[sniffer] Re: SNFV2-9 Wide Beta now at version 1.4
Pete, Im a bit confused about the persistasnt mode settings. I don't remember installing a service for my current sniffer installation. I thought it just continued running after the first time it was called by my mail server. With the new release, do I have to install as a service? Thanks, Chris -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, October 09, 2007 5:54 PM To: Message Sniffer Community Subject: [sniffer] SNFV2-9 Wide Beta now at version 1.4 Hello Sniffer Folks, We have worked through some minor bugs and added some new features. The newest version of the beta is 1.4. http://kb.armresearch.com/index.php?title=Message_Sniffer.GettingStarted .Distributions#NEW_SNF_V2-9_Wide_Beta Please upgrade your snf_engine.xml and SNFServer.exe files from the latest distribution when you get a chance. * Adds support for scanning Communigate Pro message files directly. * Tightens up XCI handler code. * Removes problematic/redundant XCI watchdog code which caused trouble on some MDaemon systems. Source MDaemon folks-- a revised alpha distribution will be updated shortly with the new changes incorporated. Thanks, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: SNFV2-9 Wide Beta now at version 1.4
Ok I guess I had a basic understanding of how the old way and new way works, that makes it much clearer. I hadn't messed with it until now I'm looking at the new version b/c I am getting a lot of spam thru the floodgates lately, more and more. I tried creating a service with srvany but it was throwing an error when I was starting the service. Any special arguments you are supposed to put in the path that the service runs? Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 3com IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV HP Computers/Servers Printers -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, October 09, 2007 8:13 PM To: Message Sniffer Community Subject: [sniffer] Re: SNFV2-9 Wide Beta now at version 1.4 Hello Chris, Quite a while ago, SNF was based on cellular peer-server technology. Each time your MTA called SNF with a message it would look to see if any other instances were alive and if they were then they would coordinate together to save resources. A bit after that we created a persistent mode where you could start an instance that would run as a kind of lightweight service. That instance would stay alive all the time so as you called other instances to scan messages they would see the persistent instance and let it take care of the heavy work -- that way only one instance ever had to load the rulebase file. Once the persistent mode was available there was no reason to use SNF any other way so most folks set up a persistent instance and took advantage of the extra throughput on their systems. That is currently the accepted way to run SNF. The new version is a complete departure from the old ways. There is now a client and a service. The client software knows how to talk to the server software and that's about all it does. The server software does all of the scanning and other heavy tasks. Now, for most folks, this is a fairly simple transition. They will replace their persistent instance with the new server software and they will begin calling the new client software the same way they used to call SNF. The client will pass the scan request on to the server and will return the customary result code. If you've never run a persistent instance using srvany, Firedaemon, or some other tool then that part will be new to you. Hope this helps, _M Tuesday, October 9, 2007, 7:36:02 PM, you wrote: Pete, Im a bit confused about the persistasnt mode settings. I don't remember installing a service for my current sniffer installation. I thought it just continued running after the first time it was called by my mail server. With the new release, do I have to install as a service? Thanks, Chris -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, October 09, 2007 5:54 PM To: Message Sniffer Community Subject: [sniffer] SNFV2-9 Wide Beta now at version 1.4 Hello Sniffer Folks, We have worked through some minor bugs and added some new features. The newest version of the beta is 1.4. http://kb.armresearch.com/index.php?title=Message_Sniffer.GettingStarted .Distributions#NEW_SNF_V2-9_Wide_Beta Please upgrade your snf_engine.xml and SNFServer.exe files from the latest distribution when you get a chance. * Adds support for scanning Communigate Pro message files directly. * Tightens up XCI handler code. * Removes problematic/redundant XCI watchdog code which caused trouble on some MDaemon systems. Source MDaemon folks-- a revised alpha distribution will be updated shortly with the new changes incorporated. Thanks, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED
[sniffer] Re: New campaign not caught
