[sniffer] Upgraded Rulebase Delivery System

2008-07-12 Thread Pete McNeil
Hello Sniffer Folks,

Early this morning we completed significant upgrades to our rulebase
delivery system yielding a 10 fold increase in available bandwidth and
a 5 fold increase in delivery transaction rates.

Please let us know if you observe any negative or positive effects.

From observations and theory rulebases should be delivered more
quickly and more frequently.

I will continue to monitor the system closely for any aberrations.

Thanks,

_M

-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: Upgraded Rulebase Delivery System

2008-07-12 Thread Dusty Carden
Yes. I woke up to boxes full of spam. I have not got in to the system to see 
what is happening but it looks like my rules are not working. 

--Original Message--
From: Pete McNeil
Sender: Message Sniffer Community
To: Message Sniffer Community
ReplyTo: Message Sniffer Community
Sent: Jul 12, 2008 3:33 AM
Subject: [sniffer] Upgraded Rulebase Delivery System

Hello Sniffer Folks,

Early this morning we completed significant upgrades to our rulebase
delivery system yielding a 10 fold increase in available bandwidth and
a 5 fold increase in delivery transaction rates.

Please let us know if you observe any negative or positive effects.

From observations and theory rulebases should be delivered more
quickly and more frequently.

I will continue to monitor the system closely for any aberrations.

Thanks,

_M

-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]




NetEase Internet Access Service
Parsons, TN
888-463-8327 / 731-845-5640
#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: Upgraded Rulebase Delivery System

2008-07-12 Thread Peer-to-Peer (Support)
All appears to be working correctly here :-)

--PTP

-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED]
Behalf Of Pete McNeil
Sent: Saturday, July 12, 2008 4:34 AM
To: Message Sniffer Community
Subject: [sniffer] Upgraded Rulebase Delivery System


Hello Sniffer Folks,

Early this morning we completed significant upgrades to our rulebase
delivery system yielding a 10 fold increase in available bandwidth and
a 5 fold increase in delivery transaction rates.

Please let us know if you observe any negative or positive effects.

From observations and theory rulebases should be delivered more
quickly and more frequently.

I will continue to monitor the system closely for any aberrations.

Thanks,

_M

-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]








#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Slow economy - More Spam

2008-07-12 Thread Peer-to-Peer (Support)
(theory):

We're predicating an up-tick in spam over the coming months due to the
(Global) economy which is dramatically slowing.  Small businesses are
feeling the pinch and business owners are beginning to panic (as you would
naturally expect).  So to make up for lost revenue they will advertise,
heavily (just like chasing your money at the casino).  An attractive way to
advertise would be email (or so they think).

Batten down the hatches.


--PTP





#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: Upgraded Rulebase Delivery System - All OK here

2008-07-12 Thread E. H. (Eric) Fletcher

Pete:

We have a regional based trap running post-Sniffer.  When Sniffer hiccups 
(or we've done something to cause it to hiccup) there are thousands of mails 
in it over the space of a few hours, almost all spam.


There is no increase there overnight so our rulebases are definitely still 
working as expected.


On that note, we ended up having to go to the RC code very early this year 
because of the increasing high levels of spam getting through the last 
release version.  I know this shouldn't have been the case but in that final 
RC version we were running the leakage was fairly significant, 
(approximately 40 times what it was in a typical night like last night for 
example).  The rule base updates were working and all mail was getting 
vetted but some part of the magic you do didn't seem to be working.  We 
waited a week or so following your release notice for 3.0 to install it and 
found an immediate reduction in spam to the sort of levels you were 
achieving for us a year or so ago (adjusted a little for the increased level 
of what's out there today vs. a year ago).


All appears to be well here.

No reply necessary.

Thanks for a great product.
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]

To: Message Sniffer Community sniffer@sortmonster.com
Sent: Saturday, July 12, 2008 1:33 AM
Subject: [sniffer] Upgraded Rulebase Delivery System


Hello Sniffer Folks,

Early this morning we completed significant upgrades to our rulebase
delivery system yielding a 10 fold increase in available bandwidth and
a 5 fold increase in delivery transaction rates.

Please let us know if you observe any negative or positive effects.


From observations and theory rulebases should be delivered more

quickly and more frequently.

I will continue to monitor the system closely for any aberrations.

Thanks,

_M

--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
 the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]




#
This message is sent to you because you are subscribed to
 the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: [Fwd: FW: [sniffer] Re: Upgraded Rulebase DeliverySystem]

2008-07-12 Thread Dusty Carden
That is exactly what happens here. 

Dusty

NetEase Internet Access Service
Parsons, TN
888-463-8327 / 731-845-5640

-Original Message-
From: Steven Z. Harris [EMAIL PROTECTED]

Date: Sat, 12 Jul 2008 11:04:57 
To: Message Sniffer Communitysniffer@sortmonster.com
Subject: [sniffer] [Fwd: FW: [sniffer] Re: Upgraded Rulebase Delivery
 System]


I am having the same problem.  My existing production wget script is not 
able to download the new .snf file, but I can do it manually with a 
browser.  From my log I see that wget makes the connection to the 
server,  and can see the .snf file, but the connection is closed 
immediately when the download starts.

