[sniffer] Re: AW: [sniffer] High Spam Rates?
It is interesting that the spam flood goes away at night and during the early morning hours and comes back hot and heavy in the morning and afternoon. I would assume that most of the spam is being sent through zombie machines and they are mostly turned off at night. During the night the delivery queue was down to 50 or less messages at any given time. During the day the message queue averages around 30,000-40,000 messages for delivery which is causing about a 10 to 15 minutes latency through our system. Very annoying. It appears that most of the botted machines are in Latin America in either Mexico, Brazil, Columbia or Argentina. Is this what you all are seeing as well? Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] High Spam Rates?
Is it just me or is there some sort of SPAM storm happening today? I am receiving several thousand SPAM messages per minute right now and it is a little overwhelming. Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Beta
I just tried installing the beta and it appeared to work too well as it was sending all the mail to the spam box. I am not sure if this was due to the bad rule that was just replaced or something I was doing wrong. I am currently running in the persistent mode. I set the xml file to point to the correct paths in the 4 places and started up the sniffer server. I then changed the bat file that the agent calls to run snifclient.exe file licenseID %1 is this the correct format? I am still using an old vopmail 5 mail server. At the moment I switched back to the old version of sniffer after going through 600 emails by hand and sorting out spam and real mail and manually placing them in the correct mailboxes, that was fun. Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] How to incorporate a white list?
I am getting a large number of false positives and not sure why. Mostly mail from newsletters or lists, such as DMXZone, but I am also still unable to receive some mail from my own internal users. I am filtering on a per mailbox right now and I have been sending spam from my mailbox into its own holding directory so I can see what I am missing. It appears that while it gets most spam there are also some real messages getting zapped as well. How do I add a whitelist of domains, or do i send in the false positives in hopes they will somehow be added to the rulebase. I am fairly new at this and it is not real obvious looking at the documentation online as to how this all works. This is running on an old vopmail server. Thanks, Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Is this working?
Thanks guys, guess it works. I actually have had clients call up saying that mail is broken and that they only get a few emails a day since installing sniffer. They used all that spam as an indicator that things were working. :) Nice not to have to spend hours going through the mail every day. Good job Pete and thanks. Phil At 11:55 AM 3/28/2007, you wrote: If it ain't broke there's not much to say. All is well Harry Vanderzand Intown Internet 11 Belmont Ave. W. Kitchener, ON, N2M 1L2 519-741-1222 -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Shaun Sturby, MCSE Optrics Engineering Sent: Wednesday, March 28, 2007 1:52 PM To: Message Sniffer Community Subject: [sniffer] Re: Is this working? Pong Shaun Sturby Technical Services Manager - - - - - - - - - - - - - - - - - - - Optrics Engineering | www.Optrics.com Canada: 6810 - 104 Street, Edmonton, AB, T6H 2L6 TF: 877-463-7638Fax: 780-432-5630 USA: 1740 S 300 West #10, Clearfield, UT, 84015 TF: 877-386-3763Fax: 801-705-3150 -- - - - - - - - - - - - - - - - - - - -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Phillip Cohen Sent: Wednesday, March 28, 2007 11:43 AM To: Message Sniffer Community Subject: [sniffer] Is this working? Since installing Mail Sniffer I have not gotten anything on this list. Has it just been slow and there is no traffic or is sniffer eating up this list as SPAM? Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Integration with Mailenable
Jay, Thanks for the heads up on Mailenable. I took a look at SmarterMail and it looks pretty good. How does it interface with Message Sniffer or does it require and external gateway such as EWall? How has support been with it and how have they been as far as updates. Also does it have domain keys capability and SPF support for sending mail to yahoo.com etc... Thanks, Phil At 07:26 PM 3/15/2007, you wrote: Stay Away From MailEnable. There are so many exploits out there for MailEnable, and there are more exploits found monthly, if not weekly. At one particular interval, MailEnable had to re-release the same patch several times in the *same* week because it kept on not actually fixing the root of the issue. If you run MailEnable, odds are that you will end up exploited, even if you stay on the of the patches. On top of that, MailEnable is just simply a CPU and IO hog, much more so than other other mail server I have ever seen. By default, they use entirely text based configuration files, which on occasion get truncated to zero during periods of high activity on the server. In the past year, we have assisted our customers move 20,000+ mailboxes away from MailEnable, mostly all to SmarterMail. Do not waste your time and money with MailEnable. -Jay -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Phillip Cohen Sent: Thursday, March 15, 2007 12:22 PM To: Message Sniffer Community Subject: [sniffer] Integration with Mailenable We are finally going to replace our old Vopmail server. Looking at Mailenable Enterprise. Will Sortmonster work with that program? Is anyone using Mailenable? If so how is it and if it works with Sortmonster how did you use them together. THanks, Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Integration with Mailenable
We are finally going to replace our old Vopmail server. Looking at Mailenable Enterprise. Will Sortmonster work with that program? Is anyone using Mailenable? If so how is it and if it works with Sortmonster how did you use them together. THanks, Phil # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] What to do with the spam?
