I found myself wondering why the message suddenly got through so I did some
digging. Turns out the message that got through was sent via 65.32.5.133
which was another Experimental IP rule that had just been pulled. I'm
guessing the rule was in place when your previous notes were sent.
The
I've installed trial versions of both mxguard and sniffer. What happens to
a message when it is scored as spam?
I still see all of my spam coming through.
Thanks,
Stephen
This E-Mail came from the [EMAIL PROTECTED] mailing list. For information and
(un)subscription instructions go to
Title: Message
I am
working out the details on a Python script that will be triggered by a program
alias to update. The script is based on the Python programming (www.python.org) language and hope to be
completed with it today.
There
are a few files located at
I use WGET, which is available for free on the internet. This is my script:
c:
cd \MDaemon\Sniffer
wget
http://sniffer:[EMAIL PROTECTED]/Sniffer/Updates/12345678.snf -O
serial.tst
if exist 12345678.tst goto Test
goto Done
:Test
snf2check.exe
At 10:49 AM 2/12/2004, you wrote:
On Feb 12, 2004, at 8:58 AM, Timothy C. Bohen wrote:
Anyone willing to send me a script that I can use?
Sure, here's mine written in Perl. It knows enough to check the
timestamps so it doesn't fetch files when unecessary, keeps a backup copy,
and does
Hello folks,
Rule 11075 in the gray hosting group has been temporarily suspended.
This is one of our strongest rules which has been in place for more than
500 days.
Microsoft recently began using this service to post an advertising link at
the bottom of all of their messages. We have been
Hello folks,
The new worm Tanx / Bagle.b seems to be spreading quickly.
We have added a rule to Sniffer for this and we are currently pushing it
out to all rulebases.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation.
Chief SortMonster, www.SortMonster.com.
Vox
Pete,
We interface with your product very well. Please consider adding our
*mxGuard for IMail* website to your list:
http://www.mxguard.com/postmaster
Regards,
David Gregg
dgSoft Internet Services
+1.949.584-1514
---
mxGuard for IMail
Server based spam and virus protection for under $100
At one time we had floated the idea of a rule that would mark any email
that was more than 24-48 hrs ahead or behind the actual current time and
date as spam. I just got two You've been invited to a blind date
messages that were dated last summer. 99.9% of these off date messages
are spam,
Please don't, my Grandmother probably couldn't get through then :)
The more solid the basis for the rules, the higher the score I can give
to the test. Most spammers nowadays will have a time that is only off
by a few hours when they hard code the headers for a zombie attack,
however once you
Now I understand.
Certainly - we will add the referral link.
Thanks!
_M
At 02:56 PM 2/17/2004, you wrote:
In that case, I should rephrase my request:
In addition to our software product for IMail, we also offer email services
to individuals and businesses.
http://www.mxguard.com/individual
_M / Support,
This week I have noticed that the processing of our false
positives are not occurring as quickly as they previously were. This is the
second time this week where I havent had a response to my false positive
and had to send a note about it. I sent in a false positive
Pete,
Sorry to here .. Been there done that .. Never fun .. Hope it goes fast and
you get some sleep.
Brian R. Watters
Senior Director
http://www.americanbroadbandservice.com
[EMAIL PROTECTED]
866-827-4638 ext. 0205
559-420-0205 direct
559-272-5266 fax
This message and any attachment(s)
Hello folks,
The primary database server went online with full data at 2100.
Full synchronization and testing was completed by 2300.
Spamtraps have been cleared.
False submissions have been cleared.
Another full compile is underway.
Thanks for your patience and your support!
_M
This E-Mail came
Mike,
No ideas on f-prot, but justsomething we
do:
Weuse a combination of 2 virusscanners, McAfee
(updated automatically with dailydat every day, automatic install of extra.dat
emergency datspossible from version 7 and up) and Kaspersky, which I
update every hour. Using this combo, we
Thanks for the replies folks, I think I may just stay with F-Prot. But one
thing is still confusing me.. Why did some people get a def file on the 18th
that caught netsky, but mine didn't. On the 20th, I even went so far as to
re-install f-prot which initially installs a July 02 def file, and ran
Title: Message
ClamAV
works very well, and is lightening fast when run daemonized
(clamd).It's also hard to beat the price! I run is along with
F-Prot and McAfee's uvscan, and Clam seems to keep up with the commercial
scanners as far as virus updates.
