Thanks for the suggestion. I did the Telnet test to
MX1 and it fails from the mail server, but connects ok from my web
server.
Any ideas?
Michael SteinComputer House
- Original Message -
From:
Tech
Support
To: Message Sniffer Community
Sent: Tuesday, October 17,
Here is the error we are getting now on any mail to
Yahoo: Unexpected connection response
from server:
Out of curiosity, I ran "yahoo.com" through DNSREPORT.COM
and it said:
ERROR: I could not complete a connection to any of your mailservers!
So I guess I'll stop worrying about it and
Not really much any of us can do unless
someone has a friend who has a friend but its a problem
none the less as yahoo also sells their services to host email commercially for
any domain that will pay them
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of
Dear Pete,
I sent an E-mail to the Sniffer Community over an hour ago, and it has not
yet been received by anyone. I noticed that 2pm was the last sniffer mail
I got. Are these being held up for some reason?
Michael Stein
Computer House
Not really chances are a few tries several
seconds apart will yield the reverse on both servers
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of
Computer House Support
Sent: Tuesday, October 17, 2006
3:00 PM
To: Message
Sniffer Community
Subject: [sniffer]
Hello Computer,
Tuesday, October 17, 2006, 3:20:18 PM, you wrote:
Dear Pete,
I sent an E-mail to the Sniffer Community over an hour ago, and it has not
yet been received by anyone. I noticed that 2pm was the last sniffer mail
I got. Are these being held up for some reason?
I don't think
I have seen reports that Network Non-Solutions is having DNS Server issues
today.
John T
eServices For You
Seek, and ye shall find!
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of
Pete McNeil
Sent: Tuesday, October 17, 2006 2:29 PM
To:
Sorry for all these tests -- but a new copy of Declude Interceptor seems to
want to completely lose messages from lists.
Rob
#
This message is sent to you because you are subscribed to
the mailing list sniffer@sortmonster.com.
To
Please ignore this test.#
This message is sent to you because you are subscribed to
the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To
Anyone else seeing a sudden increase in FPs?
We normally report a few each day, but we're seeing a 10x increase in FPs for
the past three days.
Darin.
Hi Darin;
Not seeing a lot of false pos messages, but there are lots of spam
messages sneaking through our system because declude is not modifying
the header correctly. It is adding a header stub to the bottom of the
message so that users mail client filters which look for the modified
We see this occasionallywith Declude
1.82. What version are you running?
Darin.
- Original Message -
From: Herb Guenther
To: Message Sniffer Community
Sent: Monday, October 16, 2006 5:35 PM
Subject: [sniffer] Re: Significant increase in false
positives
Hi Darin;Not seeing a lot
Not sure, this is what my declude diags.txt says
Declude 4.1.0 Diagnostics
Compilation Platform: SmarterMail
Copyright (c) 2000-2005 Declude, Inc.
Herb
Darin Cox wrote:
We see this occasionallywith
Declude 1.82. What version are you running?
Darin.
-
Original Message
That's been a problem for a long time, but for us, it still
treats that e-mail as spam, with the appropriate weight. 100% of the time
if Declude does that, the e-mail is beyond our delete
weight.
Rob
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Herb
Ping them on the Declude list for the lack of
response, and CC David Barker for a response. He seem tobe the best
means ot getting results these days.
What version are you running? Understandably
you'll only get a response if you're running the latest 3.x or 4.x, as older
versions are no
Ahh... good. The first thing they'll probably
tell you is to update to the latest 4.x version, see if the problem persists,
then re-report it.
Darin.
- Original Message -
From: Herb Guenther
To: Message Sniffer Community
Sent: Monday, October 16, 2006 5:51 PM
Subject: [sniffer]
For us, it doesn't calculate the proper weight when
this happens, and only acts on the weight seen in the topmost headers. One
of these years I'll finally exercise the right to use our 4.x license, I just
don't have time for new problems at this point.
Darin.
- Original Message -
Anyone having issues getting email to Yahoo
today?
Thanks,
Bill Foresman
Matrosity Hosting
www.matrosity.com
850.656.2644
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Darin CoxSent:
Monday, October 16, 2006 6:15 PMTo: Message Sniffer
CommunitySubject:
We're
seeing it with the latest and greatest gateway
version.
Again, not a problem. Since it's above our
delete weight, always, we just delete them. Users never see
them.
