[sniffer] Re: What is your oldest production CPU?
Oldest here is an Intel i5-2500k -- Original Message -- From: Darin Cox dc...@4cweb.com Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Fri, 27 Dec 2013 10:04:12 -0500 Hi Pete, Our oldest production servers still have 1.1 - 1.4 GHz P3's in them. However, for mail our oldest are quad core 3Ghz Xeons. Darin. -Original Message- From: Pete McNeil Sent: Friday, December 27, 2013 9:43 AM To: Message Sniffer Community Subject: [sniffer] What is your oldest production CPU? Hello Sniffer Folks, We would like to know what your oldest production CPU is. When building new binaries of SNF or it's utilities we would like to select the newest CPU we can without leaving anybody behind. We're also evaluating whether we should split binaries into a compatible version base on Intel i686 (or equivalent AMD), and a current version based on Intel Core2 (or equivalent AMD). Please respond here. Thanks for your time!! _M -- Pete McNeil Chief Scientist ARM Research Labs, LLC www.armresearch.com 866-770-1044 x7010 twitter/codedweller # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com Send administrative queries to sniffer-requ...@sortmonster.com # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com Send administrative queries to sniffer-requ...@sortmonster.com -- Thanks, Greg AllureTech/CoffeyNet www.atwy.net 1546 E Burlington Ave Casper, WY 82601 307.473.2323 -- # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com Send administrative queries to sniffer-requ...@sortmonster.com
[sniffer] Re: IP Change on rulebase delivery system
I've been blocking subnets to the mail server manually for the past 10 days or so. Scan the logs and look at common IP sources for spam. PITA but I've got it under control. One of the earlier schemes I noticed was from .pw and .in top level domains. What I'm seeing now are messages coming from assorted domains but from a common subnet and hosting company - some US based. I've had mail queued up for 20-30 mins before delivery before adding some firewall rules. My mail server is an i5 running Windows Server. -- Original Message -- From: Richard Stupek rstu...@gmail.com Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Thu, 23 May 2013 14:22:59 -0500 Looks like I have this issue again (pegging 4 core cpu) and resetting the process doesn't make a difference. Not sure what is causing it but it does slow down spam detection to 40-50 seconds for many emails. Any ideas what I can look at or do to resolve this? On Fri, Mar 29, 2013 at 12:27 PM, Pete McNeil madscient...@armresearch.comwrote: On 2013-03-29 12:59, Richard Stupek wrote: well when all else fails restarting snf seems to have corrected the issue for now. In that case, it is likely that RAM fragmentation was involved. Dropping the process allowed the fragmentation to be cleared. (theory). Best, _M -- Pete McNeil Chief Scientist ARM Research Labs, LLC www.armresearch.com 866-770-1044 x7010 twitter/codedweller ##**##**# This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-digest@sortmonster.**comsniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com** Send administrative queries to sniffer-request@sortmonster.**comsniffer-requ...@sortmonster.com -- Thanks, Greg AllureTech/CoffeyNet www.atwy.net 1546 E Burlington Ave Casper, WY 82601 307.473.2323 -- # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com Send administrative queries to sniffer-requ...@sortmonster.com
[sniffer] Re: Opening truncate.gbudb.net
We had a hacker send bogus requests for login name, password and birth date to all our mail customers on one domain. 6 gave it up and made my life fun babysitting the mail server for the last week. Makes ya wonder how many give up credit card and bank info? The message did appear very legitimate, much better than average grammar, spelling and syntax. We never ask anyone for their BD but they probably forget that. One impacted customer wanted me to put back their original pw back in. Boss can't learn a new one! Sheesh.. -- Original Message -- From: Colbeck, Andrew acolb...@bentall.com Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Mon, 10 May 2010 09:03:27 -0700 I looked at the effectiveness of this test and I like what I'm seeing. The volume isn't high, but it is making a difference in the edge cases that are close to my hold weight. In particular, I'm finding that it is triggering on pump and dump DKIM spam from fresh netblocks that would otherwise leak into my mailboxes. Some of those also trigger SNIFFERSCAM. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: sniffer-...@sortmonster.com To switch to the DIGEST mode, E-mail to sniffer-dig...@sortmonster.com To switch to the INDEX mode, E-mail to sniffer-in...@sortmonster.com Send administrative queries to sniffer-requ...@sortmonster.com
[sniffer] .xml Error
When I try to view the log files in the SNF directory, I get XML Parsing Error: junk after document element through Firefox. I get The XML page cannot be displayed Cannot view XML input using XSL style sheet. Please correct the error and then click the Refresh button, or try again later when sent to IE. I assume these logs have some valuable info, how do I view them? # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Spam no using CAPTCHA!