Bill
-Original
Hello Sniffer Folks.
The critical portions of our move have been completed.
We had very few outages.
We are not expecting any more.
False and Spam processing schedules will stabilize over the next day or so.
Thanks for your support!
_M
This E-Mail came from the Message Sniffer mailing list. For
At 01:33 PM 3/3/2004, you wrote:
On Mar 3, 2004, at 12:44 PM, Madscientist wrote:
We have adopted the current policy at least for the short term:
1 ) We block all potentially hazardous extensions including .zip.
Can these virus rules be bypassed? We have real virus checking and
don't want our
I am using Declude and have indiv. Sniffer Tests and lets say the
following gets tripped in an email
SNIFFER-WHTLIST result code 000
SNIFFER-PORNresult code 054
Which would take precedence over the other, as far as which would be the
final code passed to Declude?
Thanks,
Keith
This
At 04:55 PM 3/3/2004, you wrote:
I am using Declude and have indiv. Sniffer Tests and lets say the
following gets tripped in an email
SNIFFER-WHTLIST result code 000
SNIFFER-PORNresult code 054
Which would take precedence over the other, as far as which would be the
final code passed to
Thanks for the aid. One last question, you mentioned:
In a case where a white rule is present and a black rule is present the
white rule will always win
So if the White Rule fired 000, it would override a Porn Rule of 54? If so, how are
these White Rules entered?
Thanks,
Keith
White rules are entered either upon request or in response to a false
positive report with your permission. In some cases we will enter a white
rule based on our own research or in response to a false positive report if
we feel a core white rule would be more appropriate. We add core white
Has anyone written a good Sniffer updater script for Linux which has the
error checking like the one for Windows has?
Bill
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
I'm not sure - but I think there are user submitted perl based update
scripts on the help page that probably do all of this:
http://www.sortmonster.com/MessageSniffer/Help/AutomatingUpdatesHelp.html
Hope this helps,
_M
At 11:05 PM 3/5/2004, you wrote:
Has anyone written a good Sniffer updater
Hello All,
I am running Sniffer with Declude and was wanting to get some ideas on how
everyone has Declude setup. Currently I just have the basic setup as
follows.
SNIFFER external nonzero d:\imail\declude\sniffer2_2\winx\snifferprog.exe
sniffer auth 10 0
I hold anything with a weight of 10m
Hello folks,
I know folks are anxious to get their hands on this version so I'm going to
play this beta round a little looser than usual. Version 2-3b1 implements a
persistent mode feature for our cellular peer-server technology. Launching
a persistent instance of Message Sniffer has the
I am still working a problem at our hosting facility (a t1 is down) so it
will be a while before I can get back to the list, however I wanted to
clear this one up to minimize confusion.
A persistent server instance uses a dynamic poll timing algorithm to
minimize system loads while maximizing
At 03:30 PM 3/17/2004, you wrote:
I have Imail 7.07 running on Win2000, with Declude Junkmail
I come up with errors scanning .SLM files.
Does sniffer use SLM files to process the messages.
Attached a snip from my log files
Sniffer scans whatever file is passed to it with the expectation that it
Paul,
Did you have the persistent sniffer.exe running when this log was generated?
Groet, (regards)
--
ing. Michiel Prins bsc [EMAIL PROTECTED]
SOS Small Office Solutions / Reject /
Wannepad 27 - 1066 HW -Amsterdam
t.+31(0)20-4082627 -
At 08:08 PM 3/17/2004, you wrote:
What is the number after Polled waited:
That is the number of milliseconds the persistent server waited to poll the
working directory for more jobs. This number will increase each time no
jobs are found. When a job is found the persistent server will not wait
We have just added a rule for the Bagle.Q worm derived from data at the
following link:
http://www.auscert.org.au/render.html?it=3957
The rule should be present in your next update.
A full rule-base compile is under way.
Thanks!
_M
This E-Mail came from the Message Sniffer mailing list. For
Ok, I think I did it. Only took a minute (thanks Bill). Here are some
more precise directions, but consider them to be "beta" directions
(please correct them if you find a problem):
1) Install the Windows 2000 Resource Kit, or download
and install the INSTSRV.exe and SRVANY.exe files in a
Pete,
Although inconclusive, some screen caps of Task Manager seems to show a
dramatic reduction in many of the peaks with the service turned on.
