On 24 Jun 2004 at 10:46, Herb Guenther wrote:
Herb,
very kool - nice output. How do you compile the info if you don't
mind me asking?
-Nick Hayer
> Here is our last weeks stats, we did not see an increase in volume, so
> much as the amount gettig thru in the last couple days and
On 24 Jun 2004 at 10:55, Herb Guenther wrote:
Herb,
If you would be so generous it would be much appreciated...
-Nick
> I wrote a coldfusion page that parses the logs into a sql database
> every night, and then the display page you saw. If you have a
> coldfusion server I would be happy to gi
hat are your estimated accuracies for the various rule groups?
Thanks much!
-Nick Hayer
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
On 1 Nov 2004 at 14:03, Andy Schmidt wrote:
Andy,
Here is an alternative freeware utility to run sniffer as a service
in case youi want to try something different:
http://www.judoscript.com/goodies/RunExeSvc/runexesvc.html
This was posted awhile ago with setup instructions - it seems to work
s
Was this the ip?
209.67.220.164
This is the only address I have seen -
-Nick
Scott Fisher wrote:
Yes I have seen them too:
email starts with:
Dear Valued Member,
According to our site policy you will have to confirm your
account by the following link or else y
Hi John,
I do not.
As you I score some sniffer tests at 9 and tag the subject at 10. I do
occasionaly see fp's with sniffer - particulary with legit newsletters.
So what I have done is leave sniffer where it is and combo it up with
other tests to push it to and over the 10 threshold.
-Nick
Without regard to content I believe the edits would be made in
CurrentControlSet - not in ControlSetxxx - the later are the backups.
-Nick
Matt wrote:
Dan,
I seem to recall trying to use the AppParameters key and having
difficulty with it. I think that you might want to try removing th
Hi Pete,
I must be missing some of these posts - would you kindly let me know the
latest version of Sniffer and the url to download and the same for MDLP?
Thanks!
-Nick
Pete McNeil wrote:
Just very quiet.
Still here :-)
_M
This E-Mail came from the Message Sniffer mailing list. For
Hi Pete -
Pete McNeil wrote:
Hello Sniffer Folks,
The F001 Rule Bot has been adjusted.
Is it possible for you to recommend a percentage of accuracy or maybe
better stated a percentage of delete weight for each rule? I am
wondering which rules you feel are the weakest and which are the
Hi Pete,
It's a bit too early to know about the reliability of F001.
Understood - sorry I was not clear on this :)
I was referring to all your tests eg: printers, snake oil, what have you. which one do you have the most confidence in maybe get the least false positive reports on?
-Nick
T
Thanks.
-Nick
Scott Fisher wrote:
I'd say I get least FPs on:
warez (50), av push (49), advertising (56), insurance (48), and
gambling (59)
Most FPs on general (60), experimental (61) and travel (47)
- Original Message - From: "Pete McNeil"
<[EMAIL PROTECTED]
pong...
Pete McNeil wrote:
Hello sniffer,
Just testing.
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
Hi Pete,
Pete McNeil wrote:
How many DNS based tests do you use in your filter system?
approx 100
How many of them really matter?
depends :)
I generally weight them all very low; its the combination of several
that make each 'matter'. As I review held mail I remove ones that are
b
Hi Markus -
Markus Gufler wrote:
There is also another type of spam (stock spam now with attached png image)
this morning passing our filters.
I am catching these fairly easily -
a combo filter -
#combo-stockspammer-png.txt
SKIPIFWEIGHT26
TESTSFAILEDENDNOTCONTAINSEXTERNAL.REGE
Pete McNeil wrote:
Hello Nick,
What is your false positive rate with that pattern?
Hmm lets go to the MDLP for yesterday :)
SS HH HS SH SA
SQ
REGEX.STOCK.BODY 331 0 0 66 0.667506 0.445565
COMBO.STOCK_PNG 16
Pete,
I just moved to Declude 4x - how compatible is MDLP with this log
format? Although reports are generated it seems to me some tests are
missing, etc.
Thanks!
-Nick
#
This message is sent to you because you are subscribed to
16 matches
Mail list logo
