Hello Darin,
Wednesday, June 7, 2006, 7:31:29 AM, you wrote:
The one issue with this I have is
1) Forward full original source to Sniffer with license code.
If we could do it without the license code, it would be much
easier to automate on our end. I already have a
McNeil [EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Wednesday, June 07, 2006 8:25 AM
Subject: [sniffer]Re[2]: [sniffer]FP suggestions
Hello Darin,
Wednesday, June 7, 2006, 7:31:29 AM, you wrote:
The one issue with this I have is
1) Forward full original
Hello Darin,
Wednesday, June 7, 2006, 8:44:26 AM, you wrote:
Hi Pete,
Can I interpret this as email address and matching source IP are sufficient
if the correct email address is used to submit?
Yes.
If not, do you have any suggestions on how you would like to see us
inserting the license
Hello Scott,
Wednesday, June 7, 2006, 10:08:58 AM, you wrote:
For me the pain of false positives submissions is the research
that happens when I get a no rule found return.
I then need to find the queue-id of the original message and then
find the appropriate Sniffer log
Pete,
An X-Header would be very, very nice to have. I understand the issues
related to waiting to see if something comes through, and because of
that, I would maybe suggest moving on your own.
Sniffer doesn't need to be run on every single message in a Declude
system. Through weight based
Hello Matt,
Wednesday, June 7, 2006, 3:37:36 PM, you wrote:
Pete,
An X-Header would be very, very nice to have. I understand the
issues related to waiting to see if something comes through, and
because of that, I would maybe suggest moving on your own.
I've got it on the list to
Hello Matt,
Wednesday, June 7, 2006, 4:22:05 PM, you wrote:
Pete,
Since the %WEIGHT% variable is added by Declude, it might make
sense to have a qualifier instead of making the values space
delimited.
I don't want to mix delimiters... everything so far is using spaces,
so it makes
Hello Darin,
Wednesday, June 7, 2006, 5:05:28 PM, you wrote:
snip/
Uh, but the D file contains mime segments corresponding to attachments.
That's ok. SNF looks inside those, and w/ the FP scanning software
inside the rfc822 atachment also.
It's not perfect, but the majority of the time it
]: [sniffer]Re[2]:
[sniffer]Re[2]: [sniffer]FP suggestions
Pete,I think that you just broke Scott's record with his
two hour feature request with your own a two hour program :)Anyone
remember those days???Thanks,MattPete McNeil
wrote:
Hello Matt,
Wednesday, June 7, 2006, 4:22:05 PM, you
Awesome. Great job, Pete.
Darin.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Wednesday, June 07, 2006 6:49 PM
Subject: [sniffer]Re[2]: [sniffer]Re[2]: [sniffer]Re[2]: [sniffer]FP
suggestions
Hello Matt
Unfortunately, by the time the message gets to us it is sometimes just
different enough that the original pattern cannot be found. There are
some folks who consistently have success, and some who occasionally
have problems, and a few who always have a problem.
Different in what way? Is the mail
Hello Darin,
Wednesday, June 7, 2006, 7:26:48 PM, you wrote:
Unfortunately, by the time the message gets to us it is sometimes just
different enough that the original pattern cannot be found. There are
some folks who consistently have success, and some who occasionally
have problems, and a few
12 matches
Mail list logo
