Hi Rob,
You can add the IPs to GBUdbIgnoreList.txt if you want sniffer to ignore the
IPs.
Pete,
I have some questions about GBUdb
FIRST QUESTION:
I have several clients who forward over e-mails from ISP accounts. I
have a system whereby I can pick out the original sending server IP. I
then add that IP to the message in a special header. (this can vary by
ISP and situation, but I've programmed my system to appropriately
determine which IP is the original sending server IP. Next, I add a
special custom header which points out that IP.
Would it be possible for MessageSniffer to grab the IP from a particular
header (perhaps this header could be added as a node in the XML config
file?). That way, if/when that header is available in the message,
Sniffer would then treat *that* IP as the sender's IP?
SECOND QUESTION:
Is it possible to tell Sniffer to NOT allow the possibility of
"truncating" on a message-by-message basis, where this would be
determined if a special command line switch were present. In fact, can
Sniffer be further instructed to ONLY run "pattern matching" scanning
and ignore the GBUdb for that particular message?
THIRD QUESTION:
Much of the spam I block doesn't run through Sniffer. Additionally, many
of the messages that Sniffer blocks are spams sent via established ISPs
whereas I already have those IPs in an extensive whitelist that I've
built up over the years.
A 4% sampling of this whitelist can be found here:
http://invaluement.com/fourpercentofwhitelist.txt
(multiple the size of that by 25 to get an idea of the massive size of
my IP whitelist)
Here is what I'd like to do which I believe would make my contribution
to sniffer most effective:
(A) Have sniffer NOT automatically input data into GBUdb with each
sniffer scan. (Is that possible?)
(B) Alternatively, whenever my spam filter marks a message as "spam", it
will issue the following command (but ONLY if that IP is NOT on my IP
whitelist, and regardless of whether or not the message was run through
sniffer):
SNFClient.exe -bad <IP4Address>
(If on my IP whitelist, it just won't do anything here.)
(C) If my spam filter marks a message as "ham", then it will issue the
following command (again, regardless of whether or not the message was
run through sniffer)
SNFClient.exe -good <IP4Address>
**********************************
**********************************
I know that this puts more trust on me and my system, but I have also
know that the quality of stats you'd receive from my system would vastly
improved due to my abilities in this area and this would be a huge
contribution to other Sniffer users over the norm. (I run one of the
best RBLs and URI blacklists in the world... I know what I'm doing here!)
Can these things be done?
Rob McEwen
#############################################################
This message is sent to you because you are subscribed to
the mailing list <sniffer@sortmonster.com>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
--
Mvh. Frank Jensen
[EMAIL PROTECTED]
www.pi.dk
------------------------------------------------------------
Imponerende, fascinerende og kæmpe
Plakater f.eks. 149 x 149 = 629 kr
Vi kan også lave plakat fra dit digitale foto
www.plakatkunst.dk
#############################################################
This message is sent to you because you are subscribed to
the mailing list <sniffer@sortmonster.com>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