Rob
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of Darin CoxSent:
Monday, October 16,
Since we have almost all business users and they do a lot of intl biz
we just mark the subject as "Probable SPAM:" so no email is deleted.
Oh well, I am off topic anyway, thanks for the feedback all.
Herb
Robert Grosshandler wrote:
That's been a problem for a long
time, but for us,
Me either, I guess I will have to call them in the AM as it seems to be
a general problem. As an aside, I am largely happy with the product
but this one has been a long term issue and seems from my experience to
be getting exploited by spammers.
Andy Schmidt wrote:
What's the magic
Hello Darin,
Monday, October 16, 2006, 5:17:26 PM, you wrote:
Anyone else seeing a sudden increase in FPs? We normally report a few each day, but we're seeing a 10x increase in FPs for the past three days.
Not sure if this is it, but there was an image segment rule that went in
Hi Pete,
I haven't looked at the Sniffer logs, as cross
referencing from the Declude logs is a bit of a pain, but many of the FPs did
have images, so that probably accounts for most of them if it was an
Experimental rule.
Darin.
- Original Message -
From: Pete McNeil
To: Message
Pete,
Would you please clarify this a bit. Declude of course doesn't record
the rule in the headers, so this is difficult to figure out. Knowing
the pattern may help identify the problematic messages. Also knowing
the start time and end time of the rule would also help.
I would be nice too
Hello Matt,
Monday, October 16, 2006, 10:03:04 PM, you wrote:
Pete,
Would you please clarify this a bit. Declude of course doesn't record the rule in the headers, so this is difficult to figure out. Knowing the pattern may help identify the problematic messages. Also knowing the start
Hi Matt,
I know Pete has requested this in the past, but
Declude hasn't been willing to make the change necessary for this to make it in
the headers. But I totally agree with you, I'd love to see this in the
headers so tracking down the rule isn't such a pain.
Darin.
- Original
Hi Pete,
Can you clarify what this .xhdr option is and how
we can enable it? I don't remember anything inthe
documentationthat describes it. I think there were references to the
config file previously, but there was never anything about it in mine. If
you could give an example of how to
There is no doubt that having Declude handle xhdr files would be
optimal. I might add that an option to exclude the header on non-hits
would also be wise. David Barker appears open to some feature requests
of late, and I would think that you could make this happen. Not
everyone has capacity
Please include this on the sniffer rules.
Thanks
Filippo
thread-index:
Acbs16ua41RVu3lDTDG9YCuK+hb+nw==
Thread-Topic: Newsletter HiTech Insider - n. 317 - 11/10/2006
From: Duke Editore [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Newsletter HiTech Insider - n. 317 - 11/10/2006
Date: Wed, 11
Please Filippo
Dont submit spam to this list
use instead [EMAIL PROTECTED]
Regards
Alberto
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On Behalf Of
Filippo Palmili
Sent: 11 October 2006 09:05
To: Message
Sniffer Community
Subject: [sniffer] Fwd: Newsletter
Hello John,
:-)
Tuesday, October 10, 2006, 9:01:55 PM, you wrote:
I have noticed in the last couple of weeks a greatly improved response time
in reports of false positives.
Just want to say thanks.
John T
eServices For You
Seek, and ye shall find!
Hello Alberto,
Wednesday, October 11, 2006, 4:14:46 AM, you wrote:
Please Filippo
Dont submit spam to this list use instead[EMAIL PROTECTED]
Yes! and also, if you have a "chronic" spam, you can zip a copy of the message and include it as an attachment to support@ along with
Hi Pete
Yes I have an account on which I get only
SPAM . I will set a rules to delete only spam already recognized from
your sniffer.
Let me know at which address I have to
send the data for this account
Alberto
From: Message Sniffer Community
[mailto:[EMAIL PROTECTED] On
Hello Alberto,
I will respond offlist.
Thanks,
_M
Wednesday, October 11, 2006, 10:12:47 AM, you wrote:
Hi Pete
Yes I have an account on which I get only SPAM . I will set a rules to delete only spam already recognized from your sniffer.
Let me know at which address I have to send
In order to keep my log files more orderly, I rotate them at 12:01 each
morning with the previous day's log named for that day. Every few days I
manually upload them to ftp.sortmonster.net File sizes run 8-11mb on average.
