Hello Pete,
Thursday, June 8, 2006, 9:41:55 AM, you wrote:
It does look a little weird. Sometimes it's normal though. I'll see if
I can identify anything odd in the settings.
_M
I've changed the settings. I hope this response works ok.
_M
Testing. Sorry for the extra trafic - only way
Hello Pete,
Thursday, June 8, 2006, 9:42:42 AM, you wrote:
Hello Pete,
Thursday, June 8, 2006, 9:41:55 AM, you wrote:
It does look a little weird. Sometimes it's normal though. I'll see if
I can identify anything odd in the settings.
_M
I've changed the settings. I hope this response
Pete,
My understanding was that Declude treats different arguments to an
executable as just being other forms of that executable so it only
processes it once. I'm not positive one way or another. It's worth
testing though.
Matt
Pete McNeil wrote:
Hello Matt,
Wednesday, June 7, 2006,
Hello Darin,
Wednesday, June 7, 2006, 7:31:29 AM, you wrote:
The one issue with this I have is
1) Forward full original source to Sniffer with license code.
If we could do it without the license code, it would be much
easier to automate on our end. I already have a
McNeil [EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Wednesday, June 07, 2006 8:25 AM
Subject: [sniffer]Re[2]: [sniffer]FP suggestions
Hello Darin,
Wednesday, June 7, 2006, 7:31:29 AM, you wrote:
The one issue with this I have is
1) Forward full original
Hello Darin,
Wednesday, June 7, 2006, 8:44:26 AM, you wrote:
Hi Pete,
Can I interpret this as email address and matching source IP are sufficient
if the correct email address is used to submit?
Yes.
If not, do you have any suggestions on how you would like to see us
inserting the license
Hello Scott,
Wednesday, June 7, 2006, 10:08:58 AM, you wrote:
For me the pain of false positives submissions is the research
that happens when I get a no rule found return.
I then need to find the queue-id of the original message and then
find the appropriate Sniffer log
Pete,
An X-Header would be very, very nice to have. I understand the issues
related to waiting to see if something comes through, and because of
that, I would maybe suggest moving on your own.
Sniffer doesn't need to be run on every single message in a Declude
system. Through weight based
Hello Matt,
Wednesday, June 7, 2006, 3:37:36 PM, you wrote:
Pete,
An X-Header would be very, very nice to have. I understand the
issues related to waiting to see if something comes through, and
because of that, I would maybe suggest moving on your own.
I've got it on the list to
Hello Matt,
Wednesday, June 7, 2006, 4:22:05 PM, you wrote:
Pete,
Since the %WEIGHT% variable is added by Declude, it might make
sense to have a qualifier instead of making the values space
delimited.
I don't want to mix delimiters... everything so far is using spaces,
so it makes
Hello Darin,
Wednesday, June 7, 2006, 5:05:28 PM, you wrote:
snip/
Uh, but the D file contains mime segments corresponding to attachments.
That's ok. SNF looks inside those, and w/ the FP scanning software
inside the rfc822 atachment also.
It's not perfect, but the majority of the time it
Hello Darin,
Wednesday, June 7, 2006, 5:09:27 PM, you wrote:
snip/
That would be a bad idea, sorry. After 30 days (heck, after 2) spam is
usually long-since filtered, or dead. As a result, looking at 30 day
old spam would have a cost, but little benefit.
You misinterpreted what I was saying.
]: [sniffer]Re[2]:
[sniffer]Re[2]: [sniffer]FP suggestions
Pete,I think that you just broke Scott's record with his
two hour feature request with your own a two hour program :)Anyone
remember those days???Thanks,MattPete McNeil
wrote:
Hello Matt,
Wednesday, June 7, 2006, 4:22:05 PM, you
Awesome. Great job, Pete.
Darin.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Wednesday, June 07, 2006 6:49 PM
Subject: [sniffer]Re[2]: [sniffer]Re[2]: [sniffer]Re[2]: [sniffer]FP
suggestions
Hello Matt
Unfortunately, by the time the message gets to us it is sometimes just
different enough that the original pattern cannot be found. There are
some folks who consistently have success, and some who occasionally
have problems, and a few who always have a problem.
