Don't know about the proper syntax for baregrep, but for the standard UNIX
grep for Win32, the following would give you an accurate count:
grep -c Final.*828931 c:\imail\declude\sniffer\logfile.log
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of
Agree wholeheartedly!
Bill
From: Dean Lawrence [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 27, 2005 2:18 PMTo:
sniffer@SortMonster.comSubject: Re: Re[2]: [sniffer] Last chance to
renew at the old price!
You know, I just don't get where all of the doom and gloom comes from. Yes,
it
Thomas, if your company cannot afford the rather small monetary increase,
and you are running that close to the edge, then maybe you should not be in
business. I for one am glad to hear the SNF is adding resources and has
mapped out a list of future feature enhancements. Please quit your
We do exactly this at our Postfix gateways, it's called greylisting. See
http://isg.ee.ethz.ch/tools/postgrey/. You may want to consider setting up
a gateway in front of your IMail server that supports greylisting.
Bill
-Original Message-
From: Mike Nice [mailto:[EMAIL PROTECTED]
Have you checked out ImailSnifferUpdateTools.zip?
It contains detailed instructions and can be downloaded from http://www.sortmonster.com/MessageSniffer/Help/AutomatingUpdatesHelp.html
Bill
From: Glenn \ WCNet [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 15, 2005 12:43 PMTo:
Strange, the script does not leave any temp files in my spool directory.
Bill
-Original Message-
From: George Kulman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 15, 2005 2:55 PM
To: sniffer@SortMonster.com
Subject: RE: [sniffer] Auto Sniffer Updates
There seemed to be a problem
Did you happen to comment out or not change either of the following
variables in your script to point to the correct drive\directory paths?:
SET SnifferDrive=c:
SET SnifferDir=c:\imail\declude\sniffer
Which cause the calls to these variables later in the script's execution to
fail:
My only suggestion for QM is to disable DNS Cache and Failed Domain
Skipping, both of these caused problems for me in the early 8.xx versions,
so I have just left them off.
As far a the thread settings, that really depends on how many messages you
process per day. You may find some guidance in
Hmmm, a day and a half later this shows up on the list...???
Bill
-Original Message-
From: Landry William
Sent: Saturday, January 29, 2005 6:51 PM
To: sniffer@SortMonster.com
Subject: RE: [sniffer] Spam Storm Alert...
My only suggestion for QM is to disable DNS Cache and Failed Domain
Well, after a second look (reviewing the headers), it looks like the message
got hung-up in the convoluted mess of internal mail gateways that Siemens
maintains (which I have no control over). Sorry for the noise...!
Bill
-Original Message-
From: Landry William
Sent: Monday, January
Thanks Pete, these are the kind of proactive notification I wish some of our
other vendors followed.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 04, 2005 1:35 PM
To: sniffer@SortMonster.com
Subject: [sniffer] Weak rule removal work...
Yep, just checked mine rulebase too, went from 17mb to just under 25mb.
Things still appear to be functioning okay.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 04, 2005 9:49 PM
To: Computer House Support
Subject: Re[2]: [sniffer] RuleBase
Bennie, I will send you my updated scripts and a couple of necessary
open-source utilities off-list (hopefully you can receive zipped executable
files - let me know if you don't receive my off-list message).
Also, as Pete mentioned, we have had some discussion on the list the past
couple of days
will also continue to receive the notifications where ever you were
getting them before.
Woody Fussell
Wilbur Smith Associates
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Tuesday, December 28, 2004 9:08 PM
To: 'sniffer@SortMonster.com
: [sniffer] Triggered rulebase update instructions
I agree on the simplicity, just thought it would be a bonus not to involve
sortmonster with the address changes.
Woody
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Wednesday, December 29
Attached is an updated instructions file to fix some typos and missed
information. I'll send out another update after receiving feedback from
others.
Bill
---
This message and any included attachments are from
Title: Message
Thanks
for all of the suggestions, Matt. See my comments
below:
-Original Message-From: Matt
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 28, 2004 10:17
PMTo: sniffer@SortMonster.comSubject: Re: [sniffer]
Triggered rulebase update instructionsBill,I
Title: Message
John,
since you have not implemented a trigger program alias yet, would you be willing
to test the setup instructions and provide feedback?
Bill
-Original Message-From:
John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED] Sent:
Tuesday, December 28, 2004 10:30 PMTo:
-From: [EMAIL PROTECTED]
[EMAIL PROTECTED]To:
Landry William sniffer@SortMonster.comSent:
Mon Dec 27 12:36:06 2004Subject: Re[2]: [sniffer] Sniffer
UpdatesOn Monday, December 27, 2004, 12:46:19 PM, Landry
wrote:LW Are folks taking advantage of the "wget"
c
Curl is an awesome application that we also use for automating downloads.
Wget also supports conditional downloads based on time/date stamp when
using the -N switch. In ether case, please also use the compression support
built into each application, the sniffer rulebase files can be compressed
Title: Message
-Original Message-From:
Chris Ulrich [mailto:[EMAIL PROTECTED]]
OK, being a new (and very happy) customer ...
For example, we will be introducing rules that watch for
bounces that contain large numbers of failed addresses -
indicating a probable dictionary attack /
Title: Sniffer rulebase download server down?
Pete, I am no longer able to download my rulebase files on either of our Sniffer servers. When I execute my download script, I immediately get:
gzip: LicenseID.new.gz: unexpected end of file
Is the rulebase download server down? Thanks for
So far so good...
