On Wednesday, October 20, 2004, 3:05:35 PM, Keith wrote:
KJ If we don't run the Mdaemon on our systems and just use the new
KJ download, will we also see a speed increase on processing. Thanks for
KJ the time.
Yes. The changes that have been made should remove administrative
overhead and
On Wednesday, October 20, 2004, 4:15:09 PM, Michiel wrote:
MP What we did was write a wrapper around sniffer, and fire that wrapper from
MP the Content Filter. that wrapper measures how long each sniffer instance
MP takes. In the previous version, it took way longer when using the persistent
MP
On Wednesday, October 20, 2004, 4:03:15 PM, Jorge wrote:
If you fire up Task Manager on a windows machine (or your favourite ps tool
elsewhere), and set the View, Update Speed to High, then sort by the name in
reverse, you will see multiple sniffer.exe and one with a PID that doesn't
change.
, 2004, 5:19:49 PM, Michiel wrote:
MP Does this version have speed improvements over the previous official
MP release, when NOT using the persistent option (with Mdaemon)?
MP -Original Message-
MP From: [EMAIL PROTECTED]
MP [mailto:[EMAIL PROTECTED]
MP On Behalf Of Pete McNeil
MP Sent: zondag
and preliminary responses support that we
have achieved this goal.
I look forward to any and all comments.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
PS: The remaining updates for this next version (2-3.1) will be the
addition
On Friday, October 15, 2004, 9:15:00 AM, Harry wrote:
HV Let me know when it is safe to run this on a production server
We will announce all production-ready releases on this list.
Thanks,
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription
needs to be done... (I appreciate your help!)
Please do keep me informed.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription
On Tuesday, October 12, 2004, 12:16:16 PM, Frederick wrote:
FS Link not working
Please try again, I copied the wrong link initially.
I've corrected the problem at the server.
Thanks,
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription
:-)
On Thursday, October 7, 2004, 5:34:15 PM, Andrew wrote:
CA A member of my company with an important title complains
CA about mail being slow, and that her business associates can't
CA reach her. It goes up the corporate ladder until it peaks and
CA comes much further down to my level.
CA
On Wednesday, September 22, 2004, 10:06:29 AM, Faustino wrote:
FB Hi there,
FB We're having a problem with somes of our clients and Sniffer.
FB For example: All the messages to a specific domain are marked
FB as spam, even if the text message only contains 'Test'.
FB Sniffer return the code 52.
On Tuesday, September 21, 2004, 6:13:23 PM, Jorge wrote:
JA Something happened today? I've had a couple of quiet days lately, today
JA I've received over 40+ message of spam that went undetected by
JA MessageSniffer...
Spam storm - We've been pounding new rules for about two days.
We're still
On Monday, September 20, 2004, 5:46:00 AM, Roger wrote:
RM Since the content-type multipart must specify a boundary, I suggest you
RM filter all mail that have the content type multipart without boundary=.
RM Currently PARMACIA.BIZ sends hundreds of spams daily to our domain and
RM probably to
On Monday, September 20, 2004, 10:40:28 AM, Dan wrote:
DS For whatever reason I don't think I've been running the latest version of
DS sniffer as I don't even recall having updated to version 2. So I downloaded
DS the latest version and copied renamed the .exe the .cfg files.
DS Is there
On Saturday, September 18, 2004, 11:22:02 PM, Matt wrote:
M Thanks Pete, but let me just stress the largest issue that I see and I
M think you already are aware of it. The new IP classification is the
M most likely to produce false positives and it's result code of 60 places
M precedence of that
On Sunday, September 19, 2004, 10:11:27 AM, Landry wrote:
LW Pete, I am wondering why Sniffer has such a problem detecting
LW the so-called NIGERIAN types of spam. It seems that I have been
LW forwarding several of them daily to the spam@ address for weeks,
LW but Sniffer still consistently
On Saturday, September 18, 2004, 9:07:55 PM, Matt wrote:
M John,
M If you read this more carefully, I was not suggesting that
M action betaken that would affect everyone's system in such a way
M that it wouldrequire modifications. The 60 result code was
M recently changed fromGray rules to IP
On Friday, September 17, 2004, 12:42:26 PM, Steve wrote:
SF I am having problems downloading the starter scripts to automate updates
Responded off list.