It's hard to tell the exact impact due to the virus scanners not always
being called, and SKIPIFWEIGHT settings disabling a mountain of custom
There was a bad rule yesterday. It was removed almost immediately but it
looks like you missed the update until 1000pm. It takes a while to compile
rulebase updates. Since you mention 4pm and 10pm I'm guessing you have your
updates scheduled. A better method would be to trigger updates based on
Have you tried a reboot? Checked your error logs? Made sure that DNS
and all of your E-mail services are running?
Is there even a chance that you will be able to receive this message?
Matt
Richard Farris wrote:
I just did an Windows NT update and now I cant get any email...when I turn
I've been having trouble for the last 24 hrs or maybe a bit more with log
uploads failing. The FTP either fails to connect, or it does connect and
the upload begins and then fails after a small percentage done. Uploads are
scheduled every 6 hours. Yesterday afternoon I tried renaming the log
That is possible. I'm still looking for an alternate repeatable cause.
_M
At 08:43 PM 3/24/2004, you wrote:
I see over a 1000 of these ERROR_BAD_MATRIX entries in my Sniffer log file
today, as well. Is this due to the ruleset issue from earlier today?
Bill
-Original Message-
From:
I am having the same problem when I download the update and run snf2check
H.
- Original Message -
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, March 25, 2004 2:57 PM
Subject: RE: [sniffer] Error_Bad_Matrix
I run snf2check.exe against every .snf file
This has been a bad week here!
A big increase in total email volume, a huge increase in false positives as
well as a huge increase in spam getting past our filters.
Sheldon
Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com
Ten Forward Communications 360-457-9023
We've found that when we do a manual download, everything works fine. It's
the automatic download on the Windows 2000 server that seems to corrupt
things.
M. Stein
Computer House
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, March
I think the problem is in the file extension.
It should not be .com, but rather .cmd.
Hope this helps,
_M
At 12:32 PM 3/25/2004, you wrote:
Hi,
When I try to run the .com file, I get an error. I have attached the
error dialog box and a copy of the .com file (name altered to .co_) that
I am
MicroNeil Voice Line: 703-779-4909
_M
At 01:30 PM 3/25/2004, you wrote:
I got
it.I am on to something so I might figure it outif I dont is
there a number I can call..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
- Original Message -
From:
I've been looking at that. The problem seems to be related to downloads,
not generation. That is, every rulebase that I use locally has been clean
throughout this episode. Also, folks who manually download the rulebase
seem to be able to correct the problem. I'm not sure yet what is different
snf2check.exe will catch a partial download but it will not catch
corruption in the middle of the file.
_M
At 03:57 PM 3/25/2004, you wrote:
I run snf2check.exe against every .snf file downloaded. I just checked it
again manually, and no errors were reported. I now have almost 3500
By 8pm we had done at least 6 that I was part of.
_M
At 04:32 PM 3/25/2004, you wrote:
How many updates have happened today...I have only received 1 today..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
- Original Message -
From: Pete McNeil [EMAIL
Pete,
FYI, I was trying to set up log uploads yesterday night and it took me a
while to figure out that the FTP connection was unreliable from my
server. Packets were being dropped/munged somewhere. I also noted a
much lower hit rate on SNIFFER-PHARMACY yesterday, but no indication of
I'm exploring that possibility - though there is nothing in the logs. I've
seen some instability on the Sprint T1 though it seems stable now.
Sprint made an announcement that they were going to change their routing
and that seems to coincide with these new events. Perhaps instability on
that
At 06:25 PM 3/25/2004, you wrote:
We also saw many BAD_MATRIX errors last night.
If the problem was 'wget', shouldn't the snf2check
utility detect a corrupt file? Also, we did a manual
update yesterday afternoon and there were no 'wget'
error messages. The problem got corrected sometime
between
snf2check.exe makes the assumption that if the entire file is there and the
head and tail of it can be verified that it must have survived the
transfer. Clearly something is happening where that is not the case -
something new.
One possibility that has been suggested is that we could gzip
At 06:51 PM 3/25/2004, you wrote:
Looks like a bandwidth issue to me, since even doing the download manually,
my connection stalled 5 times before I could complete a successful download.
And the download speeds were atrocious, many times in bytes/second rather
than even kb/second - and my
I'm getting to be pretty sure it's Sprint. After bouncing the router there
have been 109 carrier transitions in 3 hours. That's insane. I will be
pounding on them.