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 12:28 PM
To: [EMAIL PROTECTED]
Subject: [sniffer] How are folks doing with the latest version?
Hello Sniffer Folks,
I am curious to know how many folks have been
Of Landry William
Sent: Monday, November 01, 2004 02:15 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [sniffer] Persistent Server setup with SrvAny Resource Kit tool
Hmmm, that's strange, since I use SrvAny, as well. And it has worked with
all Sniffer updates since the first persistent version
See http://support.microsoft.com/default.aspx?scid=kb;en-us;137890 for
simplified instructions.
Bill
-Original Message-
From: Andy Schmidt [mailto:[EMAIL PROTECTED]
Sent: Monday, November 01, 2004 6:26 AM
To: 'Keith Johnson'
Subject: RE: [sniffer] Your Sniffer Setup
Hi Keith,
It's
201 934-9206
http://www.HM-Software.com/
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Monday, November 01, 2004 11:03 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [sniffer] Your Sniffer Setup
See http://support.microsoft.com
Hmmm, that's strange, since I use SrvAny, as well. And it has worked with
all Sniffer updates since the first persistent version was released. Also,
my Parameters registry entry does not look anything like yours:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sniffer\Parameters]
Sure, executing the script via the e-mail notification would work fine.
However, in that case you will not really need to test that the rulebase
file has changed, so you could remove the -N switch from the wget line.
Bill
-Original Message-
From: Sheldon Koehler [mailto:[EMAIL
Here is what I've been using for several months now, compiled from the
original Sniffer autosnf.cmd file and suggestions found on this list:
=
rem First, get the updated rules file from the web site.
wget -N http://www.sortmonster.net/Sniffer/Updates/rulebase.snf -O
rulebase.new.gz
It should be included in the zip/gzip file you downloaded.
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 28, 2004 3:28 PM
To: Pete McNeil
Subject: Re[5]: [sniffer] Version 2-3.1 Official Release
Hi,
I have no .cfg in the sniffer
This is from Pete's message of 10/14/2004, announcing Version 2-3.0i5 to the
Sniffer list:
MDaemon users should see a significant improvement in performance.
Please let me know if this is true. The reason is that since most
MDaemon system integrate Message Sniffer through the content
It works for me.
Bill
-Original Message-
From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 12, 2004 9:16 AM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] New beta v2-3.0i4
Link not working
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To:
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
I've actually been thinking very strongly of reorganizing the rule group IDs
recently. Especially in light of the new changes we've made with robots et
al. The accuracy of the Experimental IP group has gone up considerably -
Title: Sniffer misses NIGERIAN type spams
Pete, I am wondering why Sniffer has such a problem detecting the so-called NIGERIAN types of spam. It seems that I have been forwarding several of them daily to the spam@ address for weeks, but Sniffer still consistently misses them. There must be
Title: Increase in FPs
I have seen a fairly substantial increase on false positives today. I have submitted several FPs to the false@ address. Has there been a big change in the core rulebase today? I wouldn't think that upgrading to the new code this morning would cause this, would it?
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
LW I have seen a fairly substantial increase on false positives today.
LW I have submitted several FPs to the false@ address. Has there been
LW a big change in the core rulebase today? I wouldn't think that
LW upgrading to
It's an orphan, you can safely delete it.
Bill
-Original Message-
From: Keith Johnson [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 10:29 AM
To: [EMAIL PROTECTED]
Subject: [sniffer] FIN File
I found a .fin file in my sniffer directory and didn't know if anyone
knew what it
That's strange, our Exchange server does not strip off any of the Declude
headers.
Bill
-Original Message-
From: John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 11:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Re[6]: [sniffer] Effectiveness (lately)
Should I
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
LW Pete, I put together a little script that modifies the Q*.SMD file
LW for identified spam messages that were held in my spam directory,
LW but were not tagged by Sniffer, and can forward a copy of these
LW messages to your
Here is a sample of what I use:
=
SNIFFER-TRAVEL external 047
M:\IMail\Declude\TPA\Sniffer\YourLicenseID.exe YourAuthCode 05 0
SNIFFER-INSURANCE external 048
M:\IMail\Declude\TPA\Sniffer\YourLicenseID.exe YourAuthCode 10 0
SNIFFER-AV-PUSH external 049
Pete, am I correct in assuming that the configuration file (snfrv2r3.cfg)
should also be renamed for your license ID, as well?
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Monday, May 10, 2004 2:08 AM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message
Thanks Pete! One other question. I am now downloading my rulebase files as
.gz files (much faster downloads now). Are you prepared to receive our log
file uploads either zipped or gzipped?
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 09, 2004
It seems to be working fine for me. I have it running as a service, per
Matt's instructions using the W2K resource kit files, and it has been
running fine all day.
Bill
-Original Message-
From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 5:10 PM
To: [EMAIL
]
Sent: Sunday, May 09, 2004 7:32 PM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
I am having problems getting it started from the command prompt.
- Original Message -
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday
!
When I do it the window pop-up is blank
- Original Message -
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 10:59 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!
Fredrick, I stopped the Sniffer service and tested from
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
Is this by design
- Original Message -
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 11:08 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official
Title: Message
ClamAV
works very well, and is lightening fast when run daemonized
(clamd).It's also hard to beat the price! I run is along with
F-Prot and McAfee's uvscan, and Clam seems to keep up with the commercial
scanners as far as virus updates.
Bill
-Original
47 matches
Mail list logo