Different in what way? Is the mail
Hello Darin,
Wednesday, June 7, 2006, 7:26:48 PM, you wrote:
Unfortunately, by the time the message gets to us it is sometimes just
different enough that the original pattern cannot be found. There are
some folks who consistently have success, and some who occasionally
have problems, and a few
Hello Peer-to-Peer,
That's a good point.
Any kind, perhaps by category.
I was originally thinking of just RBLs of various types.
Thanks,
_M
Tuesday, June 6, 2006, 9:46:01 AM, you wrote:
Hi _M,
Do you mean like reverse PTR records, or HELO lookups, etc..?
--Paul R.
-Original
Hello Nick,
What is your false positive rate with that pattern?
_M
Tuesday, June 6, 2006, 10:05:18 AM, you wrote:
Hi Markus -
Markus Gufler wrote:
There is also another type of spam (stock spam now with attached png image)
this morning passing our filters.
I am catching these fairly
Hello Jonathan,
I urge caution from experience... png images are not entirely rare,
and the cid: tag format in the regex is also common.
I'd love to be wrong - but I recall false positives with similar
attempts in the past.
Is there more to this than the two elements I just described -
Pete McNeil wrote:
Hello Nick,
What is your false positive rate with that pattern?
Hmm lets go to the MDLP for yesterday :)
SS HH HS SH SA
SQ
REGEX.STOCK.BODY 331 0 0 66 0.667506 0.445565
COMBO.STOCK_PNG 16 0 0 1 0.882353 0.778547
The regex alone will fp; I
Hello Nick,
Thanks.
That's all good then :-)
_M
Tuesday, June 6, 2006, 10:46:55 AM, you wrote:
Pete McNeil wrote:
Hello Nick,
What is your false positive rate with that pattern?
Hmm lets go to the MDLP for yesterday :)
SS
Hello Andrew,
Tuesday, June 6, 2006, 11:44:46 AM, you wrote:
David,
Are you using the free version of sniffer? Or did you deliberately
change your .exe name in your posting to sniffer.exe to hide your licence
number?
I certainly expect that the rulebase lag with the free version will
Subject: [sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock
spam
Hello Jonathan,
I urge caution from experience... png images are not entirely rare,
and the cid: tag format in the regex is also common.
I'd love to be wrong - but I recall false positives with similar
attempts
Hello Matt,
Tuesday, June 6, 2006, 12:37:56 PM, you wrote:
snip/
appropriately and tend to hit less often, but the FP issues with
Sniffer have grown due to cross checking automated rules with other
lists that I use, causing two hits on a single piece of data. For
instance, if SURBL has an
Hello Andrew,
Wednesday, May 17, 2006, 5:35:36 PM, you wrote:
Certainly, submitting samples to spam@ (or preferably your
local spam submission point polled by our bots) will put
these messages in front of us if we have not already created
rules for them.
I've just manually submitted the
Hello Daniel,
Wednesday, May 17, 2006, 3:07:38 PM, you wrote:
I've gotten one myself.
The pharmacy ones, are still coming through too for that matter.
Here is what the latest wave has looked like from here (attached
image).
You can see, starting about 24 hours ago a jagged, but fairly
On Friday, May 5, 2006, 11:02:00 AM, Darin wrote:
DC Not just drugs, but some others too have been slipping through the past
DC couple of days. We've reported a little under 40 in the past couple of
DC days.
We saw a bit of a lull, then a rash of new campaigns bunched together
with some new
We've had that rule before and had to pull it for false positives.
_M
On Friday, May 5, 2006, 11:41:50 AM, John wrote:
JTL FYI, I created a Declude Filter:
JTL Subject END NOTCONTAINS news
JTL BODY25 CONTAINShttp://geocities.com/
JTL Been catching every one
PROTECTED]
On
Behalf Of Pete McNeil
Sent: Friday, May 05, 2006 9:09 AM
To: John T (Lists)
Subject: Re[2]: [sniffer] Lot of Drugs Spam getting through sniffer
We've had that rule before and had to pull it for false positives.
