Anyone else seeing a sudden increase in FPs?
We normally report a few each day, but we're seeing a 10x increase in FPs for
the past three days.
Darin.
Hi Darin;
Not seeing a lot of false pos messages, but there are lots of spam
messages sneaking through our system because declude is not modifying
the header correctly. It is adding a header stub to the bottom of the
message so that users mail client filters which look for the modified
We see this occasionallywith Declude
1.82. What version are you running?
Darin.
- Original Message -
From: Herb Guenther
To: Message Sniffer Community
Sent: Monday, October 16, 2006 5:35 PM
Subject: [sniffer] Re: Significant increase in false
positives
Hi Darin;Not seeing a lot
Not sure, this is what my declude diags.txt says
Declude 4.1.0 Diagnostics
Compilation Platform: SmarterMail
Copyright (c) 2000-2005 Declude, Inc.
Herb
Darin Cox wrote:
We see this occasionallywith
Declude 1.82. What version are you running?
Darin.
-
Original Message
That's been a problem for a long time, but for us, it still
treats that e-mail as spam, with the appropriate weight. 100% of the time
if Declude does that, the e-mail is beyond our delete
weight.
Rob
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Herb
Ping them on the Declude list for the lack of
response, and CC David Barker for a response. He seem tobe the best
means ot getting results these days.
What version are you running? Understandably
you'll only get a response if you're running the latest 3.x or 4.x, as older
versions are no
Ahh... good. The first thing they'll probably
tell you is to update to the latest 4.x version, see if the problem persists,
then re-report it.
Darin.
- Original Message -
From: Herb Guenther
To: Message Sniffer Community
Sent: Monday, October 16, 2006 5:51 PM
Subject: [sniffer]
For us, it doesn't calculate the proper weight when
this happens, and only acts on the weight seen in the topmost headers. One
of these years I'll finally exercise the right to use our 4.x license, I just
don't have time for new problems at this point.
Darin.
- Original Message -
Anyone having issues getting email to Yahoo
today?
Thanks,
Bill Foresman
Matrosity Hosting
www.matrosity.com
850.656.2644
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Darin CoxSent:
Monday, October 16, 2006 6:15 PMTo: Message Sniffer
CommunitySubject:
We're
seeing it with the latest and greatest gateway
version.
Again, not a problem. Since it's above our
delete weight, always, we just delete them. Users never see
them.
Rob
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Darin CoxSent:
Monday, October 16,
Since we have almost all business users and they do a lot of intl biz
we just mark the subject as "Probable SPAM:" so no email is deleted.
Oh well, I am off topic anyway, thanks for the feedback all.
Herb
Robert Grosshandler wrote:
That's been a problem for a long
time, but for us,
Me either, I guess I will have to call them in the AM as it seems to be
a general problem. As an aside, I am largely happy with the product
but this one has been a long term issue and seems from my experience to
be getting exploited by spammers.
Andy Schmidt wrote:
What's the magic
Hello Darin,
Monday, October 16, 2006, 5:17:26 PM, you wrote:
Anyone else seeing a sudden increase in FPs? We normally report a few each day, but we're seeing a 10x increase in FPs for the past three days.
Not sure if this is it, but there was an image segment rule that went in
Hi Pete,
I haven't looked at the Sniffer logs, as cross
referencing from the Declude logs is a bit of a pain, but many of the FPs did
have images, so that probably accounts for most of them if it was an
Experimental rule.
Darin.
- Original Message -
From: Pete McNeil
To: Message
Pete,
Would you please clarify this a bit. Declude of course doesn't record
the rule in the headers, so this is difficult to figure out. Knowing
the pattern may help identify the problematic messages. Also knowing
the start time and end time of the rule would also help.
I would be nice too
Hello Matt,
Monday, October 16, 2006, 10:03:04 PM, you wrote:
Pete,
Would you please clarify this a bit. Declude of course doesn't record the rule in the headers, so this is difficult to figure out. Knowing the pattern may help identify the problematic messages. Also knowing the start
Hi Matt,
I know Pete has requested this in the past, but
Declude hasn't been willing to make the change necessary for this to make it in
the headers. But I totally agree with you, I'd love to see this in the
headers so tracking down the rule isn't such a pain.
Darin.
- Original
Hi Pete,
Can you clarify what this .xhdr option is and how
we can enable it? I don't remember anything inthe
documentationthat describes it. I think there were references to the
config file previously, but there was never anything about it in mine. If
you could give an example of how to
There is no doubt that having Declude handle xhdr files would be
optimal. I might add that an option to exclude the header on non-hits
would also be wise. David Barker appears open to some feature requests
of late, and I would think that you could make this happen. Not
everyone has capacity
19 matches
Mail list logo