Fortunately, from what I've read, CAPTCHA is about worthless if effectiveness counts. Frustrating for humans and not much of a barrier to the bots. -- Original Message -- From: Colbeck, Andrew [EMAIL PROTECTED] Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Wed, 11 Jun 2008 08:48:55 -0700 ... and it also means that OCR based spam filtering is succesful enough for the spammers to adopt CAPTCHA-style text-obfuscation-in-images as an evasion method. Andrew. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Wednesday, June 11, 2008 8:18 AM To: Message Sniffer Community Subject: [sniffer] Re: Spam no using CAPTCHA! Hello Daniel, Wednesday, June 11, 2008, 9:19:47 AM, you wrote: Hi Everyone, I just sent a spam sample to Message Sniffer, that was using CAPTCHA, it said CIALIS in the CAPTCHA. I'm curios to see what Pete thinks of this new tactic? On first look it is simply another way to use an obfuscated image to deliver their message and should be handled the same way. Use of CAPTCHA software to create this obfuscated image is an interesting choice -- it means people making good OCR resistant CAPTCHA generators are now unintentionally helping the blackhats defeat OCR based spam filtering. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Imail Upgrade
I'm running an older ver of Imail (8.05) and considering an upgrade. Is there much of a difference. The only issue I'm currently having is there is an exploit that some yahoo is crashing the server a couple times a month. Imail won't patch it so I either have to upgrade or move to another platform. I know this isn't Sniffer related but looking for some advice from someone running Imail. Thanks # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Address
I have SPF's set up for all the domains I host. There is a setting in Imail that says Hide From Information Services. That was off but I just enabled it. Is that a good thing [for me] or not? At 06:38 PM 9/24/2007, you wrote: Hello Greg, Monday, September 24, 2007, 8:10:23 PM, you wrote: Some of the spammers are apparently using my email address as the sender. Any way to defeat that or capitalize on it? I get several bounces a week from all over the world. One little thing you can do if it's not done already is to set up proper SPF records for your domains. That will at least help others skip the malware using your addresses more easily. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] July 18
Not sure what is up but I'm seeing lots of messages getting through to my primary folder since yesterday. Lots of .pdf attachments - Just checked and 10/11 were spam messages in my inbox. Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] .pdf Attachments
What is with all the .pdf attachments in spam? I haven't noticed this trend previously. Are they infected or what is the scheme? # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: After Updating MXGUARD
What platform is the server running? I had problems running Win2003 and the latest sniffer, had to back up one ver to make it work. -- Original Message -- From: Alberto Santoni [EMAIL PROTECTED] Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Thu, 28 Jun 2007 20:42:08 +0200 Pete, after a day the SNF doesn't work yet ... what else can I try? I have checked all that possible With my best regards Alberto Santoni --- ASPita Sprl Grande rue au Bois, 196 - 1030 - Brussels +32(0)2 217 85 28 office +32(0)2 735 78 65 fax +32(0)476 53 88 34 mobile Skype: Aspita.be --- -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: 27 June 2007 23:44 To: Message Sniffer Community Subject: [sniffer] Re: After Updating MXGUARD Hello Alberto, Wednesday, June 27, 2007, 5:15:58 PM, you wrote: Hello After an update of MxGuard 1.7 - 3.1 the Sniffer doesn't work any more I have the Sniffer in persistent mode and loaded with Srvany I found many files I never seen in the Sniffer dir .SRV .FIN .XXX Which tests can I do to understand the problem ? It turns out that those files have always been there - but most of them (not the SRV) went away very quickly. Most likely during your transition your SNF workspace got clogged with a lot of these and that is causing some problems. First thing to do is to shut down SMTP SNF (your persistent instance) and clear out all of those job files. Each file represents a sing scan job - the extension represents the status. With everything shut down there should be none of these files so it's safe to delete them. Once that is done you can start things up again and everything should work normally. If not then the normal testing procedures should help you discover the problem quickly. Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] ordb.org
I've noticed quite a few false positives and started some research. Many show hits from ORDB. Apparently ordb.org shut down late in 2006 but it's still in my mxguard config. How can it be coming up with hits when there is no server to check against? What blacklists do you recommend that we use? Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Lots of Spam getting through last two days
My secondary is catching most but I'm seeing quite a few sliding though Sniffer. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: SPAM Storm?
