Functionality

Testing email content questions with Sniffer

The following was written for SNF versions prior to V3. Using version 3 you can test message files with SNFClient. (In the instructions below replace foo1bar2 with SNFClient and provide the full path to the file to be scanned. Also SNFClient does not require that you pass the authentication string, however it will ignore it if you do include it.)

If you have a question about emails that don't seem to be getting through, try this test to see if and what Sniffer is catching. If the log file shows matches for the file you scanned then those rules matched the file you scanned. If the log file shows clean then nothing matched.

1. Create a directory on C:
   
   

   c:\sniftest

2. Assuming your license ID is foo1bar2, copy your foo1bar2.exe and foo1bar2.snf files into c:\sniftest.
3. To run a test, put the suspected content into c:\sniftest\test.txt with your favorite editor. You could also copy a suspected message file if that's easier.
4. At the dos prompt: (Assuming your authentication code is: abcd1234qrst5678)
   
   

   c:
   cd \sniftest
   del foo1bar2.log
   foo1bar2.exe abcd1234qrst5678 test.txt

5. Then open the log file with your favorite editor to see the results. The log file will be: c:\sniftest\foo1bar2.log. (Note that we delete the log file before running our test so that the log will only have our test results in it. Be sure only do this in the special testing directory - NOT in your normal sniffer directory.)
6. The log file will tell you what rules matched (if any) and what symbols were involved. To see what Sniffer would have returned look for the Final line. If you don't have a Final line, and instead have a clean line then no rules matched.