Until recently, I've never had any noticible issues doing it this way.
Hello K,
Wednesday, October 11, 2006, 3:55:40 PM, you wrote:
In order to keep my log files more orderly, I rotate them at 12:01 each
morning with the previous day's log named for that day. Every few days I
manually upload them to ftp.sortmonster.net File sizes run 8-11mb on average.
Hello,
I'm having trouble uploading my log files also. Here is an excerpt from
the log.
--13:41:49-- `/var/spool/snfilter/logs/12345abcde.log.0.gz'
=
ftp://snifferlog:[EMAIL PROTECTED]:21//var/spool/snfilter/logs/12345a
bcde.log.0.gz
Connecting to 207.97.229.114:21... connected!
Logging
Hello Jacques,
It seems that your upload script is attempting to make a subdirectory
on the log upload ftp server. This is not allowed. When you login as
snifferlog you are automatically put in the correct directory so all
you need to do next is PUT.
Hope this helps,
_M
Wednesday, October 11,
Where can I find a list of the latest result codes.
- Original Message -
From: John T (Lists) [EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Monday, October 09, 2006 7:56 PM
Subject: [sniffer] Re: Experimental Abstract
I concur Pete in that I have been
Hello Frederick,
Tuesday, October 10, 2006, 8:14:15 AM, you wrote:
Where can I find a list of the latest result codes.
http://kb.armresearch.com/index.php?title=Message_Sniffer.TechnicalDetails.ResultCodes
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
Hello Pete,
in witch time on day you suggest to schedule the autosnf.cmd task?
Please let mw know.
Thanks
Filippo
#
This message is sent to you because you are subscribed to
the mailing list sniffer@sortmonster.com.
To unsubscribe,
Hello Filippo,
The best time to download your rulebase file is when you receive an
update notification message.
If you want to use a scheduler then you should be sure your script
only downloads newer files and then schedule it to run about once per
hour.
To avoid congestion, you should pick the
I have noticed in the last couple of weeks a greatly improved response time
in reports of false positives.
Just want to say thanks.
John T
eServices For You
Seek, and ye shall find!
#
This message is sent to you because you are
Hello
I'm getting storms of spam and Sniffer sets them as (Experimental
Abstract)
Can someone explain how have I to treat them?
Many thanks in advance
Alberto
#
This message is sent to you because you are subscribed to
the mailing
I concur Pete in that I have been thinking about upping the weight for the
EXP tests. I recently changed ABST from 20 to 25. I attach at 25, hold at 30
and delete at 35.
SNIFFER-TRAVEL 47 20
SNIFFER-INSURANCE 48 20
SNIFFER-AV-PUSH 49 20
SNIFFER-WAREZ
I was setting a lower weight on the experimental/abstract result codes
due to inconsistent results in the past. However, after a review of
customer spam that was still getting through, I increased the weighting
on those codes to equal our hold weight. Customer is much happier now.
-Jay
Hi
We're attempting to install SNF with the new Declude Gateway product. We're
having problems. We're also having problems installing invariant systems'
INVURIBL product, which leads me to wonder.
Are any of you using SNF with Interceptor successfully?
While it definitely could be us, maybe,
Hi
We're attempting to install SNF with the new Declude Gateway product. We're
having problems. We're also having problems installing invariant systems'
INVURIBL product, which leads me to wonder.
Are any of you using SNF with Interceptor successfully?
While it definitely could be us, maybe,
We also sent this to [EMAIL PROTECTED] this morning so it is interesting
to see how this got submitted to the mail list if that is how it got
through.
Regards David Moore
[EMAIL PROTECTED]
J.P. MCP, MCSE, MCSE + INTERNET, CNE.
www.adsldirect.com.au for ADSL and Internet www.romtech.com.au for
Hi Pete. If you need any testers for this plugin, give me a shout.
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of Pete McNeil
Sent: Monday, October 02, 2006 8:07 PM
To: Message Sniffer Community
Subject: [sniffer] Re: MDaemon plug-in - Process
Hello Dave,
Will do :-)
When the alpha is ready I'll announce it here.
Thanks!
_M
Wednesday, October 4, 2006, 11:13:08 AM, you wrote:
Hi Pete. If you need any testers for this plugin, give me a shout.
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL
I'll work with you on that case in our support system, but please feel free to
post the results here if we find something that would be useful to the
community.
