On Tuesday, October 4, 2005, 2:07:10 PM, John wrote:
JTL Work on one thing at a time.
Good advice...
JTL Leave Sniffer in persistent mode and work on the threads.
JTL You have it at 15 now, and things are backing up. Turn it
JTL up to say 25 and see what happens.
I just want to add that
are experiencing a high rate of false
positives.
The cause of this particular error has been corrected and due to the
way our system learns it cannot be repeated.
I am very sorry for the confusion.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief
We are training some new folks... We had an issue where part of a tag
line used by yahoo was captured from an AFF spam. We discovered in
within a very short time and pulled the rule (we do very close review
when training). During that short time, unavoidably, some rulebases
would have been
That is the one. That rule is already gone.
Again, I apologize.
It is all fixed now.
Thanks,
_M
On Thursday, September 22, 2005, 12:29:27 AM, Matt wrote:
M Quick follow-up. The bad rule appears to be 497585.
M Matt
M Marc Catuogno wrote:
I'm seeing a few legit e-mails from Yahoo
On Monday, September 19, 2005, 9:21:53 AM, Bonno wrote:
BB Hi,
BB
BB Ok, I had auto update pretty much in the air. Seems all I
BB needed was a program alias that fired the script. ;-)
BB There's just one thing, I end up with alot of tmpID.tmp
BB files in my spool directory. Any way of
For You
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
JTL On
Behalf Of Pete McNeil
Sent: Tuesday, September 13, 2005 4:45 AM
To: John Tolmachoff (Lists)
Subject: Re[2]: [sniffer] False positive
I have your response in my sent folder.
I will send it again
We've been head-to-head with these guys for a while now. For example,
they have pioneered a new form of obfuscation that we have been
developing abstract rules for since their first campaign a few weeks
ago.
The obfuscation technique is BR column obfuscation which involves
using CSS float left
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
JTL On
Behalf Of Pete McNeil
Sent: Friday, September 09, 2005 5:08 AM
To: Ali Resting
Subject: Re: [sniffer] False positive
On Friday, September 9, 2005, 2:17:31 AM, Ali wrote:
AR Hi Peter,
AR I have submited 3
Here is another copy of my initial reply.
_M
On Friday, September 9, 2005, 2:17:31 AM, Ali wrote:
AR Hi Peter,
AR I have submited 3 email to [EMAIL PROTECTED] with all the required
AR fields as per you instaructions on the website, I have not received any
AR feedback whether this request has
On Friday, September 9, 2005, 2:17:31 AM, Ali wrote:
Apologies to the list... I intended to send those responses directly.
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
mail thru the server..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
Crossroads to a Cleaner Internet
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: Andy Schmidt sniffer@SortMonster.com
Sent: Monday, September 05, 2005 9:43 AM
On Wednesday, September 7, 2005, 9:55:16 PM, Keith wrote:
KJ Pete,
KJ Perfect. I will work on setting up this account for
KJ you. What email address can I use to send over the POP info?
Please send that or any private support correspondence to
[EMAIL PROTECTED]
Thanks!
_M
This
On Monday, September 5, 2005, 9:26:38 AM, Andy wrote:
AS http://www.vamsoft.com/orf/agentdefs.asp
AS
AS It says to contact vendor. Here I am G.
Yes indeed.
How may I help you?
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go
On Thursday, September 1, 2005, 9:12:17 AM, Rick wrote:
RR I'm using Sniffer with MXGuard, and Ipswitch Imail Server.
RR
RR For accounts who have auto-forwarding setup to transfer mail
RR to a remote mail account, I've noticed that they're transferring
RR all mail, including detectable
On Thursday, September 1, 2005, 10:54:12 AM, Joe wrote:
JW I'm not sure what this means.
JW Is SortMonster being acquired by ARM Research Labs? Vice versa? Just joint
JW venture?
