Message Sniffer.Installation
From ARM-KB
This page is no longer maintained and may contain information that is out of date. We have left this page in place to provide a historical reference and to provide assistance to folks who may have not yet upgraded from Version 2 to Version 3. EVERYONE should upgrade to the latest version if they have not done so already.
For the latest information covered on this page, please see the following pages on our web site: http://www.armresearch.com/support/articles/installation/index.jsp
Home-> Message Sniffer-> Installation
Contents |
About this section
This section provides helpful information about setting up Message Sniffer to block spam. Use the links below to help you install Message Sniffer on your server. Once you've purchased Message Sniffer you can use the instructions below to help you install your registered license. Please note that Message Sniffer is designed to work in many different environments. Please let us know if you have Message Sniffer running on a server that is not listed here.
Message Sniffer can be used to block spam on many email servers and even some email clients! The Message Sniffer utilities are compatible with Windows, Linux, and BSD operating systems. (Other operating systems may be supported in future.)
In general, Message Sniffer works very much like most command line virus scanner programs. Your mail server provides Message Sniffer with a message to scan and the Message Sniffer utility returns a result code indicating whether the message is "Clean" (a zero result), or a "Match" (a non-zero result) with one of its filter rules. A match usually indicates spam.
We have established some documentation and procedures to help you integrate Message Sniffer with some of the more common email servers. Our goal is to support as many systems as possible. If you use Message Sniffer on another email server then please let us know and we will document the process with your help and experience.
If you would like our help getting Message Sniffer to block spam on your email system then please let us know by sending a note to support@armresearch.com. We would be very happy to work with you.
Where To Start (the Technology Demonstrator)
Most folks should start by installing or experimenting with the snfrv2r3 command line scanner from the latest distribution files. This is the demo license. There are a number of sample scripts, examples, and installation procedures listed here in the wiki. For simplicity, our documentation always refers to the demo files, license ID and authentication code. Once you purchase your subscription your license ID and authentication code will change. The license ID and authentication code always go together like a lock and key.
- Technology Demonstrator License ID: snfrv2r3
- Technology Demonstrator Authentication Code: xnk05x5vmipeaof7
How to install your registered license
Once you've got all of the bugs worked out and you are happy with your results, purchase a subscription and wait for your update notifications to begin. Update notifications usually begin within a few hours (max 24) of your online purchase. Your update notifications will contain your registered license ID, authentication string, login and password information, and urls where you can download your rulebase file(s), download helpful tools, and upload your log files. Once you have your registration information proceed with the following steps to install your licensed rulebase:
1. Rename your executable file to reflect your new license ID. The license ID from the distribution file was sniffer2, so the executable was named sniffer2.exe. You can tell your license ID by looking at the name of your rulebase file, for example abcd1234.snf. If your new license ID is abcd1234 then rename your executable from sniffer2.exe to abcd1234.exe. The program will now expect abcd1234.snf rulebase files and will produce abcd1234.log log files.
2. Reconfigure your email processing software and system scripts to call Message Sniffer using your new authentication code and to use the new executable and rulebase files. In general you should be able to use a change-all (be careful!) to do this so the editing can go very quick. If your new license ID is abcd1234 and your authentication code is vzyx0987pqrs5432 and you are running sniffer2 then you would:
- Change all snfrv2r3.exe to abcd1234.exe
- Change all snfrv2r3.cfg to abcd1234.cfg
- Change all snfrv2r3.snf to abcd1234.snf
- Change all snfrv2r3.log to abcd1234.log
- Change all xnk05x5vmipeaof7 to vzyx0987pqrs5432
3. Download your new rule base file using the link provided.
Once you have Sniffer set up you can test it with the junk message file in the distribution. If you copy it into an email and send it to yourself then it should trigger sniffer and you will see an appropriate entry in the log file. If you do not see a log file, or if you see errors in your log file then that would be a problem.
Do not rename the old rule base file - it will not work with the new authentication code This will generate an ERROR_RULE_AUTH condition!
Upgrading to the latest version
- 1. Make a backup copy of your current sniffer executable. [licensid.exe]
- 2. Download the latest distribution from our Distributions page.
- 3. Rename the executable from the distribution [snfrv2r3.exe] to match your license ID [licensid.exe].
- 4. Stop your SMTP service and your Persistent Message Sniffer instance (if any).
- 5. Replace the old .exe with the new one.
- 6. Restart your Persistent Message Sniffer instance (if any).
- 7. Restart your SMTP service.
If you would like to use some of the new features that require the .cfg file, and you don't already have a .cfg file in the directory with your .exe then you can copy the .cfg file from the distribution and the modify it as needed. The program identifies all of it's important files by the license ID, so yes, the .cfg file must also be named for the license ID as in [licensid.cfg].
If you already have a .cfg file in use then you should use the new .cfg file from the distribution as a reference and create a new .cfg file that does what you want.
If you don't have a .cfg file and you don't have a need for any of those features then you don't need to do anything - but you might want to copy the .cfg file just in case you want to use it later.
Known Supported Platforms
Message Sniffer is very flexible so it is easy to imagine it working with any email or message security platform. That said, there are a few platforms we officially know SNF works well with. They are listed below. If you know of any more and/or you can provide documentation and examples of how to do it then please let us know so we can add to this list.
Message Sniffer is "officially" known to work on the following platforms:
- eWall
- Imail/Declude
- Imail/mxGuard
- MDaemon
- MerakMail (IceWarp)
- ORF
- Postfix
- Smartermail/Declude
- SpamAssassin
- SurgeMail
- VopMail
For those who have custom email platforms or platforms that are not directly supported we do have guidelines for installation.
Please also check the Sniffer mail list for help with installation.
Back to Top