_M
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
On Wednesday, September 15, 2004, 2:06:22 AM, Landry wrote:
LW I have seen a fairly substantial increase on false positives
LW today. I have submitted several FPs to the false@ address. Has
LW there been a big change in the core rulebase today? I wouldn't
LW think that upgrading to the new
On Wednesday, September 15, 2004, 11:29:19 AM, Jim wrote:
JM Pete,
JM What about the Spam that seems to have been slipping through recently? I
JM have submitted half a dozen or so in the last 24 hours and I am still
JM getting copies. I also loaded the new version of sniffer yesterday but that
these settings periodically for the
best performance.
They days of the Gray-Hosting group with a high false positive rate
are long gone and will not return ;-)
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came
On Tuesday, September 14, 2004, 11:41:48 AM, Corby wrote:
AC To which addresss should I send these?
AC Also, I mis-stated the spam. They were not plain text, but
AC html, but clearly have many classic spam attributes. I will
AC send them along, but need to know where.
Please zip them and
On Tuesday, September 14, 2004, 11:48:43 AM, Corby wrote:
AC I suppose everyone's userbases have differenent
AC requirements. An ISP or private enterprise might worry about
AC false postives on horny teenagers and penis enlargement, but
AC for our local government agency, it causes problems.
On Tuesday, September 14, 2004, 12:40:43 PM, Jorge wrote:
JA What is Group 62? Is there anywhere I can get a list of all group types?
http://www.sortmonster.com/MessageSniffer/Help/ResultCodesHelp.html
62 - Abstract patterns for spam structures.
This group also contains some domain rules that
- usually video
production houses though.
Any info welcome.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go
On Tuesday, September 14, 2004, 4:06:47 PM, Jonathan wrote:
JH How does a user go about modifying the custom sniffer rules? Must Sort
JH Monster be contacted or is it possible to do this with some other system
JH (such as a web based interface)?
The normal way right now is to work through us.
On Monday, September 13, 2004, 7:22:03 PM, Corby wrote:
AC Hello,
AC I was surprised recently by some spam that got through
AC without getting caught by the sniffer. We've been getting some
AC plain text messages that have obvious spam words in the subject
AC line. For example, a plain text
servers. We
will be making this the official distribution after a little more
testing. No problems have been observed or reported so far.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message
On Monday, September 13, 2004, 10:20:06 PM, Keith wrote:
KJ Pete,
KJ I take it this can be run without the persistent mode? Thanks for the aid.
Yes. It is no different than the current version except for the patch.
_M
This E-Mail came from the Message Sniffer mailing list. For
On Sunday, September 12, 2004, 2:34:50 PM, Heimir wrote:
HE Pete,
HE
HE I am getting porn spam from EarthLink every day, several times a day.
HE I get them on 2 of my personal accounts.
HE
HE I have complaint to abuse @ EarthLink for a while now but I
HE do not get any response beside the
Hello Sniffer folks,
Sorry for not capturing the loop sooner. I've dropped Keith from the
list for now to stop the loop. I took a few hours off to watch
football.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com
On Saturday, September 4, 2004, 4:41:52 PM, Karen wrote:
KP news item?
No, This one is minor and there have been changes since then. For
example, now the basis for the graphs is the highest message rate
normalized for the number of logs collected.
I'm working on some sofware that will be
/MessageSniffer/Performance/FlowRates.jsp
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http
On Thursday, September 2, 2004, 2:53:08 PM, Darrell wrote:
DL Pete,
DL How does this graph differentiate between Ham and Spam? Can't some Ham be
DL uncaught spam? And some messages identified as SPAM really be Ham?
Yes, this is true - but our system is very accurate so the data is
good enough
On Wednesday, August 25, 2004, 2:11:47 PM, Scott wrote:
SF Are there any rules in place to deal with this obfuscation?
SF Sec. tion
SF 2. 7, A o, f the Sec, urities A, ct of 19. 33 and Se.ction 2. 1B
SF of the Se. curities Excha. nge A, ct of 19. 34.
Yes... When we get a pump and dump spam we
and user
submissions.)
A good place to see the effects of our work is on the Spam Test
Quality Analysis page by Markus Gufler:
http://www2.spamchk.com/public.html
I hope you find this information to be both useful and interesting.
Thanks,
_M
Pete McNeil (Madscientist)
President
On Friday, August 20, 2004, 2:35:35 AM, Michiel wrote:
MP Pete, even your message had a chaset header:
MP Content-Type: text/plain; charset=us-ascii
Yes, a tricky gadget indeed.