--
Dave Warren, [EMAIL PROTECTED]
Alt-N Technologies, Ltd.
www.altn.com
Okay great, that's what I thought. I'm with Dave Koontz, if you need any
alpha/beta/whatever testing of an Inline-SMTP module, let me know, I have a
server with a few hundred active mailboxes that I can use for testing.
For my part, I'm not interested in rejecting mail with MessageSniffer,
Title: Message
Original Message
Subject:
keep up with the jones'
Date:
Tue, 03 Oct 2006 17:52:39 -0800
From:
Larry Swinton [EMAIL PROTECTED]
To:
[EMAIL PROTECTED]
Message
???/
John T
eServices For You
Seek, and ye shall find!
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of Kim W. Premuda
Sent: Tuesday, October 03, 2006 6:00 PM
To: Message Sniffer Community
Subject:
Does anybody know if
it's possible to have the MessageSniffer plug-in run inline in MDaemon's SMTP
session rather then during queue processing?
It appears this is
causing MessageSniffer to not be scored by SpamAssassin -- If SA runs during the
SMTP session before MessageSniffer does it's
Pete,
Dave is working on the problem I posted over the weekend. (I think) Thanks
Dave.
Sniffer is processing and adding its headers but SA is not using them to add
to the spam score.
Thanks,
Grant
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of Sven De Troch
Sent: Sunday, September 24, 2006 10:05 AM
To: Message Sniffer Community
Subject: [sniffer] Re: Mdaemon plugin 'sleeping'
We are using v 9.0.6, we will try with version 9.0.7 within a
Hello Grant,
Saturday, September 30, 2006, 8:20:21 AM, you wrote:
snip/
We are having the same problem. Sniffer is processing the messages but it
appears as if SA is not picking it up. I posted this in the MDaemon
Discussion list yesterday and had one reply. Upgraded to 9.07 and tried
As a user of your MD plugin since it's Beta release, it has worked perfectly.
SA can have problems with completely unrelated rules / tests should there be a
syntax error in any one of SA's CF files.
I'd suggest using ONLY the default SA installation rules to test, and/or
running all CF
Why am I getting the following error when replying to a message here? It
certainly is NOT automatic... and has never happened before today.
---
Failed to deliver to 'sniffer@sortmonster.com'
LIST module(list sniffer@sortmonster.com) reports:
an automatically-generated message cannot be posted
Thanks Pete.
snip/
We are having the same problem. Sniffer is processing the messages but
it
appears as if SA is not picking it up. I posted this in the MDaemon
Discussion list yesterday and had one reply. Upgraded to 9.07 and tried
what the poster recommended and it is still not
Grant, Pete,
I *think* that the problem has been solved within our installation. I haven't
changed anything, but SPAM messages are not coming through anymore (execept
some Russian spam that SNF is not catching, but that's logical -- can I
forward these messages to someone é armresearch for
Hello Dave,
Saturday, September 30, 2006, 10:01:41 AM, you wrote:
Why am I getting the following error when replying to a message here? It
certainly is NOT automatic... and has never happened before today.
Very odd. Your messages came through - including this one.
_M
--
Pete McNeil
Chief
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of Dave Koontz
Sent: Saturday, September 30, 2006 10:02 AM
To: Message Sniffer Community
Subject: Error posting?
Why am I getting the following error when replying to a message here? It
Hello Sven,
Saturday, September 30, 2006, 10:30:27 AM, you wrote:
Grant, Pete,
I *think* that the problem has been solved within our installation.
I haven't changed anything, but SPAM messages are not coming through
anymore (execept some Russian spam that SNF is not catching, but
that's
Pete,
We already have a pop3 mailbox that is being used by your bots.
But the false negatives I'm talking about are in my own mailbox and I wanted to
forward them for analysis as well.
I'll use the provided email address to forward them.
Thanks,
Sven
-Original Message-
From: Message
Hi All,
I have looked on the submitted scripts page
(http://kb.armresearch.com/index.php?title=Message_Sniffer.TechnicalDeta
ils.SubmittedScripts) and found a wonderful script that downloads the
new rulebase file written in Perl (thanks Vivek!). Does anyone have a
script that uploads the log
hello,
Nobody has any idea? SA and SNF seems to be configured
correctly since most of the spams are being tagged.