_M
On Friday, May 5, 2006, 11:41:50 AM, John wrote
Yes, I'm sorry. I'm still working on that with the back-end server
guys over there. I am getting your messages though. Please ignore the
jsmith bounces for now. I will keep on them.
Thanks!
_M
On Thursday, April 20, 2006, 12:11:25 PM, Scott wrote:
SF Still happening when I reply to false
On Tuesday, March 21, 2006, 11:37:30 AM, Darin wrote:
DC Nope. None of them.
DC I haven't heard back from the replies to a couple of false positives on the
DC 10th, and we haven't heard anything from our submissions on the 16th (6) and
DC 17th (2). I don't remember if we've heard anything from
On Friday, March 17, 2006, 11:53:58 AM, John wrote:
JTL What is the purpose of using a WIKI site?
A few things really -
* It's fast and easy to create, update, and correct the content.
Things happen quickly here and in the messaging security business in
general. It makes sense to use tools that
McNeil [EMAIL PROTECTED]
To: Darin Cox sniffer@SortMonster.com
Sent: Monday, March 13, 2006 10:23 AM
Subject: Re[2]: [sniffer] New RuleBot F002 Online
On Friday, March 10, 2006, 3:41:00 PM, Darin wrote:
DC Totally agree. I'd like to see some separation between rules created by
DC newer rulebots
On Thursday, March 9, 2006, 8:48:43 AM, Nick wrote:
NH Hi Pete -
NH Pete McNeil wrote:
Hello Sniffer Folks,
The F001 Rule Bot has been adjusted.
NH Is it possible for you to recommend a percentage of accuracy or maybe
NH better stated a percentage of delete weight for each rule? I am
65
Could this please stop, sniffer was pretty reliable for us, but not at the
moment.
Regards,
Marcel Sangers
Traction IT
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pete McNeil
Sent: dinsdag 7 maart 2006 0:18
To: Darin Cox
Subject: Re[2
McNeil
Sent: Tuesday, March 07, 2006 6:28 PM
To: Harry Vanderzand
Subject: Re[2]: [sniffer] declude tests
On Tuesday, March 7, 2006, 6:20:04 PM, Harry wrote:
HV I guess I am not understanding something here after all this time
HV So as I understand I leave the persistent word out
On Monday, March 6, 2006, 3:13:53 PM, Jay wrote:
JSHNL There's been at least one FP ;)
JSHNL --
JSHNL Rule - 861038
JSHNL NameF001 for Message 2888327: [216.239.56.131]
JSHNL Created 2006-03-02
JSHNL Source 216.239.56.131
JSHNL Hidden false
JSHNL Blocked false
On Monday, March 6, 2006, 3:42:50 PM, Darin wrote:
DC We just reviewed this morning's logs and had a few false positives. Not
DC sure if these are due to the new rulebot, but it's more than we've had for
DC the entire day for the past month.
DC Rules
DC --
DC 873261
DC 866398
DC 856734
To: Darin Cox
Subject: Re[2]: [sniffer] New Rulebot F001
On Monday, March 6, 2006, 3:42:50 PM, Darin wrote:
DC We just reviewed this morning's logs and had a few false
positives.
DC Not sure if these are due to the new rulebot, but it's more than
DC we've had for the entire day for the past
Thanks, Pete.
Darin.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: Darin Cox sniffer@SortMonster.com
Sent: Monday, March 06, 2006 6:17 PM
Subject: Re[2]: [sniffer] New Rulebot F001
On Monday, March 6, 2006, 3:42:50 PM, Darin wrote:
DC We just reviewed this morning's
On Monday, March 6, 2006, 6:09:43 PM, Matt wrote:
M Pete,
M Does this mean that you are somehow supporting incremental rule base
M updates, or is it that the compiler is just much faster so we will get
M the same number of updates, but generally get them 40-120 minutes
M earlier in relation to
On Saturday, February 25, 2006, 1:38:53 PM, Joe wrote:
JW
JW
JW I would actually prefer that MDLP autotune the weight for
JW invURIBL, but since the weights are managed by invURIBL and not
JW Declude I don't know how this will work.
