Home · Products · SNF Milter

Products

Message Sniffer Milter

Message Sniffer (SNF) is an intelligent anti-spam scanner that uses advanced pattern recognition and collaborative learning technologies to accurately identify spam, scams, viruses, and other email borne malware at your email server or gateway (before it gets to your inbox).

SNFMilter is a Unix (g++ source) based milter that connects postfix or sendmail MTAs directly to the SNFMulti engine. SNFMilter also provides an XCI interface when operating for use with SNFClient for GBUdb manipulation, status reporting or other functions.

  Free 30 Day Trial
Sign Up Now!



 
Step 1: Sign Up for 30 Day Free Trial!Step 2: Download Software!Step 3: Install Software on Your Server!Step 4: Purchase a Subscription!

The Message Sniffer software is designed to be installed on an email server or filtering appliance. Message Sniffer is driven by a professionally managed rulebase, available via subscription, that is continuously monitored and updated by intelligent machines and highly trained analysts. This teamwork between synthetic intelligence and extraordinary people reduces your administrative workload to a minimum and allows SNF to respond quickly (within minutes) to new threats while also predicting future hazards so they can be blocked before they arrive.

The Message Sniffer software has two components: SNFServer and SNFClient. SNFServer provides message scanning and collaborative IP reputation services (GBUdb) via the XCI protocol. GBUdb responds quickly to emerging threats and saves system resources by providing IP blocking information and modifying message scan results in real-time. SNFClient provides a command line interface to SNFServer via the XCI protocol. The SNFClient utility can be used to connect SNFServer to virtually any email server or filtering system that supports external antispam and antivirus tools.

SNF accurately captures more than 99% of spam without tuning. We calculate this statistic from real-world data collected by our monitoring system using system telemetry, data from spam-traps, user submissions and a comparative analysis with several dozen high quality spam tests.

In addition, Message Sniffer's highly optimized engine has very modest hardware requirements and typically uses only a small fraction of the resources required by other engines. (SNF typically has less than 10% of the CPU requirement of SpamAssassin when processing the same message stream!)

Message Sniffer is used by ISPs, ASPs, SaaS providers, spam filtering services, antispam appliance vendors, schools, businesses, and consultants worldwide to protect systems from spam, scams, viruses, and other email borne threats.

Learn More about what Message Sniffer is and how it works.

We have designed Message Sniffer (SNF) to be a complete anti-spam solution for your email servers. Let us help you reduce the time and effort you spend dealing with spam.

  • Anti-Spam & Anti-Virus
  • Anti-Malware & Anti-Spyware
  • Anti-Spoofing & Anti-Phishing
  • Automated Tuning
  • Collaborative Learning
  • Multi-Platform
  • No Per User License Fee
  • Free Responsive Support
  • Fail Safe Design Strategy
  • Low False Postive (FP) Rate
  • Interactive FP Resolution Process
  • High Availability, Continuous Monitoring
  • Highly Adaptive Rulebase System
  • Continuous Automated Updates
  • Works With ANY Email Server
  • Low Use of System Resources

Read more about the Full List of SNF Features.

SNFMilter provides filtering services through the milter interface at two points in an SMTP conversation. At connection time actions can be associated with specific GBUdb ranges. After each message is received (but before it is accepted) actions can be associated with specific SNF scan results.

At Connection Time

The connecting IP is checked against the local GBUdb data. The following options can be configured (defaults are bold):

  • GBUdb White Range - Accept, Allow, Retry, or Reject
  • GBUdb Caution Range - Accept, Allow, Retry, or Reject
  • GBUdb Black Range - Accept, Allow, Retry, or Reject
  • GBUdb Truncate Range - Accept, Allow, Retry, or Reject

After DATA but before accepting the message

A simulated local Received header is created and then the message is scanned with SNFMulti. This allows GBUdb drilldown directives to be used so that deeper IPs can be evaluated for their reputation. The GBUdb and content analysis data is integrated in the usual way.

After the message is scanned, scan result codes can be configured to trigger milter actions (defaults are bold):

  • Result code 20 (truncate) - Accept, Allow, Retry, Reject, Quarantine, or Discard
  • Result code 40 (caution) - Accept, Allow, Retry, Reject, Quarantine, or Discard
  • Result code 63 (black) - Accept, Allow, Retry, Reject, Quarantine, or Discard
  • Result code 1 (white) - Accept, Allow, Retry, Reject, Quarantine, or Discard
  • Nonzero Result Code - Accept, Allow, Retry, Reject, Quarantine, or Discard

Connect time and Scan time actions are configured in the <platform><milter/></platform> section of the SNFMilter.xml file. Any result code can be specifically assigned to an action. Any nonzero result code that is not speicifcally assigned is controled by the <nonzero/> action.

In general any X- headers produced by the SNFMulti engine are injected into the messages processed through SNFMilter. This allows later milters or other processes to be informed by these X- headers.

30 Day
Free Trial
Includes:
  • Free fully functioning subscription with no obligation
  • Free installation support and personalized support for tuning and customizing rulebase(s) to fit the needs of your system
Free 30 Day Trial
Sign Up Now!
ANNUAL
$495/inst/yr
Includes:
  • All Message Sniffer software updates.
  • Rulebase updates multiple times a day with the latest anti-spam rules.
  • Full support for your subscription year, including personalized support for tuning and customizing rulebase(s) to fit the needs of your system.
    Buy Now!    
SMB
$199/inst/yr*
*For Qualifying Systmes
Includes:
  • All Message Sniffer software updates.
  • Rulebase updates multiple times a day with the latest anti-spam rules.
  • Full support for your subscription year, including personalized support for tuning and customizing rulebase(s) to fit the needs of your system.
    Buy Now!    
SOHO
$99/inst/yr*
*For Qualifying Systmes
Includes:
  • All Message Sniffer software updates.
  • Rulebase updates multiple times a day with the latest anti-spam rules.
  • Full support for your subscription year, including personalized support for tuning and customizing rulebase(s) to fit the needs of your system.
    Buy Now!    
Monthly
$45/inst/mo
Includes:
  • No long term contacts. Cancel at any time.
  • All Message Sniffer software updates.
  • Rulebase updates multiple times a day with the latest anti-spam rules.
    Buy Now!    
LARGE SYSTEMS
Contact Sales
Includes:
  • All Features of the Annual Subscription
  • Special pricing and deployment options for systems needing 10 or more SNF instances for their own use.
  Learn More  
Reseller & OEMs
Contact Sales
Includes:
  • Developers who wish to bundle Message Sniffer technology with their own solutions for their privately branded products.
  • Significant discount on rulebase licensing as well as a private source code license.
  Learn More  

Your Message Sniffer subscription comes with free support to help get Message Sniffer installed on your system.

Get SNFMilter

This product is for use in a *nix environment where SNF will be integrated with sendmail or postfix MTAs as a milter. The milter also provides XCI access to support SNFClient or your own application using XCI for other scans, GBUdb manipulation, or status reporting.

The SNFMilter distribution includes:

  • snf-milter - Bash control script.
  • getRulebae - Bash script uses curl and snf2check to download SNF rulebase files.
  • snfmilter - SNFMulti engine implemented with a milter interface.
  • SNFClient - Command line utility for accessing SNFMulti engine via XCI.
  • snf2check - Validates SNF rulebase files.
  • postfix-multi-message.patch - Patch to fix postfix bug*

Note: *At the time of this writing postfix (2.6.2 and earlier) contains a minor bug. The bug affects SMTP sessions where multiple messages are transferred and a milter is attempting to quarantine messages. The postfix-mult-message patch fixes that problem. See INSTALL for instructions.