Just checking to see if anyone else is seeing a massive spike in volume.
Something started occurring around 9AM EST. Not yet sure what's happening.
Wondering if this is global attack or simply local on our system?
Anyone seeing unusual activity - high volume?
--Paul R.
I'm seeing it, too.
Darin.
- Original Message -
From: Peer-to-Peer (Support) suppor...@peertopeer.net
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Monday, May 10, 2010 9:21 AM
Subject: [sniffer] Volume spike Mon 9AM EST
Just checking to see if anyone else is seeing a
I am getting a lot of complaints from my customers concerning the huge
spikes too.
DustyC
-Original Message-
From: Message Sniffer Community [mailto:snif...@sortmonster.com] On Behalf
Of Darin Cox
Sent: Monday, May 10, 2010 9:51 AM
To: Message Sniffer Community
Subject: [sniffer] Re:
On 5/10/2010 11:12 AM, NetEase Operations Manager wrote:
I am getting a lot of complaints from my customers concerning the huge
spikes too.
Do you mean huge spikes in leakage?
Hope not-- because we're not seeing that in our instrumentation.
If anything is leaking please be sure to get it
I'm not seeing any spike in inbound connections or accepted message
counts.
Actually, it's lower than Friday's volume and about the same as
Thursday.
Andrew.
-Original Message-
From: Message Sniffer Community [mailto:snif...@sortmonster.com] On
Behalf Of Peer-to-Peer (Support)
Sent:
I looked at the effectiveness of this test and I like what I'm seeing.
The volume isn't high, but it is making a difference in the edge cases
that are close to my hold weight.
In particular, I'm finding that it is triggering on pump and dump DKIM
spam from fresh netblocks that would otherwise
We had a hacker send bogus requests for login name, password and birth date to
all our mail customers on one domain. 6 gave it up and made my life fun
babysitting the mail server for the last week. Makes ya wonder how many give
up credit card and bank info? The message did appear very
That is the case here as well. I should have clarified that in my earlier
post. Sniffer is doing its job. Unfortunately I am running through two
levels of spam filtering systems and a ton is getting through still.
DustyC
-Original Message-
From: Message Sniffer Community
Hi Pete,
No. Not leakage. Sniffer et al are doing their job well.
Just a large spike in incoming spam volume. It settled down for us by about
11am.
Darin.
- Original Message -
From: Pete McNeil madscient...@armresearch.com
To: Message Sniffer Community sniffer@sortmonster.com
On 5/10/2010 12:23 PM, Darin Cox wrote:
Hi Pete,
No. Not leakage. Sniffer et al are doing their job well.
Just a large spike in incoming spam volume. It settled down for us by about
11am.
I checked on telemetry and found a mixed bag -- some systems were up
quite a bit-- others were
Sniffer is doing its job well, but I am nearly overwhelmed by the load - to
the point where I might have to turn sniffer off to reduce my processing
footprint. I've already commented out INVURIBL.
My customers don't like lag at all.
That being said, I wonder how I can better protect myself
On 5/10/2010 2:15 PM, Michael Cummins wrote:
Sniffer is doing its job well, but I am nearly overwhelmed by the load - to
the point where I might have to turn sniffer off to reduce my processing
footprint. I've already commented out INVURIBL.
My customers don't like lag at all.
That being
Is there a way we could get a SNIFFER feature like that implemented as an
internal DECLUDE test?
Barring that, perhaps get it to write a text file of current IPs to block?
-- Michael Cummins
-Original Message-
From: Message Sniffer Community [mailto:snif...@sortmonster.com] On Behalf
On 5/10/2010 2:37 PM, Michael Cummins wrote:
Is there a way we could get a SNIFFER feature like that implemented as an
internal DECLUDE test?
SNFIPREP and SNFIP tests give you some direct access to GBUdb -- of
course at that point you've already accepted the message for scanning
even if
Are there many folks on the list who would/could use an IP list
generating function in the SNF engine?
If so what might that look like -- that is, how would you like to tune
it and what special features might it have to be most useful?
If you do generate it, I'd be happy to sync up with you
On 5/10/2010 3:04 PM, Michael Cummins wrote:
Are there many folks on the list who would/could use an IP list
generating function in the SNF engine?
If so what might that look like -- that is, how would you like to tune
it and what special features might it have to be most useful?
If you
One impacted customer wanted me to put back their original pw back
in. Boss can't learn a new one! Sheesh..
That makes me... cry.
Not mail-related: a user of our web app forgot his password today and
was having a ridiculously hard time using our password reset form
(basic
Hey, Pete.
I contacted one of the recipients and ran down one of those intermediate
hops which triggered on truncate.gbudb.net ... It was an intermediate
hop at AOL (rly presumably means relay)
Received: from smtprly-dd03.mx.aol.com (smtprly-dd03.mx.aol.com
[205.188.84.131]) by
On 5/10/2010 4:16 PM, Colbeck, Andrew wrote:
Hey, Pete.
I contacted one of the recipients and ran down one of those intermediate
hops which triggered on truncate.gbudb.net ... It was an intermediate
hop at AOL (rly presumably means relay)
Ok.
snip/
The GBU list is emitting TXT records
19 matches
Mail list logo