Steve

*
*

*From:* Message Sniffer Community [mailto:[EMAIL PROTECTED] *On 
Behalf Of *NetEase Operations Manager
*Sent:* Saturday, July 12, 2008 10:15 AM
*To:* Message Sniffer Community
*Subject:* [sniffer] Re: Upgraded Rulebase Delivery System

 

I am running version 2.x.  I have investigated further and wget errors 
out when it tries to get the snf file.  I end up with a 0 size snf file.

 

Dusty

 



*From:* Message Sniffer Community [mailto:[EMAIL PROTECTED] *On 
Behalf Of *Pete McNeil
*Sent:* Saturday, July 12, 2008 8:44 AM
*To:* Message Sniffer Community
*Subject:* [sniffer] Re: Upgraded Rulebase Delivery System

 

Hello Dusty,

 

Saturday, July 12, 2008, 8:07:12 AM, you wrote:

 

* Yes. I woke up to boxes full of spam. I have not got in to the*

* system to see what is happening but it looks like my rules*

* are not working.*

 

I have no telemetry from your sysetem. Either you are not yet running

the latest version or it is broken.

 

Several other systems I can see are showing up to date rulebases and

capture rates greater than 98.5 % on average.

 

Please let me know if you're running version 3.0 or 2.x.

 

Please check your .snf file - the timestamp I have on our server is

Jul 12 08:34 - just over an hour behind at this time. About due for a

new compile.

 

I also note that a spam storm began approximately 4 hours ago and is

continuing with reduced strength now. (Image attached)

 

 

_M

 

 

/-- /

/Pete McNeil/

/Chief Scientist,/

/Arm Research Labs, LLC./


 
#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: [Fwd: FW: [sniffer] Re: Upgraded Rulebase Delivery System]

2008-07-12 Thread Pete McNeil




Hello Steven,

Saturday, July 12, 2008, 11:04:57 AM, you wrote:







I am having the same problem. My existing production wget script is not able to download the new .snf file, but I can do it manually with a browser. From my log I see that wget makes the connection to the server, and can see the .snf file, but the connection is closed immediately when the download starts.





I'm working on this. I'm not sure what's causing it-- Apparently some option in wget.

I have verified that some older scripts don't work. It appears to be related to whether gzip is accepted.

_M



--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.



#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: [Fwd: FW: [sniffer] Re: Upgraded RulebaseDelivery System]

2008-07-12 Thread Dusty Carden
At least I am not going crazy then. I have been pulling my hair out trying to 
find what it is. 

DC

NetEase Internet Access Service
Parsons, TN
888-463-8327 / 731-845-5640

-Original Message-
From: Pete McNeil [EMAIL PROTECTED]

Date: Sat, 12 Jul 2008 11:35:56 
To: Message Sniffer Communitysniffer@sortmonster.com
Subject: [sniffer] Re: [Fwd: FW: [sniffer] Re: Upgraded Rulebase
 Delivery System]


Hello Steven, 

 
Saturday, July 12, 2008, 11:04:57 AM, you wrote: 

 
 
 
 
I am having the same problem. �My existing production wget script is not able 
to download the new .snf file, but I can do it manually with a browser. �From 
my log I see that wget makes the connection to the server, �and can �see� the 
.snf file, but the connection is closed immediately when the download starts.� 

 
I'm working on this. I'm not sure what's causing it-- Apparently some option in 
wget. 

 
I have verified that some older scripts don't work. It appears to be related to 
whether gzip is accepted. 

 
_M 

 

 

 
--� 
Pete McNeil 
Chief Scientist, 
Arm Research Labs, LLC. 

[sniffer] Upgrades termporarily off-line.

2008-07-12 Thread Pete McNeil
Hello Sniffer Folks,

Due to some unexplained problems w/ apache and tmpfs, I have taken the
upgrades to our delivery system off-line.

It appears that when rulebase files were retrieved using compression
(gzip) the downloads would work correctly. When compression was turned
off apache would complain that the file did not exist.

I have tested non-compressed downloads and they appear to be working
correctly again.

Sorry for the trouble.

I will keep you posted on our progress.

_M

-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Upgrades restored!

2008-07-12 Thread Pete McNeil
Hello Sniffer Folks,

The rulebase delivery system upgrades have been restored.

I have tested the system with the new settings and the older scripts
successfully.

Some rulebases will be absent from the server for a short time while
the rule-bots recompile them. After that there should be no problems.

Please let us know if you have any trouble.

Thanks,

_M

-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.

PS: If you are still using the old version of SNF, or the old way of
downloading rulebase files please upgrade as soon as you can. Thanks!



#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]