I have been running the demo version of sniffer for about a month or so to try it out before we buy it and have a few questions. 1. Right now all of the spam is going into a directory called spam, since I am getting about 12,000 spams a day being filtered I might as well just have it delete everything and save the disk drive, as there is no way to easily find an email that has been filtered. Is there a way to copy the email into separate directories and subdirectories for each domain/mailbox so that I can go through and look for false positives? I can even create a web site for people to look for their own if this can be done. I have gotten a few complaints about missing mail. Has anyone done this? I know that some of the other spam filters in particular hardware appliances hold the spam in a special spam box so that the clients can look through it and delete it after they find it is actual spam, or have the option of just delete everything. I am using VOPMail 5 on 2000 Server. 2. Not sure how it works once we subscribe, are we able to set our own white/black lists into our filter or do we all get the same filter as everyone else? Is there some sort of user interface panel when we log in to get our new filters or some sort of compiler we run to add in our additional rules? Thanks, Phil This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
[sniffer] Sniffer and SURBL
How do you use both Sniffer and SURBL together? What else is required. Phil This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: [sniffer] Vircom Vopmail and Sniffer
Pete, It does run from the command line, creates the log file. I didn't give it a file to check so it gave and error so at least it does something. For some reason it won't run the sniffer program from the batch file. I put in a pause and ran it, it is returning an error code of 65 with no file given when running it in the batch file. however it does not create a log file. I have permissions on the file and the folder as loose as it gets, everyone full control. still nothing. I tried using CALL in front of the line and it gave me the same thing. Any ideas on why it wont run in a batch file? Been so long since I have played with DOS, it is embarassing. Phil At 02:31 AM 1/7/2005, you wrote: On Friday, January 7, 2005, 12:55:34 AM, Phillip wrote: PC Is there anything special I need to do to get sniffer to work with VopMail? PC I have everything in the way it is supposed to be but seems like it doesn't PC do anything. No mail is being put into the spam directory. I am using the PC agent.bat file as directed on the web site with the latest version of rules PC as downloaded. PC Do I need to turn something else on to get it to use the agent? This is the PC final version of VopMail before they switched to Modus running on Win2k server. The first thing you want to do is run your script from the command line and make sure that sniffer creates a log file entry each time you do. Once you have that working it should work just as well when it is called from inside VopMail. SNF always creates either a log entry or an error message. Running your script from the command line will let you see any error messages that might show up so that you can solve the problem. Hope this helps, _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
[sniffer] Vircom Vopmail and Sniffer
Is there anything special I need to do to get sniffer to work with VopMail? I have everything in the way it is supposed to be but seems like it doesn't do anything. No mail is being put into the spam directory. I am using the agent.bat file as directed on the web site with the latest version of rules as downloaded. Do I need to turn something else on to get it to use the agent? This is the final version of VopMail before they switched to Modus running on Win2k server. Phil This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