MP I think you'll generate more FP's if you do something like that than FN's
MP you might have now. Aren't there
On Friday, August 20, 2004, 12:01:31 PM, Scott wrote:
SF -Mad,
SF How set up is Message Sniffer to determine if an e-mail in a foreign
SF language is spam and then code for it.
SF I dutifully submit my Spanish spam to the spam at sortmonster.com address.
SF It's a very, very small percentage of
On Thursday, August 19, 2004, 10:11:45 AM, Jorge wrote:
JA Michiel Prins wrote:
Can't you use the content filter of your mail server to detect if the
charset is used?
JA I've tried, but it's not 100% effective
I recall the earlier conversations about this. We have not had a lot
of call
On Thursday, August 19, 2004, 3:54:20 PM, Jorge wrote:
We could then turn on or off the languages we didn't want.
From my foray with dealing with Chinese, it certainly much
easier said than done. Chinese was doable, I've had no luck
stopping my Spanish spam.
Then again, you might be better at it
On Thursday, August 19, 2004, 10:45:37 PM, Jorge wrote:
JA Could a filter be created that will tag as spam any messages that
JA contaning NON-ascii characters? I mean allow only CHRS 1 through 255.
JA I believe this fill filter out all these foreign character sets, and let
JA through regular old
filter for now and may request a new rule when that fails to be
WF effective.
WF Thanks
WF Woody
WF -Original Message-
WF From: [EMAIL PROTECTED]
WF [mailto:[EMAIL PROTECTED] Behalf Of Pete McNeil
WF Sent: Monday, August 02, 2004 12:14 PM
WF To: Woody Fussell
WF Subject: Re: [sniffer] Did
On Saturday, July 31, 2004, 3:32:46 PM, John wrote:
JTL (Moved to list)
JTL Thanks, got it.
JTL This is my current lines, do I need to add others, or are the rules within
JTL these codes? (I hold at 25 and delete at 35)
JTL Is there a full list of codes on the web site?
JTL SNIFFER-TRAVEL
On Thursday, July 29, 2004, 10:42:40 AM, Jorge wrote:
JA Has something happened lately (in the last 24-48 hours).
Nothing significant that I can see except for a higher than usual
spike in spam through the evening hours last night.
JA Normally, I get small amounts (less than 10 a day) of spam
On Thursday, July 29, 2004, 11:48:58 AM, John wrote:
JTL I have also noticed an increase in the amount of spam that got through,
JTL mainly on gatewayed domains. I did forward a bunch in the last 18 hours,
JTL hopefully that will help.
What's interesting is that we're not seeing the increase in
On Thursday, July 29, 2004, 1:23:11 PM, John wrote:
JTL Would the new attached fall under the same rule?
Yes. It looks like the same domain is involved.
I've launched a compile of your rulebase - you should be updated very
quickly.
In this case it seems that you started receiving these a few
On Thursday, July 29, 2004, 1:28:45 PM, Keith wrote:
KJ I found a .fin file in my sniffer directory and didn't know if anyone
KJ knew what it was and how it is produced. It is dated several days ago.
KJ Thanks for the aid.
An orphaned .FIN file represents a message scan that was completed by
a
On Thursday, July 29, 2004, 2:52:07 PM, John wrote:
JTL Should I continue to forward spam that is not caught then?
Always send spam that is not captured to [EMAIL PROTECTED]
If these keep coming through even after your update then we need to
hunt for why they are not being tagged...
If you
On Wednesday, July 28, 2004, 5:34:43 AM, Landry wrote:
LW Pete, I put together a little script that modifies the Q*.SMD
LW file for identified spam messages that were held in my spam
LW directory, but were not tagged by Sniffer, and can forward a copy
LW of these messages to your spam@ address.
!
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
to let you know
this was happening.
Thanks,
_M
Pete McNeil (Madscientist)
President, MicroNeil Research Corporation
Chief SortMonster (www.sortmonster.com)
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http
On Thursday, June 24, 2004, 12:23:22 PM, Herb wrote:
HG Yes, I did about a year or so ago as I remember. I don't
HG know, isthere a spot for this on the message sniffer site?
HG Sniffer folks Then it would be available to whoever wanted it.
Sure. Please package it up in a .zip file for us
On Wednesday, June 23, 2004, 4:30:48 AM, John wrote:
JTL Trying to set up a new client.