I'm not familiar enough with invURIBL to know how it is
On Friday, February 24, 2006, 7:13:47 AM, Jeff wrote:
JP Do I need to modify anything in my Declude configuration file where it calls
JP the SNIFFER test in order for this to function ??
No. You set up a persistent instance outside of Declude and the other
SNF instances adapt automatically.
_M
On Thursday, February 23, 2006, 11:53:51 AM, LLC wrote:
JISL I'm investigating the persistant mode and read the info on the web site.
JISL Can't make heads or tails of it.
JISL How do enable persistant mode on a Windows 2003 Server? The web site
speaks
JISL hypothetically, but the information
Pete,
To run in persistent mode, simply launch an instance of SNF from the
command line with the word persistent in place of the file to scan.
licenseid.exe authentication persistent
I am calling Sniffer from Declude. Could I just later my statement in my
config file to include
On Tuesday, February 21, 2006, 10:16:11 AM, Andy wrote:
AS Sorry - didn't mean to be pushy. I just thought that false positives are
AS worse than missed spam, so I had assumed that they would always be at the
AS top of the queue.
It is a very tough balancing act. Don't feel bad at all - you're
PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pete McNeil
Sent: Tuesday, February 21, 2006 11:04 AM
To: Andy Schmidt
Subject: Re[2]: [sniffer] False Positive - no reaction?
On Tuesday, February 21, 2006, 10:16:11 AM, Andy wrote:
AS Sorry - didn't mean to be pushy. I just thought that false
I like this idea more than the email notification. I really don't need more
emails.
- Original Message -
From: Andy Schmidt [EMAIL PROTECTED]
To: sniffer@SortMonster.com
Sent: Tuesday, February 21, 2006 10:16 AM
Subject: RE: Re[2]: [sniffer] False Positive - no reaction?
Hi Pete
.
Darin.
- Original Message -
From: Andy Schmidt [EMAIL PROTECTED]
To: sniffer@SortMonster.com
Sent: Tuesday, February 21, 2006 11:16 AM
Subject: RE: Re[2]: [sniffer] False Positive - no reaction?
Hi Pete,
I agree that the email notification is tricky - because you might respond
On Wednesday, February 15, 2006, 11:02:11 AM, Bonno wrote:
BB Hi Pete,
BB []
If you wish, it is possible to create a local black rule for any
geocities link. On many ISP systems this would cause false positives,
but on more private systems it may be a reasonable solution.
BB I think I
On Wednesday, February 15, 2006, 4:32:14 PM, Robert wrote:
RG The X-SNF header. Sounds like a good idea. Is there a cheat sheet someplace
RG for making that happen, if possible, in a Declude / Imail environment?
RG Thanks ahead of time,
In the distribution the option is described in the .cfg
Jim,
Not at this time. The two processes are entirely different. The False
Positives process is highly interactive. The standardized responses
were implemented to allow for some automation on both sides.
Spam submissions are always treated as anonymous for security reasons
and also because of
On Wednesday, February 15, 2006, 4:48:43 PM, Computer wrote:
CHS I second the motion. We have been submitting spam for over a year and I
CHS don't know if a single one was received.
In general, if you've not received an error during delivery, we most
certainly got your message... it may have
On Wednesday, February 8, 2006, 10:59:09 AM, Darin wrote:
DC I have an idea. These problems seem to stem mostly from changes
DC in the methods of handling rulebase updates.
snip/
DC Would it be feasible to announce in advance when such changes
DC are to be implemented? With advance notice
that, and unfreeze once it was clear
that no glut of false positives would result.
Darin.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: Darin Cox sniffer@SortMonster.com
Sent: Wednesday, February 08, 2006 11:13 AM
Subject: Re[2]: [sniffer] problems
On Wednesday, February 8
What is the correct Sniffer string in Declude Global.cfg
file.