What is up with the PDF spams? They are getting thru the filters like crazy for the past few days... Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 3com IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com/ -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV HP Computers/Servers Printers -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Tuesday, August 07, 2007 2:44 PM To: Message Sniffer Community Subject: [sniffer] Re: New campaign not caught Hello Scott, We have been working on both and we've made progress. There are a number of other variants and campaigns all with high bandwidth we are also working on. _M Tuesday, August 7, 2007, 12:46:36 PM, you wrote: Last night I started getting spam with numbers in the subject and a hex code in the body. This morning that switched over to stock spam PDFs. Hopefully rules can be targeted towards them! Scott Fisher Dir of IT Farm Progress Companies 191 S Gary Ave Carol Stream, IL 60188 Tel: 630-462-2323 This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Although Farm Progress Companies has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: .pdf Attachments
Also getting tons of them in past few days Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Joe Wolf Sent: Thursday, June 28, 2007 10:44 AM To: Message Sniffer Community Subject: [sniffer] Re: .pdf Attachments I'm getting a bunch of these as well the last few days. Sniffer is only catching about 50% of them. -Joe - Original Message - From: Greg Coffey [EMAIL PROTECTED] To: Message Sniffer Community sniffer@sortmonster.com Sent: Thursday, June 28, 2007 9:20 AM Subject: [sniffer] .pdf Attachments What is with all the .pdf attachments in spam? I haven't noticed this trend previously. Are they infected or what is the scheme? # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Appriver issue
Maybe I caused the confusion. The problem I had was with my customer using appriver. Not with my customers using message sniffer. How can something that happens with rulebase downloads effect your mail server? It shouldn't. I would expect there's a seperate problem with your mail server that jus happened to occur the same day by coincidence I received a call from appriver today explaining that they released a patch that had acted badly on their servers. Which is why appriver customers had problems. Message sniffer resides on your own server so it should never be effected by any outside outages Thank You, Chris Bunting Lancaster Networks 717-278-6639 Sent by my BlackBerry wireless device -Original Message- From: Pete McNeil [EMAIL PROTECTED] Date: Fri, 18 May 2007 21:44:18 To:Message Sniffer Community sniffer@sortmonster.com Subject: [sniffer] Re: Appriver issue Hello Kevin, Friday, May 18, 2007, 8:52:47 PM, you wrote: Pete - Thanks for the reply, but I guess I don't understand what you're saying. Some packet loss and rulebase downloads to slow down for a time don't reflect what happened to me yesterday and apparently not what happened to one of the other posters either when he said that Appriver was having a problem with sending messages over and over again. I received over (at last count) 35,000 messages (almost all of which were bounced replies, from one email from one of our users who sent an email to about 70 people) yesterday. And I had already gone to http://www.armresearch.com/ yesterday and there was nothing there. There is nothing there today that I can see. What happened? I lost an entire day's worth of email because of bounced messages. I didn't sleep last night. I don't even use Appriver. I would hope someone could explain it a little better than that. Thanks. I was answering the question - how is AppRiver related to Message Sniffer. I don't have specifics on the problem at AppRiver yet - they are still picking up the pieces, though operations are back to normal afaik. I do know (preliminarily) that the problem occurred when a new piece of software caused some messages with multiple recipients to loop and as a result to be replicated and resent repeatedly. If you are not a user of AppRiver then you shouldn't have been effected. Perhaps if you sent a message to someone who is a user of AppRiver then that might have gotten your messages involved. The only direct effect I'm aware of for SNF users was that for a time rulebase downloads were slowed due to packet loss. Since we use AppRiver for filtering (they, after all are using SNF) some messages that get sent to us apparently did loop to some lists. Also, some email to our accounts was delayed. I would need to know a lot more about your system and the email you lost before I could make any guesses as to what happened there -- but if you're not using AppRiver then you shouldn't have been effected. Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Downloads are not working....
Matt, I see their contact info there, where are you saying they removed it?? Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Thursday, May 17, 2007 2:23 PM To: Message Sniffer Community Subject: [sniffer] Re: Downloads are not working Appriver, who is somehow involved with Sniffer, is having a ridicolous problem with sending messages over and over again (once every few seconds). They pulled their contact information from their site but didn't take down their servers. I suspect this is putting strain on them and if Sniffer uses their bandwidth for downloads, that could explain things. Matt Chuck Schick wrote: Speeds are really slow and the connection is lost before completionEverything checks out good on our end. Is something going on with the sortmonster end of things? Chuck Schick Warp 8, Inc. (303)-421-5140 www.warp8.com # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Downloads are not working....