_M
At 11:44 PM 3/25/2004, you wrote:
Pete,
FYI, I was trying to set up log uploads yesterday night and it took me a
while to
snf2check does a byte length and partial checksum by default. The first and
last few kbytes of the file are encrypted in sequence using Mangler. If any
single bit of those two segments is missing or altered then the file will
fail to authenticate. The only thing missing is a CRC for the middle
At 01:57 AM 3/26/2004, you wrote:
I once noticed that transferring data through TCP/IP is NOT error-free, if
the connection is very slow. At least not if it is going through Microsoft's
software (Windows).
Me 2.
One possibility that has been suggested is that we could gzip these files.
That
Thanks for the insight. You're also sharing a maxed out T1 so I'm not sure
how to interpret that data - I suppose that 10K isn't awful if 10 other
systems are hitting it at once.
I have to stop my testing now. I've got Sprint queued up to do some
intrusive testing so I have to bring the line
At 03:39 AM 3/26/2004, you wrote:
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Since we're both up at this insane hour. Would you mind making a test?
I've just shut down the Sprint line - so we're running through Savvis
exclusively. If I'm right about the connectivity
At 07:42 AM 3/26/04 -0500, Russ Uhte (Lists) wrote:
Pete,
Just wanted to interject a couple observations. I'm connected to the
Internet through a 15Mb frac ds/3 from ATT and a T1 from Sprint. I of
course of no way of telling which pipe our automated downloads are coming
from. However, I too
At 07:42 AM 3/26/2004, you wrote:
Pete,
Just wanted to interject a couple observations. I'm connected to the
Internet through a 15Mb frac ds/3 from ATT and a T1 from Sprint. I of
course of no way of telling which pipe our automated downloads are coming
from. However, I too have noticed
Have you considered isolating this by type of mail server?
We run MDaemon and no error_bad_matrix in our log files over the past week.
We use wget on Win2000 server over a Verizon network.
Just a thought.
Paul Roulier
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
At 09:10 AM 3/26/2004, you wrote:
On Mar 25, 2004, at 8:10 PM, Pete McNeil wrote:
ERROR_BAD_MATRIX is definitely a corrupted rulebase file. A manual
download should solve the problem.
Should not snf2check.exe detect this? If the sniffer can detect it, it
seems that the checker should too.
We have also seen some slow downloads here, but we are currently on a 256k
connection from CoreComm/Voyager, but we are updating to a full T1 in the
next couple of weeks thru someone different.
03/26/04 10:20:37 Fast traceroute sortmonster.com
Trace sortmonster.com (216.88.37.62) ...
1
That's one option we're considering.
_M
At 10:34 AM 3/26/2004, you wrote:
Maybe it is time to look at a new snf2check.exe.
One that has some checksum ability.
Say you download two files not one.
One with the rules and the other a checksum file.
Just a thought on how to keep corrupt rules from
It's starting to come together now.
Wget on windows + errors on the Sprint line since the move = corrupted
downloads for folks who end up routing through sprint along the way?
Could be.
We use Windows 2k, Wget and have our connection at our end from Sprint...
Sheldon
Sheldon Koehler,
I've been getting the error message below for the past two weeks. I get
it for both smtp32.exe and imail1.exe
Application popup: smtp32.exe - Application Error : The application
failed to initialize properly (0xc142). Click on OK to terminate the
application.
I did a search on ipswith's
This seems like a rulebase thing.
We spoke on the phone.
If the problem isn't solved by getting a fresh rulebase then we should go
hunting for a rule. Send a note to yourself with sniffer on, then grab
the sniffer log entries for the captured message and send them to us at
[EMAIL PROTECTED] I'll
At 02:26 PM 3/26/2004, you wrote:
I've been getting the error message below for the past two weeks. I get
it for both smtp32.exe and imail1.exe
Application popup: smtp32.exe - Application Error : The application
failed to initialize properly (0xc142). Click on OK to terminate the
application.
Hello folks,
We have traced the source of the corrupted rulebase problem to our Sprint
T1 line. This line has been shutdown until the problem can be resolved.
This has reduced our available bandwidth but should prevent further
corrupted downloads.
In order to reduce traffic and improve
Hello folks,
I have just finished work with Sprint Verizon on the T1 and we now have a
clean circuit. I have opened it up for traffic and all appears to be back
to normal. Please let me know if there are any lingering symptoms.