ARM Research Labs is a joint venture between AppRiver and MicroNeil,
thus AR - from AppRiver and M - from
produced a new product for Exchange and
IIS/SMTP based systems (See: Assert!) and increased our rulebase
update rates by more than 40%.
Much more is on it's way soon so stay tuned!
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster
On Sunday, August 28, 2005, 9:02:05 AM, Serge wrote:
S Hi Pete
S Having problems with my downloaded files not testing ok since friday
S please check, and also let me know if my subscription expired
Nothing has changed on this side and your subscription is up to date.
Renewal time is 2005-11-08.
On Sunday, August 28, 2005, 9:27:51 AM, Palle wrote:
PNWHD Can everyone mail to your mailinglist ??? @ sniffer@SortMonster.com
PNWHD maby you should take a look at your security settings.
PNWHD (i guess everyone gets this message as well) :-)
The list is not open -- so you must send your
On Tuesday, August 23, 2005, 5:31:00 AM, Nick wrote:
NM It would be great if there were plans to introduce
NM Sniffer/MessageExchange to MailEnable (any plans Pete?!) as it's a
NM great simple-to-use mail server - and the entry level version is
NM free! However I would recommend SmarterMail for
On Friday, August 19, 2005, 11:22:32 AM, Jim wrote:
JM I'm not sure if this is related to sniffer or related to
JM Mdaemon, but just after the switch all sniffer update
JM notifications have the following headers visible in the message
JM body rather than hidden in the headers. I also am
On Friday, August 19, 2005, 12:53:39 PM, Jim wrote:
JM Pete,
JM The switch in question was from Imail to Mdaemon, so far so
I was almost hoping this was a switch to a new version of MDaemon
since this seems to be a new phenomena. Thanks for the data!
JM good other than a few misc bugs, I like
I'm pretty sure the rule that caused your trouble has been removed.
_M
On Thursday, August 4, 2005, 7:24:09 PM, Robert wrote:
RM After two attempts to email support and two attempts to
RM register a real false positive to [EMAIL PROTECTED], I would be
RM really grateful for some
We do respond to all false reports that are made to us if we can
properly identify the sender - and often even if that is not the case.
I will research this further and contact you off list.
Thanks,
_M
On Thursday, August 4, 2005, 7:24:09 PM, Robert wrote:
RM After two attempts to
After following through all of this and looking at the .stat file, I
think I see what's going on.
Now that it is running and producing a .stat file, the flow rate is
very low. According to the stat data, about 6 msgs / minute.
Note the poll and loop times are in the 450 - 550 ms range.
SNF with
(without the details of how sniffer works, I just wanted to be
DH sure).
DH Thanks, Pete.
DH Dan Horne
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil
Sent: Tuesday, August 02, 2005 4:09 PM
To: Dan Horne
Subject: Re[2]: [sniffer
On Friday, July 22, 2005, 7:17:48 PM, Andrew wrote:
Please send me another note with a few of these as attachments
snip/
CA Sure thing, Pete.
CA I think the formatting survived ok, and even took the time to review the
CA submission guideline on your support web page.
CA It looks like Tito's
On Thursday, July 21, 2005, 12:01:32 PM, Darin wrote:
DC I thought we were supposed to just forward these as attachments to the spam@
DC address?
We're trying to move away from that :-)
poping the messages is more scalable.
_M
This E-Mail came from the Message Sniffer mailing list. For
On Thursday, July 21, 2005, 1:12:18 PM, Dan wrote:
DH That helps to tune the overall rulebase, but this tunes MY rulebase to
DH the types of spam that we receive. If I send it to the spam@ address it
DH may or may not get added to the rulebase. Done this way, I KNOW it is
DH going to be added
at ;-)
Thanks!
_M
On Thursday, July 21, 2005, 3:04:50 PM, Darin wrote:
DC Hi Pete,
DC Ok. First I'd heard of it. Do you want us to change the process? If so let
DC me know how to proceed.
DC Darin.
