[sniffer] No email updates.

2007-11-21 Thread Frederick Samarelli
Fred



#
This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] Re: Experimental Abstract

2006-10-10 Thread Frederick Samarelli

Where can I find a list of the latest result codes.
- Original Message - 
From: John T (Lists) [EMAIL PROTECTED]

To: Message Sniffer Community sniffer@sortmonster.com
Sent: Monday, October 09, 2006 7:56 PM
Subject: [sniffer] Re: Experimental Abstract


I concur Pete in that I have been thinking about upping the weight for the
EXP tests. I recently changed ABST from 20 to 25. I attach at 25, hold at 30
and delete at 35.

SNIFFER-TRAVEL 47 20
SNIFFER-INSURANCE 48 20
SNIFFER-AV-PUSH 49 20
SNIFFER-WAREZ 50 30
SNIFFER-SPAMWARE 51 40
SNIFFER-SNAKEOIL 52 40
SNIFFER-SCAMS 53 40
SNIFFER-PORN 54 40
SNIFFER-MALWARE 55 25
SNIFFER-INKPRINTING 56 20
SNIFFER-SCHEMES 57 30
SNIFFER-CREDIT 58 30
SNIFFER-GAMBLING 59 30
SNIFFER-GENERAL 60 25
SNIFFER-EXP-ABST 61 25
SNIFFER-OBFUSCATION 62 25
SNIFFER-EXP-IP 63 20

John T
eServices For You

Seek, and ye shall find!


-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf

Of

Pete McNeil
Sent: Monday, October 09, 2006 3:15 PM
To: Message Sniffer Community
Subject: [sniffer] Re: Experimental Abstract

Hello Alberto,

In earlier times we had a philosophy that no single test should trap a
message. The idea was that my combining tests the accuracy of the
filter system would always (qualified) be improved.

The blackhats have become extremely aggressive about burning IPs and
generating image spam and/or other abstracted, short lived, and
narrowly targeted campaigns.

As a result of these changes, it is often the case that our abstract
rules are the only thing that will fire on a message.

The bad news is that holding on any single test will probably lead to
more false positives.

The good news is that SNF:Experimental/Abstract has a very low false
positive rate.

It may be time to alter our philosophy w/ regard to the
experimental/abstract rules group and recommend that wherever
practical, messages should probably be held (not deleted) based on a
hit in this rule group.

Hope this helps,

_M

Monday, October 9, 2006, 5:59:44 PM, you wrote:

 Hello

 I'm getting storms of spam and Sniffer sets them as (Experimental
 Abstract)
 Can someone explain how have I to treat them?

 Many thanks in advance
 Alberto




#

 This message is sent to you because you are subscribed to
   the mailing list sniffer@sortmonster.com.
 To unsubscribe, E-mail to: [EMAIL PROTECTED]
 To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
 To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
 Send administrative queries to  [EMAIL PROTECTED]



--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#

This message is sent to you because you are subscribed to
  the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]





#
This message is sent to you because you are subscribed to
 the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]






#
This message is sent to you because you are subscribed to
 the mailing list sniffer@sortmonster.com.
To unsubscribe, E-mail to: [EMAIL PROTECTED]
To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED]
To switch to the INDEX mode, E-mail to [EMAIL PROTECTED]
Send administrative queries to  [EMAIL PROTECTED]



[sniffer] automated response

2006-05-15 Thread Frederick Samarelli
I will be out of town for a few days. I will be checking emails frequently


This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] False Positives

2006-01-18 Thread Frederick Samarelli

Same with me. Last night there was a rules update and it fixed the problem.

Check the date of your rules update.


- Original Message - 
From: Ali Resting [EMAIL PROTECTED]

To: sniffer@sortmonster.com
Cc: [EMAIL PROTECTED]
Sent: Wednesday, January 18, 2006 8:57 AM
Subject: [sniffer] False Positives



Hi,

Over the last 2 days I have seen a major increase in false positives.
Literally all hotmail and yahoo address are being caught by sniffer
inclusive of other legit domains.

Please confirm what may be causing this and what I can do to resolve the
issue.

Regards,

Ali

---
This message was scanned for viruses by the Real Image Anti-virus filters



This E-Mail came from the Message Sniffer mailing list. For information 
and (un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html








This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


[sniffer] Update

2006-01-17 Thread Frederick Samarelli



Can you send the update or I will have to disable 
Sniffer.

