Re: [sniffer] OT - exchange 5.5 help
Title: Re: [sniffer] OT - exchange 5.5 help Configure the IMS (internet mail service/connector in echange manager) You have to disable the microsoft smtp server (iis5 smtp) exchange 55 has its own smtp -Original Message- From: [EMAIL PROTECTED] [EMAIL PROTECTED] To: 'declude.junkmail@declude.com' declude.junkmail@declude.com CC: 'sniffer@SortMonster.com' sniffer@SortMonster.com Sent: Fri Jan 07 07:13:01 2005 Subject: [sniffer] OT - exchange 5.5 help I know this is off topic, but I need a little Exchange 5.5 help. Recently upgraded a client from NT4 with Exchange to Windows 2000 Server SP4 with Exchange 5.5. I am having one problem though. The local server name is server.example.com, which is fine and dandy for the internal network. I need to add a domain suffix for the server for the outside world for sending email. I need the domain suffix to be something like example1.com, where example1.com is a real registered domain. Any help is appreciated and you can email me off list. Daniel === Daniel Ivey GCR Company / GCR Online Voice: 434 - 570 - 1765 Fax: 434 - 572 - 1981 [EMAIL PROTECTED] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: Re[2]: [sniffer] Sniffer Updates
Title: Re: Re[2]: [sniffer] Sniffer Updates Automate harassment reminders to those of us not using it. :) I think I'll go enable gzip tonight -Original Message- From: [EMAIL PROTECTED] [EMAIL PROTECTED] To: Landry William sniffer@SortMonster.com Sent: Mon Dec 27 12:36:06 2004 Subject: Re[2]: [sniffer] Sniffer Updates On Monday, December 27, 2004, 12:46:19 PM, Landry wrote: LW Are folks taking advantage of the wget compression option before LW downloading their rulebase updates? If the slow download speeds are a LW bandwidth saturation issue on the Sniffer end, this would certainly cut down LW on the bandwidth requirements on their end and increase the download times LW for everyone. LW Also, I've got to ask, if the downloads are happening behind the scenes, LW by an automated or triggered download, why the concern about speeds, as long LW as your downloads are successful? >From what I've seen in the logs, only about 5% of folks are taking advantage of gzip right now. Also, I did some incantations on the log (grep, awk, uniq etc) and came up with just under half of our customers downloading their rulebase between 1200 and 1300 today. That's between 2 and 3 times as many as should have done it ;-) -- so the backlog is explainable. This kind of thing happens for lots of reasons and there are a lot of ways to mitigate the problem. A big one on the list - certainly - is using the gzip capability. With only 5% of folks using this and average compression ratios well above 50% there is plenty of room to make a big dent in this. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] spam leakage up
Didnt you post this a long time ago? If you'll post it again i'll copy it and maybe convert it to perl ( I have coldfusion but do most of my reports in perl.. tends to be a little faster ) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Herb GuentherSent: Thursday, June 24, 2004 10:55 AMTo: [EMAIL PROTECTED]Subject: Re: [sniffer] spam leakage up I wrote a coldfusion page that parses the logs into a sql database every night, and then the display page you saw. If you have a coldfusion server I would be happy to give you the code.HerbAaron J.Caviglia wrote: Herb, How did you generate that SPAM report? Thanks, Aaron Caviglia www.vantech.net On Jun 24, 2004, at 8:46 AM, Herb Guenther wrote: wow, that is even worse than we are seeing, we are at about 80%, but should really be at about 85% if all were tagged. Here is our last weeks stats, we did not see an increase in volume, so much as the amount gettig thru in the last couple days and continuing today. Herb SPAM Report Statistics are based on the last 6,150,612 email messages received. You are viewing Server 1 Stats View Server 2 stats Statistic 06/17 06/18 06/19 06/20 06/21 06/22 06/23 Weekly Total Daily Avg. image.tiffDelivered Messages 34,291 30,762 22,331 22,484 31,245 33,588 33,582 208,283 25,311 image.tiffGood Messages 6,493 5,101 1,595 1,721 6,209 6,772 6,170 34,061 5,221 image.tiffSpam Messages 27,798 25,661 20,736 20,763 25,036 26,816 27,412 174,222 20,090 image.tiffSpam Percent 81% 83% 92% 92% 80% 79% 81% 84% 79% image.tiffMal Formed