Still have the problem that some spam with
"X-SortMonster-MessageSniffer-Result: 1--63" in the header is not being
scored (+5), see below.
thanks,Sven
From: Sven De
ok, I think that your are completely right, it seems that
SA is not always detecting it.
In my rules, Bayes = -4,1.
But I have seen lots of email wheren the SNF header was
inserted (X-SortMonster-MessageSniffer-Result: 52), and where the +5 score for
SNF detection has not been taken into
Crew,
If I might suggest something that has nothing to do with sniffer directly...
I succesfully reduced the number of spams delivered to our server with 25%
by automatically blacklisting the IP adresses which deliver spam. If the
weight of an e-mail goes over the hold weight, I add the IP
Dear all,
Configuration: mdaemon 9.0.6 / included spamassasin (from mdaemon) /
mdaemon plug-in (latest version)
Trial account.
We configured the plugin (scanning of emails and add 5 extra score point
to Mdaemon's Spam Assasin in case of spam) and it's working fine most of
the time, but:
The
Hi Sven,
My guess is that the plug-in is actually working but just not being logged
when MD is minimized (or Windows logged-off).
Check the MD Log Settings and enable Always log to screen.
Setup|Logging|Options - Enable Always log to screen
--Paul
-Original Message-
From: Message
Paul and Pete,
Thanks for the tips, the 'always log to screen' has been enabled now
(was disabled), so this should solve the problem of the logging (just
checked it and logging is ok now).
However (and that was the reason I thought that the plugin went to sleep
mode), some spams that have been
I just signed my annual renewal for Sniffer but it seems that it used to
catch lots of the email and now is only catching about 50% of the email Why
when we are sending in our information does this continue to happen? We are
getting lots of you won, Pharmacy spelled wrong and nonsense emails that
I have a question I've been wanting to ask for
awhile:
How many spams do most people get leaked into their mailbox?
ie they pass message sniffer?
When I first started over a year ago, very few spam made it
into my mailbox.
But the past 6 months I get 60-80 spam emails / day into my
Hello Gary,
I've checked your license id (based on your domain) and it is not
expired - updates seem to be working normally.
Is your update script working correctly?
_M
Friday, August 25, 2006, 11:48:46 AM, you wrote:
I have a question I've been wanting to ask for awhile:
I've checked your license id (based on your domain) and it is not
expired - updates seem to be working normally.
Is your update script working correctly?
Yes, My script is working. I have it set to get updates twice a day, at 0600
and 1800.
I also have a log upload script for once a day, it
Pete,
I have the same concern. I have been submitting the below spam (possible
Words virus) almost daily for more than week - yet, it still is not
discovered.
Am I submitting correctly?
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original
Hello Andy,
Wednesday, August 23, 2006, 8:57:48 AM, you wrote:
Pete,
I have the same concern. I have been submitting the below spam (possible
Words virus) almost daily for more than week - yet, it still is not
discovered.
Am I submitting correctly?
This particular spam campaign is a bit
FYI... I just reported one of these, so watch
out.
Darin.
Hello Darin,
I may be behind... but I don't see an FP report on this. Do you have
the rule id?
_M
Wednesday, August 23, 2006, 1:36:08 PM, you wrote:
FYI... I just reported one of these, so watch out.
Darin.
--
Pete McNeil
Chief Scientist,
Arm Research Labs,
Hi Pete,
I'm not sure which column is which, but here are the log lines for the
message (minus the authorization code)
20060823163449 D83a20d3001502962.SMD 0 32 Match 1100444 60 1502
1551 98
20060823163449 D83a20d3001502962.SMD 0 32 Final 1100444 60 0 3798
98
The FP was
Column 7 is the one that contains the rule that was hit. In this case,
it was 1100444.
Column 8 is the one that contains the group. In this case, it was 60
Ungrouped Black Rules (Sniffer General).
Andrew 8)
-Original Message-
From: Message Sniffer Community
[mailto:[EMAIL
Hello Darin,
I have processed an FP with that rule (1100444) - the rule was for an
obscure ebay link and has been removed.