It is catching almost all our emails.




[sniffer] False

2005-05-10 Thread Frederick Samarelli
I am finding that most if not all email from Comcast senders are failing 
Sniffer.

Fred 

This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html


[sniffer] Fw: Undeliverable Mail

2005-04-27 Thread Frederick Samarelli
Look what I got.
Fred
- Original Message - 
From: Postmaster [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 26, 2005 6:22 PM
Subject: Undeliverable Mail


Delivery failed 10 attempts: [EMAIL PROTECTED]
Unexpected connection response from server:
421  Insufficient System Storage.(IMail 6.05)

Original message follows.
Received: from Freds [64.124.117.139] by bks.tcbinc.com with ESMTP
 (SMTPD32-8.15) id AA105E90218; Tue, 26 Apr 2005 16:52:32 -0400
Message-ID: [EMAIL PROTECTED]
From: Frederick Samarelli [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: 
Date: Tue, 26 Apr 2005 16:53:16 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary==_NextPart_000_0266_01C54A80.710D3F10
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2527
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
X-Declude-Sender: [EMAIL PROTECTED] [64.124.117.139]
X-Declude-Spoolname: DAA1005E90218550F.SMD
X-Note: Sent from: [EMAIL PROTECTED]
X-Note: Sent from Reverse DNS:  freds.tcbinc.com ([64.124.117.139])
X-Note: This E-mail was scanned by TCB [2.0.6] for virus
X-RBL-Warning: Total weight: 0

This is a multi-part message in MIME format.
--=_NextPart_000_0266_01C54A80.710D3F10
Content-Type: text/plain;
format=flowed;
charset=iso-8859-1;
reply-type=original
Content-Transfer-Encoding: 7bit
--=_NextPart_000_0266_01C54A80.710D3F10
Content-Type: message/rfc822;
name=Learn to Use Your Computer Like a Pro.eml
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=Learn to Use Your Computer Like a Pro.eml
Received: from DNS2.TCBINC.NET [64.124.116.30] by bks.tcbinc.com
 (SMTPD32-8.15) id A92A6F20214; Tue, 26 Apr 2005 16:48:42 -0400
Received: from mx2.southwindsdirect.com ([204.8.100.52])
by DNS2.TCBINC.NET (SMSSMTP 4.1.0.19) with SMTP id M2005042616492307124
for [EMAIL PROTECTED]; Tue, 26 Apr 2005 16:49:23 -0400
Content-Type: multipart/alternative;
boundary=WaLt-wBnDGPYiIqMlh3vde6oK2RGxH4AZ2D9UIf216ndLtUg
From: System Guru [EMAIL PROTECTED]
MIME-Version: 1.0
To: Subscriber [EMAIL PROTECTED]
Date: Tue, 26 Apr 2005 20:49:21 +
Message-ID: [EMAIL PROTECTED]
Subject: Learn to Use Your Computer Like a Pro
X-Complaints-To: [EMAIL PROTECTED]
[message truncated]
This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] SPAM

2005-03-07 Thread Frederick Samarelli
No errors. Just SPAM showing as clean.
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: Frederick Samarelli sniffer@SortMonster.com
Sent: Monday, March 07, 2005 6:56 PM
Subject: Re: [sniffer] SPAM


On Monday, March 7, 2005, 6:40:52 PM, Frederick wrote:
FS I am seeing a large amount of SPAM Pass Sniffer today.
FS Am I alone.
I didn't see this. According to MDLP the first half of the day (at
least) was right in the normal range - about 98.5% of spam captured.
http://www.sortmonster.com/MDLP/MDLP-Example-Short.html
89.8% of messages were spam.
Anybody else see spam leakage I didn't?
Frederick: Any errors in the log?
_M

This E-Mail came from the Message Sniffer mailing list. For information 
and (un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] 2-3.0i9 looks good to me... How about you?

2004-10-25 Thread Frederick Samarelli
Running without issue.
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, October 25, 2004 7:33 PM
Subject: [sniffer] 2-3.0i9 looks good to me... How about you?


