return codes, folks could decide to trust the
24 matches
Mail list logo