SNIFFER external nonzero d:\imail\declude\sniffer\sniffer.exe
code12
0
of
SNIFFER external nonzero d:\imail\declude\sniffer\sniffer.exe
code10
0
Thanks
Filippo
On Wednesday, February 8, 2006, 11:06:07 AM, Markus wrote:
MG If a experimental rule showed to be reliable they move them in
MG the appropriate category (rich, fraud,...)
MG
MG
MG
MG I'm not sure about this but I think it's so and so it shouldn't
MG be necessary to do something like
On Wednesday, February 8, 2006, 1:32:05 PM, David wrote:
The .xhdr files are created by SNF and can be turned off in SNF's .cfg
file. They contain text that could be added to the headers of the
message to help debug false positives and/or to trigger other
filtering systems.
DP Well I see
I do most humbly apologize,
It was my intention to do it immediately, however I became embroiled
in related support issues and was delayed.
I don't expect more of these, but I will make announcing their
discovery the next event after removing them from the system.
Thanks,
_M
On Tuesday,
-
From: Pete McNeil [EMAIL PROTECTED]
To: Computer House Support sniffer@SortMonster.com
Sent: Tuesday, February 07, 2006 4:24 PM
Subject: Re[2]: [sniffer] Bad Rule - 828931
I do most humbly apologize,
It was my intention to do it immediately, however I became embroiled
in related support
Somebody please tell me I'm doing something wrong here. I use this
expression in Baregrep Final\t828931 and it yields 22,055 matching
lines across 3 of my 4 license's log files.
Since this is set to my hold weight, I'm assuming that means I've had
22,055 holds on this rule?
--
Best regards,
Hello Matt,
Tuesday, February 7, 2006, 6:27:25 PM, you wrote:
M rule number, and I don't have the tools set up or the knowledge of grep
M yet to do a piped query of Sniffer's logs to extract the spool file names.
http://www.baremetalsoft.com/ is a great grep'er for windows. In BSD I
always used
Of David Sullivan
Sent: Tuesday, February 07, 2006 4:12 PM
To: sniffer@SortMonster.com
Subject: Re[2]: [sniffer] Bad Rule - 828931
Hello Matt,
Tuesday, February 7, 2006, 6:27:25 PM, you wrote:
M rule number, and I don't have the tools set up or the knowledge of
M grep yet to do a piped query
Final\t828931 and Final.*828931 both found 850 entries in my current log
using Baregrep.
John C
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of David Sullivan
Sent: Tuesday, February 07, 2006 6:12 PM
To: sniffer@SortMonster.com
Subject: Re[2]: [sniffer
I've had an internal note that our colo provider is working on a
networking problem. That's probably what you're seeing. Apparently it
doesn't effect all paths to the 'net equally and/or it may be solved
by now.
_M
On Tuesday, February 7, 2006, 5:53:35 PM, John wrote:
JC Agreed, my last report
Hello Pete,
Tuesday, February 7, 2006, 7:43:52 PM, you wrote:
PM The rule would match the intended spam (and there was a lot of it, so
PM 22,055 most likely includes mostly spam.
On spot check I'm seeing about 30-40% of the messages are valid.
PM Unfortunately it would also match messages
McNeil
Sent: Thursday, February 02, 2006 11:40 AM
To: Goran Jovanovic
Subject: Re[2]: [sniffer] Stock SPAM now HTML
There are some new mutations of the latest campaigns out today. These
ones look like they were hand tweaked (not evolved by machine). They
are a lot tougher, but I think we've
On Monday, January 30, 2006, 11:07:26 AM, Michiel wrote:
MP G'day,
MP I'm just wandering... what CAN be done about this? If I send an embedded
MP picture to someone, how's sniffer gonna see the difference between my
MP holiday picture and the stock spam?
MP I reckon it's gonna be tough to block
I see. I misunderstood. We generally get text based stock-push
campaigns very quickly. We have seen an increase in these recently
tough.
If it's a plain text stock push then it's most likely that you saw it
before we did. I'll make sure that the rest of the team are watching
out for these just in
:[EMAIL PROTECTED]
On Behalf Of Pete McNeil
Sent: Thursday, January 26, 2006 10:54 AM
To: Jim Matuska Jr.