Hello Sniffer Folks,
 I'd like to get an idea how many have tried the Release Candidate
 2-3.0i9 that was announced the end of last week. I've not heard of
 any issues, and our testing has all been positive (faster, more
 stable, new features work as expected...)
 Based on what I've seen so far I believe this version is ready to
 become the official 2-3.1 release... but I would like to get an idea
 of how many folks are using it successfully already (I've not heard
 any problem reports.)
 So, what do you all say? Is this one ready to go?!
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)

This E-Mail came from the Message Sniffer mailing list. For information 
and (un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] New beta v2-3.0i4

2004-10-12 Thread Frederick Samarelli
Link not working
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, October 12, 2004 11:55 AM
Subject: [sniffer] New beta v2-3.0i4


Hello Sniffer Folks,
 I have a new version of Message Sniffer ready for wide beta testing.
 * This version has some tighter timing mechanisms for better
 performance under heavy loads.
 * This version has a new feature that will produce a .xhdr file
 containing X-Header information that Message Sniffer would like to
 emit into the message. Folks running *nix systems or otherwise
 customizing sniffer will find this useful. Check the .cfg file for
 details. NOTE: If you have sniffer generate a .xhdr file you must
 delete it when you have finished processing your message.
 You can find the beta distribution at:
http://www.sortmonster.com/MessageSniffer/Betas/MessageSniffer2-3.0i4.zip
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)

This E-Mail came from the Message Sniffer mailing list. For information 
and (un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] Message Sniffer Version 2-3 Official Release!

2004-05-09 Thread Frederick Samarelli
Pete.

Should we be able to just replace our .exe file with this one

Fred
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 6:59 PM
Subject: [sniffer] Message Sniffer Version 2-3 Official Release!


 2004-05-08 - Message Sniffer Version 2-3 Official Release!

 We are proud to release the newest version of Message Sniffer. This
version
 includes important performance and system integrity improvements including
 full rulebase integrity checking to protect against corrupted or failed
 rulebase downloads and persistent instance support which allows Message
 Sniffer to run as a lightweight service.

 This new version of Message Sniffer Screams! when using the new
 Persistent Instance option consistently achieving message scans in tens
 of milliseconds without the need for high-end hardware or additional
 network resources. While comparable anti-spam solutions can take several
 seconds to process each message, this new version of Message Sniffer can
 consistently produce accurate results in small fractions of a second. This
 means that Message Sniffer is typically two orders of magnitude (as much
as
 100 times!) faster than many other anti-spam solutions without sacrificing
 accuracy!

 Version 2-3 also includes a number of additional features including
 Rule-Panic entries to mitigate critical false positive issues
immediately
 without reverting to backups, on-demand log file rotation to make
 management tasks easier, and adjustable logging levels to reduce the size
 of log files when full details are not required.

 Get the newest distribution from our Try-It page:

 http://www.sortmonster.com/MessageSniffer/Try-It.html

 Details about the new features are on the Sniffer Basics page:

 http://www.sortmonster.com/MessageSniffer/SnifferBasics.html


 This E-Mail came from the Message Sniffer mailing list. For information
and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html



This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] Message Sniffer Version 2-3 Official Release!

2004-05-09 Thread Frederick Samarelli
The persistent mode stopped working after installing new program.

Revert back to old one and it works???

Start xx.exe x persistent

- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 10, 2004 4:59 AM
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!


 At 11:36 AM 5/9/2004, you wrote:
 Pete.
 
 Should we be able to just replace our .exe file with this one

 Yes. It will act just like the current version.
 The persistent server option doesn't take effect until you launch an
 instance in persistent mode. Until then (or if the persistent server
fails)
 the program will act exactly like version 2-2, except that you can still
 configure the log format if you wish.

 Most importantly the snf2check.exe utility is much improved with this new
 version.

 Hope this helps,
 _M


 This E-Mail came from the Message Sniffer mailing list. For information
and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html



This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] Message Sniffer Version 2-3 Official Release!

2004-05-09 Thread Frederick Samarelli
I am having problems getting it started from the command prompt.
- Original Message - 
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 10:30 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!



 It seems to be working fine for me.  I have it running as a service, per
 Matt's instructions using the W2K resource kit files, and it has been
 running fine all day.

 Bill

 -Original Message-
 From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
 Sent: Sunday, May 09, 2004 5:10 PM
 To: [EMAIL PROTECTED]
 Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!


 The persistent mode stopped working after installing new program.

 Revert back to old one and it works???

 Start xx.exe x persistent

 - Original Message - 
 From: Pete McNeil [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Monday, May 10, 2004 4:59 AM
 Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!


  At 11:36 AM 5/9/2004, you wrote:
  Pete.
  