DC - Original Message -
DC From: Pete McNeil [EMAIL PROTECTED]
DC To: Darin Cox sniffer
On Wednesday, July 20, 2005, 12:05:29 PM, John wrote:
JC Thanks, that helps a lot. Didn't understand the replace nonzero with the
JC weight number in the Global file.
Minor correction...
Actually -- you replace nonzero with the result code.
You adjust the weights at the end of the line as
On Tuesday, July 19, 2005, 9:34:58 AM, Jamie wrote:
JM For some reason my definitions are not in my ftp directory.
JM I can manually grab them from the http link.
JM Any help would be appreciated.
JM Jamie.
Thanks for the heads-up.
During the upgrade a step was missed in the FTP configuration.
On Tuesday, July 19, 2005, 3:04:28 PM, Chuck wrote:
CS Pete:
CS Could you post where to send notifications like false positives. I had that
CS info but I seem to have misplaced it.
For off-list support questions send your note to our support@ address.
Submit your false positives to our false@
From: Pete McNeil [EMAIL PROTECTED]
RF To: sniffer@sortmonster.com
RF Sent: Monday, July 11, 2005 8:54 AM
RF Subject: [sniffer] Update on outages etc...
Hello Sniffer Folks,
All of the critical equipment is now restored.
We also have some additional equipment we will be bringing online
over
that to change within the next 48 hours.
The outward results from the outage and the short staffing will be
that updates are slightly behind and that support may take a bit
longer than usual.
Sorry for any inconvenience. I will keep you posted :-)
Thanks,
_M
Pete McNeil (Madscientist
and we thank
you for your patience and understanding.
I will keep you posted on this list.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information
problems and we should be back up
to full speed some time this weekend.
Thanks again for your patience and support!
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list
.
The outage is so that we can move our servers to a new data center.
(Our colo provider is making upgrades :-)
This note is just for information purposes.
You don't need to take any actions.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster
and might be
interested in this then please invite them for us ;-)
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go
it with the string shdickow
preceeded by :)
Also, there are a pair of mime segments where the separators are
identical between each copy that I have seen so far.
I am uncertain what the payload may be -- the copies I have seen so
far _may_ be broken.
Good luck!
Thanks,
_M
Pete
Additional info (justifying the IP block rules just added):
http://www.senderbase.org/search?searchString=200.49.48.0%2F20
I wonder why nobody else is listing these IPs yet. Could we just be
the first? (This exercise has given me some ideas for new research
tasks-- :-) )
Interesting.
_M
On
there has been a significant
increase in spam volumes, that increase is significantly smaller
than the increase in new types and versions of spam being produced.
Just thought you'd like to know ;-)
Your comments and insights are welcome and encouraged as always!
Thanks,
_M
Pete McNeil
On Monday, June 6, 2005, 5:13:19 PM, Jim wrote:
JM Is anyone else seeing a huge rash of spam/virus messages in
JM the last hour or so? I have multiple users that are getting
JM messages that are forging our own addresses and have a link that
JM appears to go to our website but instead goes
On Monday, June 6, 2005, 5:50:38 PM, Dave wrote:
DK Same exact IP here!
We've got a couple of rules for this now -- making the rounds as new
compiles go out.
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
Message -
JM From: Pete McNeil [EMAIL PROTECTED]
JM To: Dave Koontz sniffer@SortMonster.com
JM Sent: Monday, June 06, 2005 3:00 PM
JM Subject: Re[2]: [sniffer] New Spam/Virus?
On Monday, June 6, 2005, 5:50:38 PM, Dave wrote:
DK Same exact IP here!
We've got a couple of rules for this now
-
DM From: Pete McNeil [EMAIL PROTECTED]
DM To: Dave Koontz sniffer@SortMonster.com
DM Sent: Monday, June 06, 2005 3:00 PM
DM Subject: Re[2]: [sniffer] New Spam/Virus?
