Hello Sniffer Folks,
Watch out for false positives. This morning along with the current
spam storm we discovered that SURBL and SORBs are listing a large
number of ISP domains and anti-spam service/software providers.
As a result, many of these were tagged by our bots due to spam
Pete,
I just checked real quick hitting several DNS servers (mine and others) and
I am not seeing this - are you still seeing this now?
C:\nslookup 2.0.0.127.multi.surbl.org
Server: nscache5.bflony.adelphia.net
Address: 68.168.224.180
Non-authoritative answer:
Name:
On Tuesday, January 17, 2006, 7:21:11 AM, Matt wrote:
M Pete,
M w3.org would be a huge problem because Outlook will insert this in the
M XML headers of any HTML generated E-mail.
M If you could give us an idea of when this started and possibly ended,
M that would help in the process of review.
Pete,
I reviewed my Hold range going back to Monday morning and I wasn't able
to find anything out of the ordinary. I also searched my logs from my
URIBL tool that queries SURBL among other things, and I wasn't able to
find any hits for those domains that you pointed out. I guess that I
On Tuesday, January 17, 2006, 8:10:44 AM, Darrell wrote:
Dsic Pete,
Dsic I just checked real quick hitting several DNS servers (mine and others)
and
Dsic I am not seeing this - are you still seeing this now?
Nope... it was short lived.
_M
This E-Mail came from the Message Sniffer mailing
On Tuesday, January 17, 2006, 10:15:51 AM, William wrote:
WS ws.surbl.org does not have these domains, and it appears none of
WS the other surbls does either. From
WS http://www.rulesemporium.com/cgi-bin/uribl.cgi :
WS SURBL+ Checker Query Results
WS declude.com is 63.246.13.88 [ rbl
Hello Sniffer Folks,
There is an unknown problem with the bots surrounding SURBL and
SORBS testing. Rather than search for all the needles in all the
haystacks we are taking the following action:
The bots will be offline until further notice - so all rules will be
those that are
Thank you, Pete.
In my spelunking, I've found too many rules to put in as panic entries
my .cfg file, and this morning I dropped the weight for my experimental
class tests to low values, and heavily edited my combo tests that
build on Sniffer hits.
I'm attaching a report showing the number of
Hello Sniffer Folks,
I have posted a CSV file containing all of the rule IDs that are
likely to be involved in the recent problem with the bots. These are
the rules that we pulled out of service - they were created by the
bots between 2300E yesterday and up to the time we turned off the
Can you send the update or I will have to disable
Sniffer.
It is catching almost all our emails.
On Tuesday, January 17, 2006, 6:44:20 PM, Frederick wrote:
FS
FS
FS Can you send the update or I will have to disable Sniffer.
FS
FS
FS
FS It is catching almost all our emails.
Your last update was 2144GMT, about 146 minutes ago (if my math is
right). Pacing as at 150 minutes,
11 matches
Mail list logo