  Should we be able to just replace our .exe file with this one
 
  Yes. It will act just like the current version.
  The persistent server option doesn't take effect until you launch an
  instance in persistent mode. Until then (or if the persistent server
 fails)
  the program will act exactly like version 2-2, except that you can
  still configure the log format if you wish.
 
  Most importantly the snf2check.exe utility is much improved with this
  new version.
 
  Hope this helps,
  _M
 
 
  This E-Mail came from the Message Sniffer mailing list. For
  information
 and (un)subscription instructions go to
 http://www.sortmonster.com/MessageSniffer/Help/Help.html
 


 This E-Mail came from the Message Sniffer mailing list. For information
and
 (un)subscription instructions go to
 http://www.sortmonster.com/MessageSniffer/Help/Help.html

 --
-
 This message and any included attachments are from Siemens Medical
Solutions
 USA, Inc. and are intended only for the addressee(s).
 The information contained herein may include trade secrets or privileged
or
 otherwise confidential information.  Unauthorized review, forwarding,
printing,
 copying, distributing, or using such information is strictly prohibited
and may
 be unlawful.  If you received this message in error, or have reason to
believe
 you are not authorized to receive it, please promptly delete this message
and
 notify the sender by e-mail with a copy to
[EMAIL PROTECTED]

 Thank you

 This E-Mail came from the Message Sniffer mailing list. For information
and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html



This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] Message Sniffer Version 2-3 Official Release!

2004-05-09 Thread Frederick Samarelli
When I do it the window pop-up is blank
- Original Message - 
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 10:59 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!



 Fredrick, I stopped the Sniffer service and tested from the command prompt
 with:

 Start xx.exe x persistent

 and this is working fine, as well.  These messages have come in since
 starting sniffer persistence from the command prompt:

 LicenseID   20040510024905  Ded96001d093c201a.SMD   40  150
 Clean   0   0   03720   60
 LicenseID   20040510024908  Ded96003f080c201b.SMD   10  20
 Clean   0   0   0   149451
 LicenseID   20040510025416  Deecf003708b6201f.SMD   10  190
 Match   117330  57  3301331578
 LicenseID   20040510025416  Deecf003708b6201f.SMD   10  190
 Final   117330  57  0   661178
 LicenseID   20040510025417  Deecf003d094e2020.SMD   10  30
 Match   117330  57  2478249273
 LicenseID   20040510025417  Deecf003d094e2020.SMD   10  30
 Final   117330  57  0   264373
 LicenseID   20040510025437  Deee7003908b62023.SMD   10  50
 Match   118825  52  1560157266
 LicenseID   20040510025437  Deee7003908b62023.SMD   10  50
 Final   118825  52  0   528566
 LicenseID   20040510025445  Deee70041094e2024.SMD   10  20
 Match   118825  52  1588160059
 LicenseID   20040510025445  Deee70041094e2024.SMD   10  20
 Final   118825  52  0   184759
 LicenseID   20040510025508  Def05007c04c02027.SMD   10  81
 Match   54070   52  884 924 70
 LicenseID   20040510025508  Def05007c04c02027.SMD   10  81
 Final   54070   52  0   617970
 LicenseID   20040510025523  Def05007d04c02029.SMD   10  30
 Match   54070   52  1103116862
 LicenseID   20040510025523  Def05007d04c02029.SMD   10  30
 Final   54070   52  0   274862
 LicenseID   20040510025639  Def62008204c0202c.SMD   10  60
 Match   40539   62  5135517867
 LicenseID   20040510025639  Def62008204c0202c.SMD   10  60
 Final   40539   62  0   579167

 Bill

 -Original Message-
 From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
 Sent: Sunday, May 09, 2004 7:32 PM
 To: [EMAIL PROTECTED]
 Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!


 I am having problems getting it started from the command prompt.
 - Original Message - 
 From: Landry William [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Sunday, May 09, 2004 10:30 PM
 Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!


 
  It seems to be working fine for me.  I have it running as a service,
  per Matt's instructions using the W2K resource kit files, and it has
  been running fine all day.
 
  Bill
 
  -Original Message-
  From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
  Sent: Sunday, May 09, 2004 5:10 PM
  To: [EMAIL PROTECTED]
  Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
 
 
  The persistent mode stopped working after installing new program.
 
  Revert back to old one and it works???
 