Seems like a normal day to me. Not much getting though but I checked the server logs and they are average sized for the day. At 04:19 PM 3/19/2007, you wrote: Is it me, or is there an unbelievable spam storm going on this afternoon?? # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: DNSBL
You are still running the Imail anti-spam services? I'm running pretty much the same software setup except Imail is ver 8.05. This is under win2003. I've pretty much disabled all the internal anti-spam tools and let Mxguard and Sniffer handle those duties. I disabled the dun blacklist months ago as it was causing false positives. None of the BL's are enabled under Imail here. At 11:19 AM 2/28/2007, you wrote: Hello does someone have heavy problems with the DNSBLs? I have Imail server 2006.1 + mxguard + messagesniffer and it is since about a week that my server has almost always the CPU at 100%. I have stopped the check for all DNSBL but nothing has changed! Any idea? Alberto # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: DNSBL
You definitely want to be running in persistent mode. I automated that whole process a while back after upgrading to Win2003. It deletes the .tmp .gse files a couple times per day. It flushes out the spool and spam folder for anything older than 5 days. In the good ol' days, I used to manually do all that at least once a day. The old 2000 install had some corrupt files and I couldn't automate anything, yuck! At 12:10 PM 2/28/2007, you wrote: At 07:19 PM 2/28/2007 +0100, Alberto Santoni wrote: Hello does someone have heavy problems with the DNSBLs? I have Imail server 2006.1 + mxguard + messagesniffer and it is since about a week that my server has almost always the CPU at 100%. I have stopped the check for all DNSBL but nothing has changed! - What makes you suspect DSNBL? - Have you seen an increase in the overall number of messages going through? - Are you using the sniffer persistant instance? - Check to see that the imail\spool\mx-pid folder isn't filling up. I'm running IMail 7.06/mxGuard/Message Sniffer and at times when I've had problems the solution has been to empty that mx-pid folder. -- Kirk Mitchell-General Manager[EMAIL PROTECTED] Keystone Connect Unlock Your World Altoona, PA 814-941-5000 http://www.keyconn.net # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: DNSBL
C:\WINDOWS\system32\cmd.exe /c c:\imail\isplcln -n 5 -l 10 Above is the command I use in scheduled tasks. Make sure you have ispcln.exe on your system. I can't remember whether it came with Imail or I had to download it somewhere. You only need to be concerned about the last few characters starting with the -n -- the number following specifies the # of days old spool files which will be deleted. -l # specifies the number of days of logs that will be kept. Older than 10 days on my system get deleted. Usage of either is optional. There might be other options under the command too, I can't recall. Here is the scheduled task for purging the spam folder after 5 days: C:\WINDOWS\system32\cmd.exe /c C:\IMail\immsgexp.exe -tc:\imail -d5 -mspam.mbx Use -mFolderName - you can purge out of any folder using this command Here's the syntax for deleting the .gse files: C:\WINDOWS\system32\cmd.exe /c del c:\imail\spool\*.gse I'm still on Win2k. I've been able to automate emptying the mx-pid folder periodically, downloading sniffer updates, and uploading/dating sniffer logs nightly. I could also automate dumping the .tmp and .gse files periodically(may give that shot), not sure how I could do the clean out files after 5 days thing though. I'm assuming you're talking about the scattered extra .smd files. -- Kirk Mitchell-General Manager[EMAIL PROTECTED] Keystone Connect Unlock Your World Altoona, PA 814-941-5000 http://www.keyconn.net # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] Thanks, Greg CoffeyNet/AllureTech v 307-473-2323 1546 E. Burlington cell 307-259-7962 Casper, WY 82601 fax 307-237-3709 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Significant increase in false positives
On Oct 16, 2006, at 5:17 PM, Darin Cox wrote: Anyone else seeing a sudden increase in FPs? We normally report a few each day, but we're seeing a 10x increase in FPs for the past three days. What particular group, if any, are you seeing them in? The experimental-abstract (61) category is my main fp problem lately. Curious, Greg # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: New purchase question
