Message Sniffer

From ARM-KB

This page is no longer maintained and may contain information that is out of date. We have left this page in place to provide a historical reference and to provide assistance to folks who may have not yet upgraded from Version 2 to Version 3. EVERYONE should upgrade to the latest version if they have not done so already.

For the latest information covered on this page, please see the following pages on our web site: http://www.armresearch.com/index.jsp

Contents 1 Description 2 Organization 3 Contents 3.1 Introduction 3.2 Getting Started 3.3 Installation Support 3.4 FAQ 3.5 Live Reports 3.6 Resellers 3.7 Technical Details 3.8 White Papers 3.9 Glossary

Description

Message Sniffer is a anti-spam scanner that uses advanced pattern recognition technology to accurately identify spam. It is currently distributed as a command-line utility along with it's source code and some helpful scripts.

The engine is multi-platform and can be plugged in to many popular mail server and email security products. The distribution includes Windows binaries and source code for building the programs on Windows, Linux, BSD, OSX, etc.

A unique, downloadable rules database is available via subscription and is updated multiple times daily by spam analysts and intelligent monitoring systems.

Message Sniffer is a highly technical product that generally requires you know a few things about your system and that you have some scripting skills. If you are a skilled programmer (especailly C++ programming), there is almost no limit to what you can do with the SNF engine.

That said, if you aren't very technical you are NOT out of luck :-). We have a great community of folks that use and support SNF and you can reach them through the sniffer@ list.

Most folks who can use a text editor and follow instructions are able to get SNF up and running on their own in just a few minutes!

Organization

We've tried to keep the documentation organized conceptually and by task so that what you need next is usually close to where you are, and if it isn't you can probably see your way to it by following your instincts (of course, the search is also helpful). Most folks will find what they need in the FAQ section which contains just about every question anybody ever asked us and the answer that goes with it plus a few questions and answers we thought of ourselves along the way.

If you'd like to really get to know what SNF is about and how it works then we also have some sections that will give you the technical details and concepts that you need.

If you're just getting started, I recommend you begin with the introduction section (all of it) and then go to the main installation section, followed by the specific installation section that applies to your platform - or is closest to it if you don't see your platform here.

Contents

Introduction

Sniffer Basics

License and Terms of Service

News and Updates

Getting Started

Distribution Files

Integration

Sniffer Mail List

Subscription

Trial FAQ

Installation Support

Please Read Installation Support (above) First!
Then read the section that applies to your platform...

eWall

Imail/Declude

Imail/mxGuard

MDaemon

MerakMail (IceWarp)

ORF

Postfix

Smartermail/Declude

SpamAssassin

SurgeMail

VopMail

FAQ

False Positives

Functionality

Performance

Submitting Spam

Updates

Live Reports

Change Rates

False Positives

Flow Rates by Day

Flow Rates by Hour

Rule Strengths

Resellers

Program Information

Resellers FAQ

Technical Details

Automated Updates

Customization

Log Files

Understanding Log Files

Log File Submissions

Technical Log File Questions

MDaemon Plugin

Result Codes

Submitted Scripts

Tools

Version 2 Operating Modes

Peer-Server

Persistent Sniffer

General Information

Associated Files

Setup

Technical Q&A

White Papers

Organized Blackhats

Spam Traps

Version 2 Architecture

Glossary