I will restore the second rulebase compiler to active duty
Hello folks,
To facilitate process automation in larger email systems we have developed
a coding scheme and a number of standardized response codes for handling
false positive submissions. This will allow you to route our responses to
your false positive submissions automatically.
I have
Everything looks good here now...not only was my
rulebase corrupted but my upline provider which does some initial spam filtering
for me was having trouble with their filter (nothing to do with sniffer)...so I
was broken in two places...thanks for all the help..
Richard FarrisEthixs
That's good news.
Thanks!
_M
At 01:12 PM 3/27/2004, you wrote:
Everything
looks good here now...not only was my rulebase corrupted but my upline
provider which does some initial spam filtering for me was having trouble
with their filter (nothing to do with sniffer)...so I was broken in two
Didn't happen this time, nevermind!
Frederic TaraseviciusInternet Information Services, Inc.http://www.i-is.com/810-794-4400mailto:[EMAIL PROTECTED]
- Original Message -
From:
Fred
To: [EMAIL PROTECTED]
Sent: Monday, March 29, 2004 1:42
PM
Subject: [sniffer] Test
:-)
At 04:31 PM 3/29/2004, you wrote:
Didn't happen this
time, nevermind!
Frederic Tarasevicius
Internet Information Services, Inc.
http://www.i-is.com/
810-794-4400
mailto:[EMAIL PROTECTED]
- Original Message -
From: Fred
To:
[EMAIL PROTECTED]
Sent: Monday, March 29, 2004
We've noticed that too just today...
Nick Marshall
Giacom World Networks Ltd
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Patrick Rateliff
Sent: 05 April 2004 16:41
To: [EMAIL PROTECTED]
Subject: [sniffer] Microsoft Entourage Clients
I have
Hmmm, log file from sniffer shows significant increase
in performance (up to 50% faster, see below). However, according to my own logs,
the total time that sniffer takes is way longer. During non-persistent operation
about 300 ms on top of what sniffer logs, which could be because of loading
Pete,
I haven't been following this thread closely but latest generation SCSI
drives can be below 4 ms seek times as rated by their manufacturers.
FYI, I haven't seen any issues with the persistent Sniffer beta run as
a resource kit service besides some expected brief delays according to
the
What is the best and proper way to setup Persistent mode on a windows 2000
computer and run as a service.
Fred
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 07, 2004 8:30 PM
Subject: RE: [sniffer] Final beta (b2) for snfrv2r3
Sniffer is adaptive. You can turn the persistent instance on and off at
will. Simply stop the service - a reboot is not needed. If the persistent
instance is turned off then the remaining instances will organize
themselves in the usual way.
I don't have it running as a service, I started the
My findings are that persistent is offering great benefits, havnt tried an
excessively harsh test yet, but i'm about to do that.
Just ran sniffer in both persistent and non-persistent modes with over 1,000 mesages
in the overflow and MaxQueProc at 50. This pegs out my CPU between 90% 100%
At 09:11 PM 4/7/04 -0400, Pete McNeil wrote:
sniffer.exe stop - will stop the persistent server by sending it a message
file.
Run 'sniffer.exe stop' at the command line and your persistent instance
will exit cleanly on it's own. [ replace sniffer.exe with the name of your
executable of course
This worked great.
Thanks.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 07, 2004 8:46 PM
Subject: Re: [sniffer] Final beta (b2) for snfrv2r3
At 08:36 PM 4/7/2004, you wrote:
What is the best and proper way to setup Persistent
Tried the above and got an error message. Tried:
sniffer.exe xxauthenticationxx stop
and it paused a few seconds and returned to command prompt, so I'm guessing
that it stopped.
That doesn't sound quite right.
In the distribution there are some .CMD files that show examples of the
commands:
Since you're up, sorry to ask, where's the beta? Didn't save the e-mail.
Rob
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pete McNeil
Sent: Wednesday, April 07, 2004 9:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [sniffer] Final beta (b2) for snfrv2r3
Preliminary tests show there's no I/O problem but I'll do some
additional benchmarking here and get back to you on
this.
Groet, (regards)
--
ing. Michiel Prins bsc
[EMAIL PROTECTED]
SOSSmallOffice
Solutions /Reject /
Wannepad 27 -
1066 HW -
At 05:42 AM 4/8/04 -0400, Pete McNeil wrote:
http://www.keyconn.net/misc/sniffer.htm
I'll bet you are using b1 - this first 2-3beta does not implement the
command interface.