  Start xx.exe x persistent
 
  - Original Message -
  From: Pete McNeil [EMAIL PROTECTED]
  To: [EMAIL PROTECTED]
  Sent: Monday, May 10, 2004 4:59 AM
  Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
 
 
   At 11:36 AM 5/9/2004, you wrote:
   Pete.
   
   Should we be able to just replace our .exe file with this one
  
   Yes. It will act just like the current version.
   The persistent server option doesn't take effect until you launch an
   instance in persistent mode. Until then (or if the persistent server
  fails)
   the program will act exactly like version 2-2, except that you can
   still configure the log format if you wish.
  
   Most importantly the snf2check.exe utility is much improved with
   this new version.
  
   Hope this helps,
   _M
  
  
   This E-Mail came from the Message Sniffer mailing list. For
   information
  and (un)subscription instructions go to
  http://www.sortmonster.com/MessageSniffer/Help/Help.html
  
 
 
  This E-Mail came from the Message Sniffer mailing list. For
  information
 and
  (un)subscription instructions go to
  http://www.sortmonster.com/MessageSniffer/Help/Help.html
 
  --
  
 -
  This message and any included attachments are from Siemens Medical
 Solutions
  USA, Inc. and are intended only for the addressee(s).
  The information contained herein may include trade secrets or
  privileged
 or
  otherwise confidential information.  Unauthorized review, forwarding,
 printing,
  copying, distributing, or using such information is strictly
  prohibited
 and may
  be unlawful.  If you received this message in error

Re: [sniffer] Message Sniffer Version 2-3 Official Release!

2004-05-09 Thread Frederick Samarelli
Is this by design
- Original Message - 
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 11:08 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!



 Same here, but if you check your logs, I think you will find that it is
 working.

 Bill

 -Original Message-
 From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
 Sent: Sunday, May 09, 2004 8:04 PM
 To: [EMAIL PROTECTED]
 Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!


 When I do it the window pop-up is blank
 - Original Message - 
 From: Landry William [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Sunday, May 09, 2004 10:59 PM
 Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!


 
  Fredrick, I stopped the Sniffer service and tested from the command
  prompt
  with:
 
  Start xx.exe x persistent
 
  and this is working fine, as well.  These messages have come in since
  starting sniffer persistence from the command prompt:
 
  LicenseID   20040510024905  Ded96001d093c201a.SMD   40  150
  Clean   0   0   03720   60
  LicenseID   20040510024908  Ded96003f080c201b.SMD   10  20
  Clean   0   0   0   149451
  LicenseID   20040510025416  Deecf003708b6201f.SMD   10  190
  Match   117330  57  3301331578
  LicenseID   20040510025416  Deecf003708b6201f.SMD   10  190
  Final   117330  57  0   661178
  LicenseID   20040510025417  Deecf003d094e2020.SMD   10  30
  Match   117330  57  2478249273
  LicenseID   20040510025417  Deecf003d094e2020.SMD   10  30
  Final   117330  57  0   264373
  LicenseID   20040510025437  Deee7003908b62023.SMD   10  50
  Match   118825  52  1560157266
  LicenseID   20040510025437  Deee7003908b62023.SMD   10  50
  Final   118825  52  0   528566
  LicenseID   20040510025445  Deee70041094e2024.SMD   10  20
  Match   118825  52  1588160059
  LicenseID   20040510025445  Deee70041094e2024.SMD   10  20
  Final   118825  52  0   184759
  LicenseID   20040510025508  Def05007c04c02027.SMD   10  81
  Match   54070   52  884 924 70
  LicenseID   20040510025508  Def05007c04c02027.SMD   10  81
  Final   54070   52  0   617970
  LicenseID   20040510025523  Def05007d04c02029.SMD   10  30
  Match   54070   52  1103116862
  LicenseID   20040510025523  Def05007d04c02029.SMD   10  30
  Final   54070   52  0   274862
  LicenseID   20040510025639  Def62008204c0202c.SMD   10  60
  Match   40539   62  5135517867
  LicenseID   20040510025639  Def62008204c0202c.SMD   10  60
  Final   40539   62  0   579167
 
  Bill
 
  -Original Message-
  From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
  Sent: Sunday, May 09, 2004 7:32 PM
  To: [EMAIL PROTECTED]
  Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
 
 
  I am having problems getting it started from the command prompt.
  - Original Message -
  From: Landry William [EMAIL PROTECTED]
  To: [EMAIL PROTECTED]
  Sent: Sunday, May 09, 2004 10:30 PM
  Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!
 