Headers 3,845 4,277 3,193 3,555 4,094 4,286 4,459 27,709 4,949 image.tiffSpam Headers 4,544 4,081 3,665 3,367 4,800 5,712 6,129 32,298 3,308 image.tiffSpam Routing 6,351 5,697 5,200 5,613 5,718 6,072 5,616 40,267 3,375 image.tiffNo Reverse DNS 6,864 7,787 6,529 6,729 7,742 6,783 5,023 47,457 2,446 image.tiffWhite Listed 1,157 968 116 162 1,237 1,245 1,229 6,114 785 image.tiffGeneral Spam 1,021 958 736 851 1,012 1,045 1,122 6,745 1,490 image.tiffExperimental 1,543 1,190 951 970 1,284 1,342 1,472 8,752 900 image.tiffObfuscation 240 183 158 189 196 336 151 1,453 352 image.tiffGrey Hosts 355 196 29 33 213 343 315 1,484 166 image.tiffGambling 272 202 263 261 215 303 161 1,677 124 image.tiffRefinancing/Loans 2,293 2,216 1,809 1,659 2,167 2,013 1,975 14,132 1,765 image.tiffBusiness opportunities 1,989 1,991 1,546 1,547 1,990 2,089 2,163 13,315 1,464 image.tiffInk and toner cartridges 159 124 41 91 100 89 63 667 121 image.tiffPornography 2,296 1,874 2,189 1,798 2,120 2,224 2,333 14,834 1,731 image.tiffSend money scams 57 63 66 57 85 84 82 494 65 image.tiffOnline pharmacies 6,792 6,098 5,419 4,907 5,766 5,526 5,767 40,275 5,684 image.tiffCable/Satellite descramblers 1,250 1,340 1,190 1,384 1,277 1,710 1,554 9,705 867 image.tiffNorton/McAfee offers 17 61 4 7 11 19 25 144 68 image.tiffInsurance quotes, etc. 706 493 374 354 526 552 547 3,552 649 image.tiffTravel/vacation offers 216 135 82 61 87 160 121 862 238 image.tiffViruses Detected 649 440 223 201 537 498 493 3,041 344 image.tiffVirus Vulnerabilities 581 431 365 304 531 518 580 3,310 406 Dan Stratton wrote: Yes I have seen an increase in spam not tagged by sniffer or in a lot of cases by any other of the declude tests that I am using. I also have notice quite a large increase in overall spam and attribute at least some of the leakage to this increase. Some day's I am seeing 94% spam and 6 % legitimate email which I find incredible. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Herb Guenther Sent: Thursday, June 24, 2004 7:51 AM To: [EMAIL PROTECTED] Subject: [sniffer] spam leakage up In the last couple days we are seeing quite an increase in the amount of spam leaking past sniffer and declude. Anyone else seeing this? Herb -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. This E-Mail came from the Message Sniffer mailing list. For information and
RE: [sniffer] Postfix Sniffer 2-3
Nothing to do with your conf. You would add a system-wide startup script to do something like file: /usr/local/etc/rc.d/sniffer-persistent.sh -- #!/bin/sh case $1 in start) # note the at the end tells the system to launch sniffer # into the background and not wait for sniffer to exit # since persistent sniffer will not exit until killed /var/spool/sniffer2/lic.exe AuTHCoDE123 persistent ;; stop) /var/spool/sniffer2/lic.exe shutdown-command (I don't have the readme infront of me) ;; *) echo usage: `basename $0` {start|stop} ;; esac - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ali Resting Sent: Thursday, May 13, 2004 9:21 AM To: [EMAIL PROTECTED] Subject: [sniffer] Postfix Sniffer 2-3 I have not been following the postings closely, so my question may already have been answered. I am running postfix 2 with sniffer-2-2.2 with no problems. I would like to upgrade to sniffer-2.3. This is an extract from my postfix conf: smtp inet n - y - - smtpd -o content_filter=snfilter I compiled the new sniffer 2.3 with no problem. How do I change my current conf to include the new persistent feature? Ali Resting Real Image Internet This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
RE: [sniffer] Final beta (b2) for snfrv2r3
My findings are that persistent is offering great benefits, havnt tried an excessively harsh test yet, but i'm about to do that. Just ran sniffer in both persistent and non-persistent modes with over 1,000 mesages in the overflow and MaxQueProc at 50. This pegs out my CPU between 90% 100% for the duration of delivery. Screenshots sniffer log snipplets at http://staff.netsmith.net/sniffer/Extreme_Load/ I wont waste the mailing lists bandwith for the attachments for those who dont want them. I dont see an obvious different when the system is under heavy load, at least not by skimming the log files. Could do some math on overall performance statistics I guess... # of messages processed in same timeframe, average times, etc. winmail.dat