Thanks Pete. I just called them and got someone to tell me the same but no eta. Thank You, Chris Bunting Lancaster Networks 717-278-6639 Sent by my BlackBerry wireless device -Original Message- From: Pete McNeil [EMAIL PROTECTED] Date: Thu, 17 May 2007 14:48:35 To:Message Sniffer Community sniffer@sortmonster.com Subject: [sniffer] Re: Downloads are not working Hello Matt, Thursday, May 17, 2007, 2:22:56 PM, you wrote: Appriver, who is somehow involved with Sniffer, is having a ridicolous problem with sending messages over and over again (once every few seconds). They pulled their contact information from their site but didn't take down their servers. I suspect this is putting strain on them and if Sniffer uses their bandwidth for downloads, that could explain things. I'm not sure what the actual issue is (I will get that data later), however I've just been informed that it should be resolved in the next 20 minutes or so. Our rulebase server is on the same network so it is effected. BTW - they did not take down their contact information. It is right where it always has been. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Downloads are not working....
Today's outage was horrible for one of my customers who was waiting on important emails regarding a property closing today they were buying, it it fouled all sorts of things up. I guess in some ways appriver's hosted solution is nice if YOUR server goes down, but if THEIR servers go down, its bad I think I'm going to move them on to my servers using message sniffer instead... Service finally came up around 6pm ET and they got the emails finally Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Thursday, May 17, 2007 3:55 PM To: Message Sniffer Community Subject: [sniffer] Re: Downloads are not working Thanks for the update, Pete. Over on the Declude JunkMail support mailing list, it's like déjà vu all over again. Andrew 8) p.s. For the many of us here that don't subscribe to that list... The small number of recently active messages have been re-queued to the list several times. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Thursday, May 17, 2007 12:50 PM To: Message Sniffer Community Subject: [sniffer] Re: Downloads are not working Hello Chris, Thursday, May 17, 2007, 2:30:13 PM, you wrote: Oh god, that would explain why I put in a support request with appriver and it bounced back. One of our clients exchange servers was down today and they queue mail until it is back up, but I'm trying to get someone to release it now. This isn't good The good news is that the problem has been corrected now. We are still seeing some after-effects from it, but those should be gone before too long. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Lots of Spam getting through last two days
I've been seeing lots of spam overall for the past few weeks. Filters are definitely not working as they used to. All of my customers are commenting about it also Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Greg Coffey Sent: Saturday, May 05, 2007 11:55 AM To: Message Sniffer Community Subject: [sniffer] Lots of Spam getting through last two days My secondary is catching most but I'm seeing quite a few sliding though Sniffer. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Anyone else getting hit hard today?
I'm getting a ton of spam today that is getting thru the filter, and a lot that is getting caught... anyone else seeing this? Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright.
[sniffer] Re: Blank Header Emails still getting Through
You can set up a rule on your mail server to reject them if they have blank headers Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Bayerdorffer Sent: Thursday, March 29, 2007 2:42 PM To: Message Sniffer Community Subject: [sniffer] Blank Header Emails still getting Through Hello, I've sent examples of these, every time I get them for several weeks, and they are still getting through. Is there something about them that is difficult? Because the body always has the same message. Something about doing email campaigns for charities. Thanks, Daniel -- Daniel Bayerdorffer [EMAIL PROTECTED] Numberall Stamp Tool Co., Inc. PO Box 187 Sangerville, ME 04479 USA TEL 207-876-3541 FAX 207-876-3566 www.numberall.com http://www.numberall.com/ # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Integration with Mailenable - Domain Keys
The other issue with SmarterMail is it doesn't have any gui. Which I guess isn't a bad thing. But I sometimes like a gui for certain things. Also Declude seemed very expensive to use with sniffer Sent via my BlackBerry - Ask me about it! -Original Message- From: E. H. \(Eric\) Fletcher [EMAIL PROTECTED] Date: Sat, 17 Mar 2007 14:42:43 To:Message Sniffer Community sniffer@sortmonster.com Subject: [sniffer] Re: Integration with Mailenable - Domain Keys Phil / Jay: I am also looking at SmarterMail as an addition to or replacement for several IMail servers and looking at calling MessageSniffer from it without Declude because of the Declude bundling of things we don't want or see value in. While doing a little more reading on the SmarterTools site I saw a link that addresses your discussion on domain keys: http://smartermail.exhalus.net/domainkeys/ Eric - Original Message - From: Jay Sudowski - Handy Networks LLC [EMAIL PROTECTED] To: Message Sniffer Community sniffer@sortmonster.com Sent: Saturday, March 17, 2007 1:43 PM Subject: [sniffer] Re: Integration with Mailenable Hi Phil - Good question. We