On Monday, June 6, 2005, 5:50:38 PM, Dave wrote:
DK Same exact IP here!
We've got a couple of rules for this now
On Thursday, May 26, 2005, 3:05:45 PM, Jason wrote:
JP I have not downloaded anything. Do I down load the demo then enter an
JP authorization key?
Yes. Generally you start with the Demo rulebase and the current
distribution. Once you have that up and running you download your
registered
On Wednesday, May 25, 2005, 9:11:17 AM, Computer wrote:
CHS Dear Pete,
CHS In the past few days, it seems the amount of spam getting through has
CHS increased quite a bit. I am wondering if it is necessary to upgrade to the
CHS latest version of the Declude software. Do you think this would
On Tuesday, May 17, 2005, 1:27:25 PM, Jim wrote:
JM Is anyone else seeing a huge amount of spam increase over
JM the last couple days. Most is being caught by sniffer but the
JM overall number of messages especial foreign language spam messages
JM seems to be very high.
You are probably
On Tuesday, May 17, 2005, 1:44:30 PM, Jim wrote:
JM Pete,
JM Is there a possibility of setting up another return code for
JM situations such as this such as a blacklist rulecode that only has
JM rules for messages such as these that should be blacklisted
JM immediately. I wouldn't mind setting
On Tuesday, May 17, 2005, 2:57:44 PM, Jim wrote:
JM Thanks Pete, would you be able to provide the current false positive rates
JM for the return codes?
This is not something that we are formally capturing at present,
however anecdotally I can't recall the last time we had an FP
submitted for the
On Tuesday, May 17, 2005, 6:37:12 PM, Chuck wrote:
CS Can't seem to get a response on a major problem we are having.
Responded off list.
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
On Sunday, May 15, 2005, 8:07:30 PM, Computer wrote:
CHS Thanks for the info. That would explain why my questions were not replied
CHS too. Thought no one was checking. I will resume sending spam.
CHS Can you explain what you meant by: This is to prevent any kind of
social
CHS engineering
On Friday, May 13, 2005, 9:11:15 AM, Hosting wrote:
HS What's going on over there?
HS
HS Our FTP process has been failing since yesterday afternoon,
HS and when I go to the main website it prompts me for an ID and PW.
I'm not seeing a problem - I'm on the site right now in fact, and the
crew
On Friday, May 13, 2005, 10:31:57 AM, Daniel wrote:
DB Hello,
DB A lot of the email from the Message Sniffer list, gets marked as spam by
DB Message Sniffer! See attached.
That's weird. Can you send me the rule (SNF log snippet) off list at
our support@ address please?
Thanks,
_M
This
On Tuesday, May 10, 2005, 9:35:59 AM, Frederick wrote:
FS I am finding that most if not all email from Comcast senders are failing
FS Sniffer.
Please submit a false positive report to false@ and include matching
SNF log entries if possible.
Thanks,
_M
This E-Mail came from the Message
On Tuesday, May 10, 2005, 9:37:29 AM, Judy wrote:
JB Pete,
JB Can you send these kinds of emails to Hamed instead of me please.
JB thanks
I have changed your subscription.
Please note you can alter your sniffer@ list subscription at any time.
Information is on our help page:
will not
be effected. However, if you suspect that you do have the bad rule
in your rulebase you can temporarily eliminate the rule by adding
353039 to your Rule-panic entries in your configuration file.
The rule cannot be recreated once removed.
We are very sorry for the confusion.
Thanks,
_M
Pete
On Tuesday, May 10, 2005, 12:31:18 PM, Erik wrote:
E Pete,
E Is this in the beta/free release of Sniffer rules?
It may not be --- it's new enough that it may have been excluded from
the demo rulebase. To make sure you should make a quick scan of your
SNF log file for that rule number. In any
On Tuesday, May 10, 2005, 12:45:53 PM, Computer wrote:
CHS Mail from Comcast is still getting caught, even with the panic rule in
CHS place. Any suggestions?