On Jun 19, 2006, at 2:17 PM, Pete McNeil wrote: Declude folks posted a combination rule that seems to be working well for them. Here is an excerpt from that post: If you are going to add that filter to your system, my advice is to give it a very low weight. Others said it worked great for them, but I was seeing a very high percentage of false positives with it. I'm currently testing a modification of the filter to see if this new version works better for me. Thanks, Greg Evanitsky ACS, Inc. (717) 248-2720 ext. 5113 # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
Re: [sniffer]spam storm
Nothing too out of the ordinary here - ~17,000 blocked messages between 10-11 AM EST. Yesterday same time frame was ~16,000. - greg -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Computer House Support Sent: Tuesday, May 23, 2006 10:35 AM To: Message Sniffer Community Subject: [sniffer]spam storm Dear Sniffer Friends, Our servers are really getting slammed with spam. Is anyone else seeing a hugh spam storm right now? Michael Stein Computer House # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
Re: [sniffer] FireDaemon
Yes I paid for it and I do have a license. The reason for using FireDaemon is that we already had it on the server another processes. [EMAIL PROTECTED] - Original Message - From: David Payer To: sniffer@SortMonster.com Sent: Sunday, July 31, 2005 8:15 PM Subject: Re: [sniffer] FireDaemon The newest version is not a free version. Older versions gave you one service for free. The new one does not. Got a license? David Payer - Original Message - From: Greg Wanner To: sniffer@sortmonster.com Sent: Sunday, July 31, 2005 5:43 PM Subject: [sniffer] FireDaemon Can anybody help me with a problem getting the persistent mode to work with FireDaemon. I loaded the latest version, 1.7. I believe I have everything setup correctly, the right .exe name, authenicationxx and persistent in parameters. It starts to fire up, then stops. Any hints? [EMAIL PROTECTED]
[sniffer] FireDaemon
Can anybody help me with a problem getting the persistent mode to work with FireDaemon. I loaded the latest version, 1.7. I believe I have everything setup correctly, the right .exe name, authenicationxx and persistent in parameters. It starts to fire up, then stops. Any hints? [EMAIL PROTECTED]
Re: [sniffer] FireDaemon
Pete: Yes it works from the command line with no problem. Do I need to stop the SMTP and declude config file before starting this as a service? [EMAIL PROTECTED] - Original Message - From: Pete McNeil [EMAIL PROTECTED] To: Greg Wanner sniffer@SortMonster.com Sent: Sunday, July 31, 2005 7:01 PM Subject: Re: [sniffer] FireDaemon On Sunday, July 31, 2005, 6:43:36 PM, Greg wrote: GW Can anybody help me with a problem getting the persistent GW mode to work with FireDaemon. I loaded the latest version, 1.7. GW I believe I have everything setup correctly, the right .exe name, GW authenicationxx and persistent in parameters. It starts to fire GW up, then stops. Any hints? Did SNF generate a log file? Were there any errors or warnings in the log file? If you execute the same command from the command line does it work? --- These are just basic things. I'm not very familiar with FireDaemon but it still pays to start with the basics ;-) You may also consider temporarily turning on the debug menu in the SNF .cfg file. If SNF is starting at all that may tell you why it stops. If you are not getting a log file from SNF (any log files) then chances are it has been called incorrectly so your command line settings are incorrect. That is, in general, SNF will almost always produce a log file - even if there are errors. If not then SNF probably did not run, or it rejected it's command line and exited right away. hope this helps, _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html --- [This E-mail scanned for viruses by EWOL using Declude Virus] --- [This E-mail scanned for viruses by EWOL using Declude Virus] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: [sniffer] Download server is really slow..
Me too [EMAIL PROTECTED] - Original Message - From: Chuck Schick [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, December 15, 2004 7:44 PM Subject: [sniffer] Download server is really slow.. Anyone else having that problem? Chuck Schick Warp 8, Inc. (303)-421-5140 www.warp8.com This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html --- [This E-mail scanned for viruses by EWOL using Declude Virus] --- [This E-mail scanned for viruses by EWOL using Declude Virus] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