integrate Sniffer into SmarterMail via Declude. However, SmarterMail does have the capability to run a program against a message before it is delivered. We have some customers that use a batch file to call f-prot and get virus scanning integrated into their mail server on the cheap. I believe it would likely be possible to make use of the same functionality to call Sniffer directly, and thus avoid having to purchase Declude. I have just never had a need to attempt this. As for domain keys, I don't believe so. However, you can setup SPFyou're your domains simply by adding the appropriate DNS records to said domains zone files. -Jay -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Phillip Cohen Sent: Friday, March 16, 2007 12:01 PM To: Message Sniffer Community Subject: [sniffer] Re: Integration with Mailenable Jay, Thanks for the heads up on Mailenable. I took a look at SmarterMail and it looks pretty good. How does it interface with Message Sniffer or does it require and external gateway such as EWall? How has support been with it and how have they been as far as updates. Also does it have domain keys capability and SPF support for sending mail to yahoo.com etc... Thanks, Phil At 07:26 PM 3/15/2007, you wrote: Stay Away From MailEnable. There are so many exploits out there for MailEnable, and there are more exploits found monthly, if not weekly. At one particular interval, MailEnable had to re-release the same patch several times in the *same* week because it kept on not actually fixing the root of the issue. If you run MailEnable, odds are that you will end up exploited, even if you stay on the of the patches. On top of that, MailEnable is just simply a CPU and IO hog, much more so than other other mail server I have ever seen. By default, they use entirely text based configuration files, which on occasion get truncated to zero during periods of high activity on the server. In the past year, we have assisted our customers move 20,000+ mailboxes away from MailEnable, mostly all to SmarterMail. Do not waste your time and money with MailEnable. -Jay -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Phillip Cohen Sent: Thursday, March 15, 2007 12:22 PM To: Message Sniffer Community Subject: [sniffer] Integration with Mailenable We are finally going to replace our old Vopmail server. Looking at Mailenable Enterprise. Will Sortmonster work with that program? Is anyone using Mailenable? If so how is it and if it works with Sortmonster how did you use them together. THanks, Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] #
[sniffer] Re: Merak integration problems
Thanks Pete, that did the trick! Although after importing the filter it's a bit stange how it actually works (I can't find the logic listed after importing it into the GUI), but it does actually work well. Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Monday, March 12, 2007 7:23 AM To: Message Sniffer Community Subject: [sniffer] Re: Merak integration problems Hello Chris, Monday, March 12, 2007, 1:07:37 AM, you wrote: Fellow Listees... I am currently running Merak Mail Server 8.9.1, and using my own implementation of Message sniffer as an antivirus scanner. snip/ Anyone have any ideas? Have you seen this: http://forum.icewarp.com/viewtopic.php?p=3964sid=09b684820aa495200c00be 8857c42e6c Or more specifically this: aguk Joined: 16 Oct 2006 Posts: 105 Posted: Mon Dec 18, 2006 11:01 pmPost subject: Well stupidly there is a Content Filter to make this work. I have the following content filter and it appears to be working. Code: CONTENTFILTERFILTERACTIVE1/ACTIVE TITLESNIFFER/TITLE READONLY0/READONLY CONDITIONAND1/AND LOGICALNOT0/LOGICALNOT EXPRESSION6/EXPRESSION CONTAINTYPE8/CONTAINTYPE MESSAGESIZESMALLER0/MESSAGESIZESMALLER MESSAGESIZE1/MESSAGESIZE /CONDITION CONDITIONAND1/AND LOGICALNOT0/LOGICALNOT EXPRESSION4/EXPRESSION CONTAINTYPE8/CONTAINTYPE CONTAIND:\sniffer\snfrv2r3.exe xnk05x5vmipeaof7/CONTAIN MESSAGESIZESMALLER0/MESSAGESIZESMALLER MESSAGESIZE2/MESSAGESIZE /CONDITION ACCEPT0/ACCEPT REJECT0/REJECT DELETE0/DELETE ENCRYPT0/ENCRYPT PRIORITY0/PRIORITY SCORE1/SCORE MARKSPAM0/MARKSPAM STOP0/STOP EXECUTE0/EXECUTE TARPITSENDER0/TARPITSENDER FIXRFC8220/FIXRFC822 SMTPRESPONSE0/SMTPRESPONSE STRIPALL0/STRIPALL HEADERVAL0X-SNIFFER-FLAG: Yes /VAL /HEADER /FILTER /CONTENTFILTER _ Andy http://aguk.net Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Merak integration problems
Fellow Listees... I am currently running Merak Mail Server 8.9.1, and using my own implementation of Message sniffer as an antivirus scanner. Problem is, every once in a while things jam up, and it coughs up a bunch of temp files that eventually cause duplicate emails over and over, email stoppage, or mixed up emails to wrong boxes... Unfortunately it's happening more than I can tolerate Does anyone know how to get MS working with spam assissan running on windows? Merak has spam assassin built-in, but I could never get the MS plugin to work... I am at this point considering a different mail server altogether Anyone have any ideas? I'm willing to pay someone for their time if they can get MS integrated better for me in merak. I would like to have more control over what it does with spam mails, such as tagging, etc. and I have none of this running it as an AV scanner Thank You, Chris Bunting Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 MS Certified Systems Engineer IP Telephony Expert Lancaster Networks 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright.
