Please let me know, we might be able to help each other...
--
Mvh. Frank Jensen
[EMAIL PROTECTED]
www.pi.dk
Imponerende, fascinerende og kæmpe
Plakater f.eks. 149 x 149 = 629 kr
Vi kan også lave plakat fra dit digitale foto
Hi Pete,
Just for information, we renamed the msg folder again today, and again
SNFClient.exe.err only state: Could Not Connect!
/etc/init.d/snfilter stop + /etc/init.d/snfilter start helped.
Hello Pi-Web,
Sunday, January 27, 2008, 1:16:08 PM, you wrote:
Sorry, I might not have been
Sorry, I might not have been clear.
It is on Linux with postfix.
Yes stop/start of the service did solve the problem.
Before start/stop pstree showed 14*SNFserver.exe
SNFClient.exe.err only state: Could Not Connect!
Last x.200801??.log.xml ends with:
i u='20080125234317'
Hi Rob,
You can add the IPs to GBUdbIgnoreList.txt if you want sniffer to ignore the
IPs.
Pete,
I have some questions about GBUdb
FIRST QUESTION:
I have several clients who forward over e-mails from ISP accounts. I
have a system whereby I can pick out the original sending server IP. I
Hi
We trying to setup snf with postfix.
It seems to work - except it does not reject ant messages.
The x.20080116.log.xml says:
s u='20080116110805' m='20080116120805_22626.msg' code='69'
error='ERROR_MSG_FILE'/
This I belive is because the msg file that is send to sniffer has a wrong
It seems right - but no go:
In /var/spool/snfilter/msg/
-rw--- 1 snfilter snfilter 2965 Jan 16 18:35 20080116183528_10882.msg
(deleted after process finished)
Result:
s u='20080116173528' m='20080116183528_10882.msg' code='69'
error='ERROR_MSG_FILE'/
sniffer setup:
Adding $INSPECT_DIR to the $SNIFFER_EXE $AUTHENTICATION $INSPECT_DIR$MSGFILE ||
{ command
Now it seems to work.
It seems right - but no go:
In /var/spool/snfilter/msg/
-rw--- 1 snfilter snfilter 2965 Jan 16 18:35 20080116183528_10882.msg
(deleted after process finished)
Result:
s
Is it possible to add own texts to SNF to include in the contents scan?
Eg.:
Subject: are unregulated and AND would be. by either the FSA or number of
organisations.
This way we could react at the first message recived.
Hi All,
I had like 37 different One line nonsense mail in my account
Make a bat fil like this:
--
@echo off
echo syntax batfilenavn.bat messagefil to test
SNFclient.exe %1
echo %errorlevel%
pause
--
If it display zero the message is clean.
Hello,
I am evaluating Message Sniffer beta version but I am totally confused. :-)
If I am in a
Hi All,
I had like 37 different One line nonsense mail in my account today. (and so did our many of our
users). Of cause they are not taken by SNF as almost all are different and from different IP sources.
Is it a virus that generates such mails?
Or what is the idea?
Anyone having luck
Hi
I got a tool to test all messages in a folder with SNF.
All with a non zero result is moved to a spam folder.
Its like 84 lines of delphi code.
If Pete will host the files I will supply the tool for free including source.
Friday, January 4, 2008, 4:56:29 PM, you wrote:
Hello
I got a
We have been running it for - I guess - 2 month now without any trouble.
How stable is the beta version?
Regards David Moore
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
J.P. MCP, MCSE, MCSE + INTERNET, CNE.
www.adsldirect.com.au http://www.adsldirect.com.au/ for ADSL and
Internet
Message - From: Pi-Web - Frank Jensen
[EMAIL PROTECTED]
To: Message Sniffer Community sniffer@sortmonster.com
Sent: Thursday, December 20, 2007 1:17 PM
Subject: [sniffer] Re: Excessive amounts of spam
We have been running it for - I guess - 2 month now without any trouble.
How stable
The SNFserver.exe is present on the task list, so it will not automatic restart.
ERROR in todays log:
e u='20071102100405' context='SNF_NETWORK' code='99' text='ERROR_SYNC_FAILED'/
e u='20071102100539' context='SNF_NETWORK' code='99' text='ERROR_SYNC_FAILED'/
e u='20071102100714'
On 8438 t today we got a average T=111,1176819
Min=0, Max=7211. (57 scans took above 1000, 6384 scans took less than 101).
The server is rather old and serving both web mail, pop3 and smtp.
And heavy usage of web mail does slow it down. This might be the case on the
slow scans.
The long scans
Hi Pete,
We have fileret out 169 mails based on this rule.
Most are spam.
I have just collected the latest rulebase - it is from 20.00,
The false positive are still taken as spam.
If you want the 169 please let me know.
--22:37:49-- http://www.sortmonster.net/Sniffer/Updates/xx.snf
Hi Pete,
Checked all manuelly, 7 of 155 was good.
The new rule database don't match on any of the 7.
All 155 is matched as spam.
Monday, October 15, 2007, 4:43:03 PM, you wrote:
Hi Pete,
We have fileret out 169 mails based on this rule.
Most are spam.
That's good to hear.
Thanks!
_M
Hi Pete,
Actually it is true ;-)
http://kb.armresearch.com/index.php?title=Message_Sniffer.FAQ.FalsePositives#What_are_the_guidelines_for_sending_a_False_Positive.3F
- Please include your license ID in your message and send the messages from your registered email
address. Email from
Why not add the license code as local whitelist string in each database,
the license code is normaly supplied in the false report mail anyway.
Is there any way of getting false positives to you other than emailing
them to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] ?
My dilemma is that I'm
For the first (known) time I see Message Sniffer filter a valid mail.
What is the best way to handle stuff like this?
Check out this page:
http://kb.armresearch.com/index.php?title=Message_Sniffer.FAQ.FalsePositives
#
This
Ok, I guess the instruction is for people who filter spam to a spam folder...
;-)
I think you should contact [EMAIL PROTECTED] I think they will able to
remove the rule based on you sniffer log, perhaps the only will remove it for
your system.
One other problem - the first entry og the log
21 matches
Mail list logo