JTL Testing the logrotate script.
JTL Starting at about 01:10 AM to test, can not upload logs. I kept getting not
JTL connected messages.
I checked through the logs and didn't see any problems.
We seem to
On Monday, June 14, 2004, 1:56:00 AM, Matt wrote:
M Pete,
M Experimental. If these rules were in a differentcategory, it would
M make me feel a lot better about it. I'm guessingmaybe from my
M standpoint, Spamware would be the most appropriatecategory for
M tagging forged message ID's of this
On Monday, June 14, 2004, 12:33:24 AM, Matt wrote:
M Pete,
M So would the Message-ID produce a hit if it was in the body of a
M message? The reason why I ask is because I'm concerned about the
M possibility of legitimate servers getting tagged with Experimental and
M how that plays into my
ROFL!
you got me.
_M
On Monday, June 7, 2004, 11:54:01 PM, Matt wrote:
M Pete McNeil wrote:
M So where's Waldo :)
When reviewing a message like that we always troll the actual message
for the link that was intended - this helps us discard those that are
in there for fluff.
The porn guys do
On Monday, June 7, 2004, 6:20:25 PM, Matt wrote:
M Pete,
M I'm guessing that you have seen this already, but check out all of the
M domains that are listed in this zombie spam:
M
On Monday, June 7, 2004, 6:20:25 PM, Matt wrote:
M Pete,
M I'm guessing that you have seen this already, but check out all of the
M domains that are listed in this zombie spam:
M
On Friday, June 4, 2004, 7:52:20 PM, Rick wrote:
RR Hey Pete:
RR FYI: Spam filters seem to be working exceptionally well the past 2 days.
RR Almost nothing gets through (I've also got my spam route rule set to
RR level20).
We made a few tweaks to the inbound spam process and our SPHUD feeder
-
At 08:26 PM 5/23/2004, you wrote:
Does this mean that WinX
machines should ensure that they are rebooted at
least every 24 days to avoid overflowing the clock() value until the
next
version is available?
No.
* Win32 machines do not appear to be effected (so far no reports and I
haven't been able
At 06:16 PM 5/22/2004, you wrote:
Running v2.3 in Linux as follows causes Sniffer to consume 99% CPU
indefinitely. Is anybody else seeing this?
./mysnfrname.exe myauthcode persistent
When you run it without what happens?
Did it creat a mysnfrname.log file? What is in it?
When the instance is
At 01:42 PM 5/21/2004, you wrote:
Pete,
Our Hold range has returned to more normal territory on Thursday.
Here's the stats from
snip/
One of my thoughts regarding
minimum rule strengths and grace periods is that all groups aren't
necessarily the same. For instance Nigerian scams are low volume
Hello folks,
The latest version of Message Sniffer (Version 2-3) has been posted on
C|Net Download.com. The previous version survived for several months as the
only anti-spam solution on C|Net with a 100% approval rating thanks to your
comments!!!
Whenever a new version is posted, the reviews
At 12:57 PM 5/19/2004, you wrote:
Pete,
I noted late last night that my rulebase grew by 700 KB over the size of
the previous one that was archived on my machine, and also the hits for
some of the tests were noticeably lower and I had a definite increase in
the number of messages that scored in
At 11:33 AM 5/14/2004, [EMAIL PROTECTED] wrote:
HI Pete,
I uploaded the new .exe file, renamed it to my number.
I don't get this persistant instance thing...can you give this to me in
laymans terms? Im just a simple network engineer with 17 years of
experience. How do I get it working? I need
Thanks!
_M
At 10:09 PM 5/11/2004, you wrote:
Installed it here and it works as advertised!
- Original Message -
This new version of Message Sniffer Screams! when using the new
Persistent Instance option consistently achieving message scans in tens
of milliseconds without the need for
2004-05-08 - Message Sniffer Version 2-3 Official Release!
We are proud to release the newest version of Message Sniffer. This version
includes important performance and system integrity improvements including
full rulebase integrity checking to protect against corrupted or failed
rulebase
At 11:36 AM 5/9/2004, you wrote:
Pete.
Should we be able to just replace our .exe file with this one
Yes. It will act just like the current version.
The persistent server option doesn't take effect until you launch an
instance in persistent mode. Until then (or if the persistent server
At 12:35 PM 5/9/2004, you wrote:
Are there step-by-step upgrade instructions posted anywhere? Our
configuration is Windows 2000 server with Declude. I don't quite understand
what needs to be done to enable the Persistent Instance option.