Subject: Re[2]: [sniffer] Stock Market Spam Messages
I see. I misunderstood. We generally get text based stock-push
campaigns very quickly. We have seen an increase in these recently
tough
On Thursday, January 19, 2006, 6:50:32 PM, Dave wrote:
DK My bet is that either OB or WS trees of SURBL are the culprit. I've seen
DK false postives from them before. Can your bot isolate the subs of the multi
DK lookup and only use the more reliable ones like JP, SC, etc?
I'm not sure about
Everything should be ok today.
Please visit:
http://www.mail-archive.com/sniffer@sortmonster.com/msg02346.html
and
http://www.mail-archive.com/sniffer@sortmonster.com/msg02348.html
Thanks,
_M
On Wednesday, January 18, 2006, 8:57:25 AM, Ali wrote:
AR
AR
AR Hi,
AR
AR
AR
AR I am
On Wednesday, January 18, 2006, 8:42:22 AM, Frederick wrote:
FS Same with me. Last night there was a rules update and it fixed the problem.
FS Check the date of your rules update.
Please visit
http://www.mail-archive.com/sniffer@sortmonster.com/msg02346.html
and
On Wednesday, January 18, 2006, 8:54:49 AM, Darin wrote:
DC Agreed. We counted 100 false positives yesterday, compared to our normal
DC rate of less than 5.
DC No false positives since 6pm ET yesterday, though. Thank goodness.
Please visit:
On Tuesday, January 17, 2006, 7:21:11 AM, Matt wrote:
M Pete,
M w3.org would be a huge problem because Outlook will insert this in the
M XML headers of any HTML generated E-mail.
M If you could give us an idea of when this started and possibly ended,
M that would help in the process of review.
On Tuesday, January 17, 2006, 8:10:44 AM, Darrell wrote:
Dsic Pete,
Dsic I just checked real quick hitting several DNS servers (mine and others)
and
Dsic I am not seeing this - are you still seeing this now?
Nope... it was short lived.
_M
This E-Mail came from the Message Sniffer mailing
I believe a new topic is in order. Quick,
someone ask a newbie question!
- Original Message -
From:
John W.
Enyart
To: sniffer@SortMonster.com
Sent: Thursday, December 29, 2005 11:27
AM
Subject: RE: Re[2]: [sniffer] Last chance
to renew at the old price
Can I also use this
product on my snailmail? :p
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Hickman
Sent: vrijdag 30 december 2005
16:58
To: sniffer@SortMonster.com
Subject: Re: Re[2]: [sniffer] Last
chance to renew at the old price!
I believe
]] On Behalf Of Jonathan
Hickman
Sent: vrijdag 30 december 2005 16:58
To: sniffer@SortMonster.com
Subject: Re: Re[2]: [sniffer] Last chance to renew at the old
price!
I believe a new topic is in
order. Quick, someone ask a newbie question!
- Original Message -
From: John W. Enyart
about the amount of the price
hike; but is all the other escalating banter really necessary?
Wolf
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John T (Lists)
Sent: Wednesday, December 28, 2005
9:33 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last
Yes, you can renew with Declude.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kevin
Sent: Wednesday, December 28, 2005 3:22 PM
To: sniffer@SortMonster.com
Subject: Re: Re[2]: [sniffer] Last chance to renew at the old price!
Can we renew
Are they a valid reseller,
sniffer-folks??
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
KevinSent: Wednesday, December 28, 2005 8:00 PMTo:
sniffer@SortMonster.comSubject: Re: Re[2]: [sniffer] Last chance to
renew at the old price!
After posting
Message -
From:
John T (Lists)
To: sniffer@SortMonster.com
Sent: Wednesday, December 28, 2005 7:29
PM
Subject: RE: Re[2]: [sniffer] Last chance
to renew at the old price!
According to the
Reseller agreement I signed when I became a reseller of Message Sniffer, I
appalling. And should be grounds for
termination.
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On
Behalf Of John T (Lists)Sent: Wednesday, December 28, 2005 8:46
PMTo: sniffer@SortMonster.comSubject: RE: Re[2]:
[sniffer] Last chance to renew at the old
] On Behalf Of Peer-to-Peer (Support)
Sent: Wednesday,
December 28, 2005 6:01 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last
chance to renew at the old price!
