[sniffer] Re: Problem with Sniffer-Porn rule this morning
Hello Darin, Friday, July 18, 2008, 1:12:39 PM, you wrote: > Hmmm... I don't think the rule was already pulled. We update our rulebase upon receipt of the notification of a new rulebase being available, and according to our logs the rule was in until at least 11:24am EDT. The rule bots would have queried the database for rules 20-40 minutes before you you received it. The rule may have still been in place at that time. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Hello Darin, Friday, July 18, 2008, 1:07:56 PM, you wrote: > Yes. The rule is inert. However, according to the logs the rule would have been hit 27 more times had we not added the rule panic. Thanks for clarifying. If it were something else I'd want to get on that right away ;-) _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Hmmm... I don't think the rule was already pulled. We update our rulebase upon receipt of the notification of a new rulebase being available, and according to our logs the rule was in until at least 11:24am EDT. Darin. - Original Message - From: Pete McNeil To: Message Sniffer Community Sent: Friday, July 18, 2008 12:12 PM Subject: [sniffer] Re: Problem with Sniffer-Porn rule this morning Hello Darin, Friday, July 18, 2008, 9:37:18 AM, you wrote: > Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. The rule has been pulled already. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Yes. The rule is inert. However, according to the logs the rule would have been hit 27 more times had we not added the rule panic. Darin. - Original Message - From: Pete McNeil To: Message Sniffer Community Sent: Friday, July 18, 2008 12:16 PM Subject: [sniffer] Re: Problem with Sniffer-Porn rule this morning Hello Darin, Friday, July 18, 2008, 11:39:47 AM, you wrote: > We had 18 hits on it from ~6:40-9:30am EDT before putting in the rule panic, 5 of which reached our hold weight. We've had 27 more hits since adding the rule panic. When a rule panic is in place the rule should be inert. Please check your snf_engine_cfg.log to see if the rule panic was picked up in your configuration. Best, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Hello Darin, Friday, July 18, 2008, 11:39:47 AM, you wrote: > We had 18 hits on it from ~6:40-9:30am EDT before putting in the rule panic, 5 of which reached our hold weight. We've had 27 more hits since adding the rule panic. When a rule panic is in place the rule should be inert. Please check your snf_engine_cfg.log to see if the rule panic was picked up in your configuration. Best, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Hello Darin, Friday, July 18, 2008, 9:37:18 AM, you wrote: > Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. The rule has been pulled already. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
[sniffer] Re: Problem with Sniffer-Porn rule this morning
We had 18 hits on it from ~6:40-9:30am EDT before putting in the rule panic, 5 of which reached our hold weight. We've had 27 more hits since adding the rule panic. Darin. - Original Message - From: Colbeck, Andrew To: Message Sniffer Community Sent: Friday, July 18, 2008 11:30 AM Subject: [sniffer] Re: Problem with Sniffer-Porn rule this morning I also have hit this. A single hit, also from AOL. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Friday, July 18, 2008 6:37 AM To: Message Sniffer Community Subject: [sniffer] Problem with Sniffer-Porn rule this morning Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. Darin.
[sniffer] Re: Problem with Sniffer-Porn rule this morning
I've just used proper channels and submitted the message and the snippet from the MessageSniffer log to the false@ email address. I've also added this: to the section of the snf_engine.xml file on each of my servers. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Friday, July 18, 2008 8:31 AM To: Message Sniffer Community Subject: [sniffer] Re: Problem with Sniffer-Porn rule this morning I also have hit this. A single hit, also from AOL. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Friday, July 18, 2008 6:37 AM To: Message Sniffer Community Subject: [sniffer] Problem with Sniffer-Porn rule this morning Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. Darin.
[sniffer] Re: Problem with Sniffer-Porn rule this morning
Any word on this? Darin. - Original Message - From: Darin Cox To: Message Sniffer Community Sent: Friday, July 18, 2008 9:37 AM Subject: [sniffer] Problem with Sniffer-Porn rule this morning Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. Darin.
[sniffer] Re: Problem with Sniffer-Porn rule this morning
I also have hit this. A single hit, also from AOL. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Friday, July 18, 2008 6:37 AM To: Message Sniffer Community Subject: [sniffer] Problem with Sniffer-Porn rule this morning Pete, There appears to be a problem with rule 1984485 this morning. I'm getting a number of FP hits on it from AOL users. Darin.