Step-by-step instructions will depend on how you intend to
At 05:28 PM 5/9/2004, you wrote:
Thanks Pete! One other question. I am now downloading my rulebase files as
.gz files (much faster downloads now). Are you prepared to receive our log
file uploads either zipped or gzipped?
I'm not ready to do that yet, but it does seem like a good idea. I'll
At 08:09 PM 5/9/2004, you wrote:
The persistent mode stopped working after installing new program.
Revert back to old one and it works???
Start xx.exe x persistent
I've not tried running it that way - though it should work if you're
willing to remain logged in. Normally you would
At 10:06 PM 5/9/2004, you wrote:
Same problem here. (MDaemon ver. 7.01 - Latest)
I've replaced the old .exe with the new 2.3 and renamed it with my license.
Is there anything else?
Persistent now hangs when executed. Are we not supposed to see the
'polling' anymore?
Yes. Sorry for the
back to old one and it works???
Start xx.exe x persistent
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 10, 2004 4:59 AM
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
At 11
At 12:09 AM 5/10/2004, you wrote:
Thanks _M
Not to cause trouble, but I did get comfortable with the polling output. At
a glance, I could see heavy incoming traffic. But there's other ways for
monitoring that...
Just to be 100% clear: I've attached 2 files.
1) Old ver - Polling text output
2)
Hello folks,
Today we are releasing the new snf2check utility which performs a full
integrity check (digest checking) of the rulebase file.
The distribution file can be found at:
http://www.sortmonster.com/MessageSniffer/Betas/snf2check-v2-dist.zip
The .zip contains a win32 binary (.exe), a
to 1:
12:24:17 (78.89 KB/s) - `sniffer2.new.gz' saved [1983539/1983539]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Pete McNeil
Sent: Friday, April 30, 2004 8:48 PM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] test
mod_gzip is now configured on our web
At 04:17 PM 5/4/2004, you wrote:
At 02:49 PM 5/4/2004, Vivek Khera wrote:
On May 4, 2004, at 3:42 PM, Pete McNeil wrote:
Every rulebase is potentially a different size composition, plus sizes
typically change with each update. I'm glad to hear all the positive
reports on this. :-)
Forgive me
At 07:13 AM 5/1/2004, you wrote:
This can be done with wget, for example, but setting this up appears to be
technically complex - so I'm going to leave it at that for now. (Requires
the --header switch and piping the output through gzip)
It is not so complex:
In the wget command change
-O
We are pushing out an update with a number of rules to catch this bug. I
did not find any references to the content on google - so it might be new.
The contents of the message (modified) are below. Do not follow the link -
I have obscured it with spaces for safety. There may be (probably will
At 05:56 PM 4/21/2004, you wrote:
At 04:56 PM 4/20/04 -0400, Pete McNeil wrote:
Just to follow up in the same thread, the compilers were running, but the
update notifications were not going out. We missed it locally because our
local update notifications follow a different path and because
was Sunday
at 7:56PM.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil
Sent: Tuesday, April 20, 2004 2:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [sniffer] Scheduled Updates
I show the latest compile time as 20040420.1644 GMT.
I'll check
Hello Folks,
In light of recent issues with download problems I went looking for ways to
tighten up the rulebase files. I have retuned the rulebases so that new
rules now have a shorter grace period within which to prove themselves.
By default, a new rule must now amass at least 20 kills
Hello folks,
I've been watching the systems operate throughout the evening with an eye
toward minimizing download problems in the short term. It appears that it
will take us several weeks if not months to finally negotiate, plan, and
execute the changes we have planned in our hosting
Any time is fine. How about 0100 ET. - I'm pretty sure that spot is
mostly empty.
_M
At 09:17 PM 4/13/2004, you wrote:
It is working, I tested it from
the command line. What time of day do you want it run?
- Original Message -
From: Pete McNeil
To: [EMAIL PROTECTED]
Sent: Tuesday
We had some major BGP flapping with both Sprint and Savvis. Nobody has
gotten to the bottom of it yet and it settled down around 0200. No errors
or warnings since then.
_M
At 10:37 PM 4/13/2004, you wrote:
Pete.
I am seeing major download problems of the SNF file tonight.