* be sure you have updated rulbase.cfg
* be sure your entry is in the correct format. You will find examples
at the bottom of your .cfg
On Tuesday, May 10, 2005, 12:41:42 PM, Matt wrote:
M Warning!
M When you add a RulePanic entry and are running Sniffer in persistent
M mode, you have to restart the service for it to take effect.
You can also issue license.exe reload
snip/
M Pete, when you send out these notifications, would
On Monday, May 9, 2005, 7:40:00 PM, Chuck wrote:
CS I am all of a sudden having all of the mail from one of our hosted domains
CS fail the sniffer-phishing. The domain is srinternational.com - could you
CS please check on this. All of the emails are different - just from the same
CS domain.
On Tuesday, April 26, 2005, 6:25:38 PM, Frederick wrote:
FS Look what I got.
There has been some trouble with my mail server --- attacks and other
technical issues while I was on the road. I'm back now and I'm working
through it. Things _appear_ to be settling down.
Sorry for any confusion.
_M
On Sunday, April 24, 2005, 1:52:53 PM, Goran wrote:
GJ Hi,
GJ I think I am having a problem with my Declude log file numbers/stats and
GJ I want to try and figure it out. Last week my Sniffer hit rate went from
GJ SNIFFER6,699...64.78%
GJ To yesterday
GJ
On Wednesday, April 20, 2005, 1:15:37 PM, Jim wrote:
JM Pete,
JM Should we change the license info in the plugin.cfg file to match our
JM license info or should we wait to do so until the release version comes out?
Please go ahead and make the change. The current code is considered to
be
On Wednesday, April 20, 2005, 4:19:48 PM, Jim wrote:
JM Do you configure rules similar to in the previous versions, or by using this
JM as a plug in is there a GUI for configuration.
We configure the rulebase the same way we have in the past. Using the
plugin is not different from using the
On Wednesday, April 20, 2005, 3:36:14 PM, Dave wrote:
DK Pete, I've been using this plugin for the last couple of months and can say
DK it's been rock solid. Nice work!
DK One little feature request though would be to add an option to auto prune
DK the sniffer log file to so many days, or X
powerful!
Thanks for all your help!
Best,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http
On Wednesday, April 13, 2005, 1:16:29 PM, John wrote:
JTL I am seeing a lot of these get through
Can you be specific about these ? Please send me a sipped plaintext
or message file. (to [EMAIL PROTECTED])
Thanks,
_M
This E-Mail came from the Message Sniffer mailing list. For information
On Saturday, April 9, 2005, 1:27:51 PM, Rick wrote:
RH I have not had any messages from the list since the 3rd of March. What is
RH happening on the list?
The list has been very quiet.
I got your message twice - once from you directly and once from the
list. This seems correct based on your
On Saturday, April 9, 2005, 1:58:45 PM, Rick wrote:
RH Yes but that really seems strange when I was getting 4 to 10 messages every
RH day. Now I did not get any since the 3rd of March right after you announced
RH that there would be the outage? You may want to check into this closer.
I'm very
On Saturday, April 2, 2005, 1:07:56 PM, Andrew wrote:
CA Pete, your metaphors are wonderful.
:-)
snip/
CA If I remember correctly, the MaxPollTime was originally much lower. I
CA now use the full 4 seconds, but I don't know how often that's needed. I
CA easily see Declude processes taking
On Saturday, April 2, 2005, 4:09:31 PM, Jay wrote:
JSHNL Hello -
JSHNL I am reviewing your MDLP report at
JSHNL http://www.sortmonster.com/MDLP/MDLP-Example-Long.html, and find some
JSHNL tests that are seemingly quite effective that I'm not familiar with. If
JSHNL anyone has any informaiton
On Friday, April 1, 2005, 8:04:27 AM, Keith wrote:
KJ I have read forum results that this behavior is the reverse of
KJ what should happen, I should get a reduction in CPU. I did this
KJ around 11pm last night, usually during peak times this server
KJ would stay at 65% load. Is there anything I
On Friday, April 1, 2005, 11:44:07 AM, Keith wrote:
KJ Pete,
KJ Thanks for the reply.