[sniffer] Re: Uptick in spam
No stock spam here Thank You, Chris Bunting Direct: 717-278-6639 Office: 888-LANCNET x703 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Bayerdorffer Sent: Monday, February 26, 2007 12:21 PM To: Message Sniffer Community Subject: [sniffer] Uptick in spam Hello, I've had a lot more stock spam coming through lately. Has anyone else noticed this? Thanks, Daniel # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Transition to new deliver server completed. Watch Out For The Minor Changes!
Pete, Every so often I end up with thousands of .snf, .xxx and .que files in my sniffer directory, and it stops filtering spam. Any ideas?? I have to delete them, and restart my smtp server sniffer engine Thank You, Chris Bunting Enterprise Account Manager Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 Fax: 717-431-6262 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Thursday, January 04, 2007 5:07 PM To: Message Sniffer Community Subject: [sniffer] Transition to new deliver server completed. Watch Out For The Minor Changes! Hello Message, So far the upgrade seems to have gone off with only one minor hitch. The new server's authentication realm is SNF It used to be SortMonster If you are using the perl script from khera@kcilink.com then you will need to make this minor adjustment or else the script will fail to authenticate. As far as I can tell from watching the logs there are no other issues so far. Thanks to Matt Reimer for tracking this down and reporting the fix. Best, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Integration with Merak mail server
http://www.lancnet.com/messagesniffer.htm I put together a tutorial for installing MS with merak mail server Thank You, Chris Bunting Enterprise Account Manager Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 Fax: 717-431-6262 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com/ -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright.
[sniffer] Files that appeared in sniffer directory
All of a sudden I have a bunch of .xxx and .fin files in my ms directory, what are these for? Thank You, Chris Bunting Enterprise Account Manager Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 Fax: 717-431-6262 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com/ -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright.
[sniffer] Re: Files that appeared in sniffer directory
Thanks Pete! Thank You, Chris Bunting Enterprise Account Manager Lancaster Networks Direct: 717-278-6639 Office: 888-LANCNET x703 Fax: 717-431-6262 1085 Manheim Pike Lancaster PA 17601 www.lancasternetworks.com http://www.lancasternetworks.com/ -- Corporate Technology Solutions... Specializing in 3com NBX Telephony Solutions IT Services - Phone Systems - Digital CCTV -- The information in this e-mail is confidential and may be privileged or subject to copyright. It is intended for the exclusive use of the addressee(s). If you are not an addressee, please do not read, copy, distribute or otherwise act upon this email. If you have received the email in error, please contact the sender immediately and delete the email. The unauthorized use of this email may result in liability for breach of confidentiality, privilege or copyright. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Sunday, December 03, 2006 18:58 To: Message Sniffer Community Subject: [sniffer] Re: Files that appeared in sniffer directory Hello Chris, Sunday, December 3, 2006, 2:47:50 PM, you wrote: All of a sudden I have a bunch of .xxx and .fin files in my ms directory, what are these for? Those files were always there -- but they have always gone away quickly enough that you didn't notice (I suspect). http://kb.armresearch.com/index.php?title=Message_Sniffer.TechnicalDetai ls.Peer-Server If you have a number of these files that are not going away then something has gone wrong -- possibly during a reboot or some kind of change, or perhaps if your server has been overloaded. You can usually clear the problem by following this procedure: 1. Stop SMTP processing 2. Wait for all messages to be finished 3. Stop your persistent instance (if you have one). 4. Delete any left-over XXX, FIN, QUE, etc files (see the list in the above link). 5. Start your persistent instance (if you have one). 6. Restart your SMTP processing. 7. Check your SNF log file for any errors. Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