Yes, I had b1 in use, trying b2 now.
--
Kirk Mitchell-General Manager[EMAIL PROTECTED]
Keystone Connect
Pete,
My Sniffer log file logs times which are two hours early. I supspect that
it's because Amsterdam is in GMT+2. Why does sniffer not log local time?
Groet, (regards)
--
ing. Michiel Prins bsc [EMAIL PROTECTED]
SOS Small Office Solutions / Reject /
Sniffer logs times in GMT so that all events can be easily coordinated.
This will become increasingly important as we roll out collaborative AI
features in the coming months.
Thanks,
_M
At 04:37 AM 4/9/2004, you wrote:
Pete,
My Sniffer log file logs times which are two hours early. I supspect
HI,
My log file used to write to a new file everyday, now it is writing to the
same file...
I didn't change anything, how do I fix it?
Thanks, andy
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
At 12:18 PM 4/9/2004, you wrote:
HI,
My log file used to write to a new file everyday, now it is writing to the
same file...
I didn't change anything, how do I fix it?
This is confusing. Message Sniffer has always written to a single log file
that does not change. External utilities could be
H,
If we were triggering it - then that would have been our update
notification message. If that's stopped working then you might want to look
at your rulebase to see that it's up to date...
What you're looking for is a program alias that launches your update script.
That's the best place
Usually the log rotation is handled in a different .cmd.
I guess it could have been cobbled together but I don't recall doing
it.
You can get the starter scripts here:
http://www.sortmonster.net/Sniffer/Updates/WindowsTools.zip
ftp://ftp.sortmonster.net/Sniffer/Updates/WindowsTools.zip
A
All,
MailMage is seeking beta testers for our latest utility, MilterSink.
MilterSink is a highly configurable DLL event sink for Microsoft's IIS
SMTP service (a.k.a. MS SMTP) allowing for the integration of
command-line content scanners.
Originally designed to wrap our SPAMC32
All,
While no one has protested, it's possible that the beta invitation
might have looked like a commercial plug to some of you. We initially
thought of indicating otherwise outright, but decided that it that
might look as if _we_ had protested too much. grin
For the record, this
Pete,
The speed problem has been found. McAfee Netshield 4.51 was
making our server RIDICULOUSLY slow, despite the fact that we tried excluding
the Sniffer folder and even disabling the service from the tray-icon. Upgrading
to Virusscan Enterprise 7.x fixed our problem and our performance
That's fantastic news... Another mystery bites the dust!
_M
At 09:56 AM 4/13/2004, you wrote:
Pete,
The speed problem has been
found. McAfee Netshield 4.51 was making our server RIDICULOUSLY slow,
despite the fact that we tried excluding the Sniffer folder and even
disabling the service from
Ok,
There is a logrotate.cmd that you modified for
me. I don't know why it isn't kicking off automatically like it was
before, but it isn't. It had been running automatically for
months.
How do you recommend doing that so that you get the
log files when you want them?
Thanks, Andy
It is working, I tested it from the command line. What time of day do
you want it run?
- Original Message -
From:
Pete McNeil
To: [EMAIL PROTECTED]
Sent: Tuesday, April 13, 2004 7:06
PM
Subject: Re: [sniffer] log file
growing
First, give it a test by launching
Any time is fine. How about 0100 ET. - I'm pretty sure that spot is
mostly empty.
_M
At 09:17 PM 4/13/2004, you wrote:
It is working, I tested it from
the command line. What time of day do you want it run?
- Original Message -
From: Pete McNeil
To: [EMAIL PROTECTED]
Sent:
We had some major BGP flapping with both Sprint and Savvis. Nobody has
gotten to the bottom of it yet and it settled down around 0200. No errors
or warnings since then.
_M
At 10:37 PM 4/13/2004, you wrote:
Pete.
I am seeing major download problems of the SNF file tonight.
Any problems with
Hi,
In the default logrotate.cmd script is a move in
stead of a ren command. Is there any special reason for that? As Ren is an
internal command and move an external command I would have expected Ren to be
used.
p.s. Did my comment about an updated AutoSNF.cmd
file make it to you Pete? I
1 - 100 of 2919 matches
Mail list logo