KJ Running on an IBM Xseries 225 Dual Xeon 2.4Ghz w/ 1GB RAM -
KJ running IBM's ServerRAID 5i in IBM's RAID 10 config (4 73GB 10K drives)
KJ - O/S is Windows 2000 Standard Server SP4
KJ
On Friday, April 1, 2005, 3:37:33 PM, Keith wrote:
snip/
KJ pegged the CPU as you stated. We have batted around running BIND
KJ for NT/2000 on the local machine, but my fear was overhead of
KJ another major process running. I don't have any good stats on how
KJ much CPU/Memory BIND on an Imail
On Wednesday, March 30, 2005, 10:50:36 PM, Keith wrote:
KJ Pete,
KJThanks for the follow-up. I was monitoring the
KJ filename.persistent.stat file that yields stats as messages are
KJ processed. Is it normal for it to every now and then flash [File
KJ is Empty], thus no stats at all.
On Wednesday, March 30, 2005, 4:08:35 PM, Keith wrote:
KJ I noticed in the archives about a .cfg file one can configure for use
KJ when running Persistent sniffer. How do you download it or obtain it?
KJ Thanks for the aid.
You can find a sample .cfg file in the latest distribution. If you
On Monday, March 28, 2005, 2:09:52 PM, Heimir wrote:
HE Anyway that sniffer could trigger on this type of stuff?
snip/
Yes. The bad news is that this stuff is highly variable and so more of
it gets through than we would like. The good news is that we are
developing filters to deal with it by
On Thursday, March 24, 2005, 11:00:56 AM, Scott wrote:
SF A question:
SF
SF If I have the same spam sent to multiple recipients, should
SF I be submitting more than one copy to [EMAIL PROTECTED]
If you mean there are multiple recipients in the SMTP envelope then we
only need one copy.
If
On Wednesday, March 23, 2005, 6:04:10 PM, Darrell wrote:
Dsic Pete,
Dsic Doesnt Sniffer have a certain level of support for regex's? I know we
have
Dsic had good luck with regex's like this which catch obfuscation techniques
with
Dsic viagra with Declude. We found it easier to use regex's
On Tuesday, March 22, 2005, 8:31:07 PM, Andrew wrote:
snip/
CA How many times have we all been frustrated that a piece of spam ending
CA up in *OUR* mailbox that was s close in content to spam we whacked
CA yesterday?
CA I thought the top n obfuscations might be interesting to look at, and
On Wednesday, March 16, 2005, 9:01:34 AM, Nick wrote:
NM Pete
NM OK, I now have much more information on this problem with
NM Declude/Sniffer/SmarterMail.
NM It seems the current version of Declude does not have an Overflow Directory
NM for SmarterMail, which therefore allows unlimited Declude
On Wednesday, March 16, 2005, 2:05:00 PM, Goran wrote:
GJ OK that is for hardware level RAID. I had thought that you would offset
GJ the extra processing time by being able to write less to each drive.
GJ Now does anyone know how much overhead Windows 2000/2003 software RAID 1
GJ on dynamic
On Tuesday, March 15, 2005, 1:36:31 PM, Rick wrote:
RH All of a sudden today Sniffer has started taking emails sent between users
RH within a single domain and putting them in our hold system. Any ideas why
RH this might happen and also how I can add a rule so that does not become a
RH problem on
On Monday, March 14, 2005, 12:47:33 PM, Nick wrote:
NM Hi there
NM We've just undergone a migration of a 1,000 domain iMail server to
NM SmarterMail (for obvious reasons!), and using Declude and Sniffer on the new
NM system.