Best,
_M
Wednesday, August 23, 2006, 3:23:55 PM, you wrote:
Hi Pete,
I'm not sure which column is which, but here are the log lines for the
message (minus the
I am seeing a lot of Spam emails with blank bodys is
this because our internet connection is too slow or because the spammers are
failing to complete there transaction
Received: from CIBER2.ctijdq6u.org [201.135.34.108] by
romtech.com.au with ESMTP
(SMTPD-8.22) id A02D0268; Thu, 24
Received: from PC05.4ueleoz.org
[202.215.167.25] by romtech.com.au with ESMTP
(SMTPD-8.22) id A7AC0224; Thu, 24 Aug
2006 08:33:16 +1000
Message-Id:
[EMAIL PROTECTED]
X-mxGuard-Info: Processed by romtech.com.au
using mxGuard v2.4
X-mxGuard-SpoolID: d7ab017912af
X-mxGuard-Sender:
Hi David:
There has been a rise in spam again and we just added some new rules to
our system. Lets give it a few days to see if they stop.
Have a great day.
Phil
David Moore wrote:
*Received: from PC05.4ueleoz.org [202.215.167.25] by romtech.com.au
with ESMTP*
* (SMTPD-8.22) id
Hello David,
Sometimes we have rules for empty email --- but there are many
different kinds of empty ;-) Often enough, some empty messages are
legitimate.
_M
Wednesday, August 23, 2006, 6:39:23 PM, you wrote:
Received: from PC05.4ueleoz.org [202.215.167.25] by romtech.com.au
I just want to know if I am submitting spam emails to [EMAIL PROTECTED] properly being in
Australia we see a lot of spam targeting ANZ, National and Commonwealth bank
and they seem to be evading the Sniffer program so when I send a spam to [EMAIL PROTECTED] (I am using Outlook
2003) I copy
Hello David,
I think this format should come through fine. Phishing is a constant
challenge because it is so variable and so close to a legitimate
message (on purpose).
I will code some rules for the message you submitted and I'm sure
Jason (Lead Rule Tech) will see this note and help us watch
Pete,
Is there any way to deal with the other new attachment based spasm we have
been seeing recently? I see a lot coming in that only say here is your
invoice and have an invoice.doc (or similar attachment). Inside the word
file is the spam itself. I've seen a bunch of these in the last week
Hello Jim,
I've started working on some of these also. SNF usually does look
inside file attachments so it's possible we can get to some of the raw
content -- in fact, most of it is already coded - but being inside all
of the binary cruft in a word document is keeping it out of the
scanning
We are seeing tons of spam coming through with the subject Re: new ... and
advertising drugs. Any luck on stopping this?
Chuck Schick
Warp 8, Inc.
(303)-421-5140
www.warp8.com
#
This message is sent to you because you are subscribed
We're seeing similar - I keep submitting them to [EMAIL PROTECTED], but
the same type of spam keeps getting through...
Nick Marshall
Legally privileged/confidential information may be contained in this
message. If you are not the addressee(s) legally indicated in this message
(or responsible
Hello Nick,
There have been a couple new very aggressive spikes today... most
likely these are part of that. I will dig-in with the rule-techs and
see what is what.
Thanks,
_M
Monday, August 21, 2006, 11:27:37 AM, you wrote:
We're seeing similar - I keep submitting them to [EMAIL PROTECTED],
Would that be the Laugh in the subject line pharmaceutical spam
campaign?
That was mentioned by Dave Doherty on the Declude.JunkMail mailing list,
and when I checked my logs I found many hundreds with clear variations
on the keywords in the text, e.g. there is a joke about lawyers and they
are
Hello Andrew,
That's not the one I had in mind, but if it's in there we'll code for
it.
_M
Monday, August 21, 2006, 12:02:42 PM, you wrote:
Would that be the Laugh in the subject line pharmaceutical spam
campaign?
That was mentioned by Dave Doherty on the Declude.JunkMail mailing list,
I am running mxGuard, invURIBL, Message sniffer and I have just installed
the Message Sniffer as a service in persistent mode. I have a few files in
the Sniffer directory that are about 24 hour old can they be deleted?
(License code removed)
-20060812095802xAAF83996-1008.SVR
Hello David,
Anything 24 hours old is safe to delete.
_M
Saturday, August 12, 2006, 4:52:36 PM, you wrote:
I am running mxGuard, invURIBL, Message sniffer and I have just installed
the Message Sniffer as a service in persistent mode. I have a few files in
the Sniffer directory that are
1101 - 1200 of 2914 matches
Mail list logo