 
  
   It seems to be working fine for me.  I have it running as a service,
   per Matt's instructions using the W2K resource kit files, and it has
   been running fine all day.
  
   Bill
  
   -Original Message-
   From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
   Sent: Sunday, May 09, 2004 5:10 PM
   To: [EMAIL PROTECTED]
   Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
  
  
   The persistent mode stopped working after installing new program.
  
   Revert back to old one and it works???
  
   Start xx.exe x persistent
  
   - Original Message -
   From: Pete McNeil [EMAIL PROTECTED]
   To: [EMAIL PROTECTED]
   Sent: Monday, May 10, 2004 4:59 AM
   Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
  
  
At 11:36 AM 5/9/2004, you wrote:
Pete.

Should we be able to just replace our .exe file with this one
   
Yes. It will act just like the current version.
The persistent server option doesn't take effect until you launch
an instance in persistent mode. Until then (or if the persistent
server
   fails)
the program will act exactly like version 2-2, except that you can
still configure the log format if you wish.
   
Most importantly the snf2check.exe utility is much improved with
this new version.
   
Hope this helps,
_M
   
   
This E-Mail came from the Message Sniffer mailing list. For
information
   and (un)subscription instructions go to
   http://www.sortmonster.com/MessageSniffer/Help/Help.html
   
  
  
   This E-Mail came from the Message Sniffer mailing list

Re: [sniffer] Final beta (b2) for snfrv2r3

2004-04-07 Thread Frederick Samarelli
What is the best and proper way to setup Persistent mode on a windows 2000
computer and run as a service.

Fred
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 07, 2004 8:30 PM
Subject: RE: [sniffer] Final beta (b2) for snfrv2r3



Pre-persistant sniffer my times sometimes got high, but never beyond 3
 digits. While running the persistant beta, about half of my times are in
 the thousands. The machine also seems to be far more prone to bogging
down
 under a mail load. This is on a P2/800mhz 1g ram machine.
 
 Pre-beta
 20040304211333  d9bec001201263026.smd   312 0   Match   89089
 20040304211333  d9bec001201263026.smd   312 0   Final   89089
 
 Persistant sniffer
 20040407042039  d819316c90154969c.smd   100032  Match   48754
 20040407042039  d819316c90154969c.smd   100032  Match   94972
 20040407042039  d819316c90154969c.smd   100032  Final   94972

 This doesn't make any sense. I have no good theory for this. I am unable
to
 create any scenario where using the persistent engine degrades
performance.
 In all of my tests on three separate platforms the persistent engine
 produces a significant improvement - even under unreasonably harsh
conditions.

Aside from rebooting the machine and not starting sniffer in
persistant
 mode, how do I stop sniffer from running persistantly?

 Sniffer is adaptive. You can turn the persistent instance on and off at
 will. Simply stop the service - a reboot is not needed. If the persistent
 instance is turned off then the remaining instances will organize
 themselves in the usual way.

 _M


 This E-Mail came from the Message Sniffer mailing list. For information
and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html



This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html


Re: [sniffer] Final beta (b2) for snfrv2r3

2004-04-07 Thread Frederick Samarelli
This worked great.

Thanks.
- Original Message - 
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 07, 2004 8:46 PM
Subject: Re: [sniffer] Final beta (b2) for snfrv2r3


 At 08:36 PM 4/7/2004, you wrote:
 What is the best and proper way to setup Persistent mode on a windows
2000
 computer and run as a service.
 
 Fred

 * Make a backup copy of your current executable (just in case).
 * Rename the 2-3b2 executable for your license and replace your current
 executable.

 At this point your system will be running in the normal way.

 Next, you can use a third party utility or the windows toolkit to run your
 sniffer executable as a service with the persistent switch.

 Here are two links from previous discussions to help.
 I prefer RunExeSvc because it seems simpler.

 http://www.mail-archive.com/[EMAIL PROTECTED]/msg00165.html

 Here it is done with the toolkit...

 http://www.mail-archive.com/[EMAIL PROTECTED]/msg00169.html

 Hope this helps,
 _M


 This E-Mail came from the Message Sniffer mailing list. For information
and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html



This E-Mail came from the Message Sniffer mailing list. For information and 
(un)subscription instructions go to 
http://www.sortmonster.com/MessageSniffer/Help/Help.html