NM However, occasionally we see Sniffer jumping out of its perpetual
On Thursday, March 10, 2005, 9:45:11 AM, Mike wrote:
MW When I send messages to the [EMAIL PROTECTED] Can I send these as
attachments. I
MW use outlook and SpamSource http://www.daesoft.com to send to both spamcop
MW and sortmonster. I think you said at one time they had to be individual
MW
On Wednesday, March 9, 2005, 2:59:24 PM, Jonathan wrote:
JS I currently forward all spam from my email account can I add
JS a second address that will be able to forward spam as well?
JS
Yes. You can forward spam from any account you wish. Spam submissions
are considered anonymous and suspect
On Monday, March 7, 2005, 3:13:40 PM, Phillip wrote:
PC I have been running the demo version of sniffer for about a month or so to
PC try it out before we buy it and have a few questions.
PC 1. Right now all of the spam is going into a directory called spam, since I
PC am getting about 12,000
On Monday, March 7, 2005, 6:40:52 PM, Frederick wrote:
FS I am seeing a large amount of SPAM Pass Sniffer today.
FS Am I alone.
I didn't see this. According to MDLP the first half of the day (at
least) was right in the normal range - about 98.5% of spam captured.
On Monday, March 7, 2005, 7:00:40 PM, Frederick wrote:
FS No errors. Just SPAM showing as clean.
Be sure to forward / redirect them to the spam@ address if you haven't
already. I'll be making another run in an hour or so - I'll look
closely at anything that doesn't get tagged on the way to me.
our web site,
uploading logs or downloading rulebases if this happens during one
of these short outages.
We apologize in advance for any inconvenience.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
On Saturday, February 19, 2005, 4:38:41 AM, Pete wrote:
PM On Saturday, February 19, 2005, 1:20:39 AM, ron wrote:
rdc Hi folks,
rdc I think I have ended up on some sort of private email list. Can you please
rdc remove [EMAIL PROTECTED] and [EMAIL PROTECTED] from your mail list.
PM I found and
On Saturday, February 19, 2005, 11:19:32 AM, Keith wrote:
KJ Is there a easy way to determine the Sniffer version you are
KJ running (i.e. command line or the like)? Thanks for the aid.
If you run the SNF executable on the command line by itself it will
tell you the version and build
On Saturday, February 19, 2005, 1:28:14 PM, Dave wrote:
DK I am all in favor of a SUPPORT list to announce timely
DK notifications of problems. solutions and/or changes to your
DK product or services. However, the threads Ive been seeing here
DK lately are 'iMail' specific or involve theoretical
On Saturday, February 19, 2005, 2:05:09 PM, Matt wrote:
M Pete,
M Being guilty of being 'chatty' myself, I still second this idea. I
M would much prefer to pick through an occasional message dealling with
M global announcements regarding the service than picking through both
M discussions as
On Friday, February 18, 2005, 12:43:14 PM, Computer wrote:
CHS Hi Sniffer Folks,
CHS
CHS Here's an interesting article:
CHS http://www.technewsworld.com/story/39578.html
I think this is a rehash of a story that showed up a few weeks ago.
One of the advantages of SNF is that it doesn't use
Hello sniffer,
Will anyone who is not still alive please raise your hand
anyone?
All joking aside: We are finished with all of the heavy parts of our
move now and as far as I can tell everything important is working as
it should.
Please let us know how we did.
Thanks,
_M
Pete
in the face of any
kind of temporary interruption. At most you might see a slight
increase in spam leakage if/when rulebase updates are delayed.
---
Thanks to all of you for your support and patience.
See you on the other side ;-)
Thanks,
_M
Pete McNeil (Madscientist)
President
On Thursday, February 10, 2005, 12:35:24 PM, Marc wrote:
MC Is it just me or are all the lists (Imail, Declude V and JM and this one
MC offline??)
It's just you :-)
It's just quiet.
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription
601 - 700 of 922 matches
Mail list logo