Any problems with
At 10:01 AM 4/14/2004, you wrote:
Hi,
In the default logrotate.cmd script is a move
in stead of a ren command. Is there any special reason for that? As Ren
is an internal command and move an external command I would have expected
Ren to be used.
That's a good point - I guess I used move because
- Maintenance
Network Security - Internet -
E-mail
Software Development - Project Management
--
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
On Behalf Of Pete McNeil
Sent: woensdag 7 april 2004 17:38
To: [EMAIL PROTECTED]
Subject: RE: [sniffer] Final beta
that does
that?
Thanks, andy
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, April 10, 2004 9:12 AM
Subject: Re: [sniffer] log file growing
H,
If we were triggering it - then that would have been our
update
notification message
it has stopped working... It was being
initiated automatically by an email sent by you to the system in Imail.
Where do I look?
Thanks, andy
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, April 09, 2004 3:20 PM
Subject: Re: [sniffer] log file
]
On Behalf Of Kirk Mitchell
Sent: donderdag 8 april 2004 23:35
To: [EMAIL PROTECTED]
Subject: RE: [sniffer] Final beta (b2) for snfrv2r3
At 05:42 AM 4/8/04 -0400, Pete McNeil wrote:
http://www.keyconn.net/misc/sniffer.htm
I'll bet you are using b1 - this first 2-3beta does not implement
At 12:18 PM 4/9/2004, you wrote:
HI,
My log file used to write to a new file everyday, now it is writing to the
same file...
I didn't change anything, how do I fix it?
This is confusing. Message Sniffer has always written to a single log file
that does not change. External utilities could be
Sniffer is adaptive. You can turn the persistent instance on and off at
will. Simply stop the service - a reboot is not needed. If the persistent
instance is turned off then the remaining instances will organize
themselves in the usual way.
I don't have it running as a service, I started the
Tried the above and got an error message. Tried:
sniffer.exe xxauthenticationxx stop
and it paused a few seconds and returned to command prompt, so I'm guessing
that it stopped.
That doesn't sound quite right.
In the distribution there are some .CMD files that show examples of the
commands:
:-)
At 04:31 PM 3/29/2004, you wrote:
Didn't happen this
time, nevermind!
Frederic Tarasevicius
Internet Information Services, Inc.
http://www.i-is.com/
810-794-4400
mailto:[EMAIL PROTECTED]
- Original Message -
From: Fred
To:
[EMAIL PROTECTED]
Sent: Monday, March 29, 2004
Hello folks,
To facilitate process automation in larger email systems we have developed
a coding scheme and a number of standardized response codes for handling
false positive submissions. This will allow you to route our responses to
your false positive submissions automatically.
I have
places...thanks for all the help..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
- Original Message -
From: Pete McNeil
To: [EMAIL PROTECTED]
Sent: Friday, March 26, 2004 1:41 PM
Subject: Re: [sniffer] Help
This seems like a rulebase thing.
We spoke
At 01:57 AM 3/26/2004, you wrote:
I once noticed that transferring data through TCP/IP is NOT error-free, if
the connection is very slow. At least not if it is going through Microsoft's
software (Windows).
Me 2.
One possibility that has been suggested is that we could gzip these files.
That
back up. Hopefully we'll get
to the bottom of things though.
_M
At 03:23 AM 3/26/2004, you wrote:
I'm doing a download as we speak.
I am on a 100mb connection.
Getting between 6-10K with several short stops in download.
H.
- Original Message -
From: Pete McNeil [EMAIL PROTECTED
At 03:39 AM 3/26/2004, you wrote:
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Since we're both up at this insane hour. Would you mind making a test?
I've just shut down the Sprint line - so we're running through Savvis
exclusively. If I'm right about the connectivity
At 07:42 AM 3/26/2004, you wrote:
Pete,
Just wanted to interject a couple observations. I'm connected to the
Internet through a 15Mb frac ds/3 from ATT and a T1 from Sprint. I of
course of no way of telling which pipe our automated downloads are coming
from. However, I too have noticed
At 09:10 AM 3/26/2004, you wrote:
On Mar 25, 2004, at 8:10 PM, Pete McNeil wrote:
ERROR_BAD_MATRIX is definitely a corrupted rulebase file. A manual
download should solve the problem.
Should not snf2check.exe detect this? If the sniffer can detect it, it
seems that the checker should too
801 - 900 of 922 matches
Mail list logo