You certainlycrossed a line of
ethical integrity at the very least.
Pete: If you don't already have a
'non
] On Behalf Of Joe Wolf
Sent: Wednesday,
December 28, 2005 5:43 PM
To: sniffer@SortMonster.com
Subject: Re: Re[2]: [sniffer] Last
chance to renew at the old price!
FYI, a reseller agreement may include a MAP (Minimum
Advertised Price) but it is illegal in the United States for the agreement
here to help one another.
John T
eServices For You
-Original Message-
From: [EMAIL PROTECTED]
[
mailto:[EMAIL PROTECTED]] On Behalf Of Peer-to-Peer
(Support)
Sent: Wednesday, December 28, 2005 5:41 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last chance
I'm sorry that it wasn't more visible. We have been talking about this
for several months and have made a few announcements. It has also been
on the web site for several months.
My announcement today was just to make sure that anyone who had not
heard didn't get blind-sided. Sorry it didn't turn
McNeil [EMAIL PROTECTED]
To: Darin Cox sniffer@SortMonster.com
Sent: Tuesday, December 27, 2005 5:08 PM
Subject: Re[2]: [sniffer] Last chance to renew at the old price!
Part of the purpose for additional staff is to reach a goal of FP
processing measured in minutes to hours, never days
I can assure you that is not the case - quite the opposite in fact. I
would never suggest that you don't keep a plan B handy - everyone,
IMO, should always have a plan B, C and D handy - In fact, that MO is
one of the reasons we're still at it ;-)
None the less, what's really going on here is
Thanks Dean - And thanks to all of you who have been
very supportive and understanding of what we are doing here!
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Lawrence
Sent: Tuesday, December 27, 2005
4:18 PM
To: sniffer@sortmonster.com
Subject: Re: Re[2
On Tuesday, December 27, 2005, 5:14:13 PM, Thomas wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michael Murdoch
If you don't feel that's the case, then you
are free to decide if you think otherwise. Thanks and take care!
FT EASY FOX
:40 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last chance to renew at the old price!
Your interpretation of a bit as being 50+%
is disingenuous at best, and thievery at the
worst.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Pete
Agree wholeheartedly!
Bill
From: Dean Lawrence [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 27, 2005 2:18 PMTo:
sniffer@SortMonster.comSubject: Re: Re[2]: [sniffer] Last chance to
renew at the old price!
You know, I just don't get where all of the doom and gloom comes from. Yes
gripping
or take it off list.
Bill
-Original Message-
From: Fox, Thomas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 27, 2005 2:40 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last chance to renew at the old price!
Your interpretation of a bit as being 50
more.
John T
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
Behalf Of Rick Robeson
Sent: Tuesday, December 27, 2005 2:54 PM
To: sniffer@SortMonster.com
Subject: RE: Re[2]: [sniffer] Last chance to renew at the old price!
The thought does
Pete, I am both a Sniffer reseller and user, and I was blind sided by this
announcement.
John T
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
Behalf Of Pete McNeil
Sent: Tuesday, December 27, 2005 2:11 PM
To: Darin Cox
Subject: Re[2
On Tuesday, December 27, 2005, 1:31:04 PM, Steve wrote:
SJ How can I tell when my subscription expires?
You should have a note from your original purchase or your latest
renewal. Also, you can ask ;-) I'll send you your current expiration
directly.
I hope to put up a self-serve tool for
IMO, you're absolutely right. These days, automated responses are just
as bad (for the same reasons) as challenge/response systems. They
amplify spam and malware issues by generating outscatter.
None the less, they still happen.
_M
On Thursday, December 15, 2005, 1:10:31 PM, Kevin wrote:
KS
On Monday, December 5, 2005, 3:33:33 PM, Andrew wrote:
I had the same question, but more specifically:
Is is helpful for sniffer trap (spam and user trap) submissions to skip, or to include messages on which sniffer already hits.
It's best for those messages to be removed. The
1 - 100 of 290 matches
Mail list logo