Re: [Assp-user] whitedomains.txt

(@|.)wsj.com will match @wsj.com and all subdomains FYI, I generally use DKIMWLAddresses where possible, instead of WhitelistedDomains. For a domain like WSJ.com, it's perfect since I know that nearly everything is DKIM signed from (and by) them. The (@|.)wsj.com syntax was suggested Thomas for

Re: [Assp-user] No CountryCode/Organization

(Ich habe Ihre Frage mit Google Übersetzer ins Englische übersetzt und übersetze meine Antwort für Sie automatisch vom Englischen ins Deutsche am Ende meiner Antwort) I translated your question into English using Google translate and am auto-translating my reply for you from English to German.

Re: [Assp-user] Still confused about whitelisting ip addresses.

You've got a bunch going on here. First, take a look at the noRBL entry. You could exclude the single IP from having DNSBL used. You could also list the Ip in whiteListedIPs, which is just a list, not something through DNS. If there's a reason you have to use DNSBL, you'll need to be able to

Re: [Assp-user] SpoofedSender flagged when they should not be

al would be to have a setting in which there is a ' > noSpoofingCheckSPF' option? > If the sender IP is included in SPF, then perform noSpoofingCheck > This could simply be just a yes/no question or a file listing of the > domain(s) that would reference the SPF record for the check? > > Sug

Re: [Assp-user] SpoofedSender flagged when they should not be

ving this in place. This is why I'm think the SPF record should already > cover this (at least at the domain level). > > Brian S > > -- > *From: *"K Post" > *To: *"For Users of ASSP" > *Sent: *Wednesday, September 2

Re: [Assp-user] Mail analyzer question

Hi Farokh, Right or wrong, if an analyzer doesn't show me what's needed, I generally will look in the full log. I search by message-ID. On Tue, Sep 28, 2021 at 9:02 AM Farokh - Best Tech Service, LLC < far...@besttechsvc.com> wrote: > OK, got it. > > My question then is how do I determine why

Re: [Assp-user] SpoofedSender flagged when they should not be

o be able to > sent from the IP address noted in the log. > > > *From: *"K Post" > *To: *"For Users of ASSP" > *Sent: *Wednesday, September 22, 2021 2:39:16 PM > *Subject: *Re: [Assp-user] SpoofedSender flagged when they should not be > > Is SubZeroCompanySto

Re: [Assp-user] SpoofedSender flagged when they should not be

Is SubZeroCompanyStore.com listed in localDomains? I don't follow what you mean by domains being "list in the TXT record." Are you talking about the SPF TXT record in DNS? On Thu, Sep 16, 2021 at 5:28 PM EPI Tech wrote: > I keep having similar issues show up in my logs which is causing issue

Re: [Assp-user] STARTTLS - connection randomly timeout (outlook imap error)

Just my 1 1/2 cents: I'm not sure why you needed to (or would want to) disable ssl on port 25, but setting Disable SSL on listenports: 25 will make it so that outside smtp servers communicate with you without encryption. Outside centers always deliver on port 25, and won't try 587 or any other

Re: [Assp-user] subject tagging with spam

Hi Eric, Under "TestModes and SPAM Tagging"you'll see: Prepend Spam Subject (spamSubject) and Prepend Spam Tag (spamTag) The spamSubject gets prepended to the message's subject if you're in testmode or when a message score is above PentaltyMessageLowLimit. That's why you're seeing [SPAM]

Re: [Assp-user] PDF Scanning

ht now, so I may want to start > doing that - do you know what I need enabled in ASSP to store the entire > email and attachments? Is there an automated cleanup of those files, > say after some time period? > > Thanks! > > - Bob > > On 3/13/2020 11:05 AM, K Post wrote: >

Re: [Assp-user] PDF Scanning

costs > > There are currently two of these systems running since nearly one year. A > small one on VMWare ESXi 6.7 and one on ProxmoxVE for ~800 office users. > > I plan offer this as a cloud service within this year. > > Thomas > > > > Von:"K P

Re: [Assp-user] PDF Scanning

This is incredible! Can you give some detail on what the system is that does this analysis, scoring, etc. Then once confirmed okay, how does the user get the attachment that's been cleared? This would be a HUGE benefit to my user base. There's tons of pdf's that I'm releasing on a daily basis.

Re: [Assp-user] Excluding one domain from ASSP rules

Are you sure that you've got the MX records / record for the domain set correctly? If mail is hitting ASSP, it should be in the logs. On Sun, Jan 26, 2020 at 2:47 AM maurizio--- via Assp-user < assp-user@lists.sourceforge.net> wrote: > Hello > > I have here a mail server thal will handle 5

Re: [Assp-user] Regular expression to identify malformed FROM: header

and it works GREAT. On Sat, Dec 22, 2018 at 12:00 AM Thomas Eckardt wrote: > The current development version has a new feature to detect such mails. > > 2018-12-03 > fixed in assp 2.6.2 *Fortress* build 18337: > > added: > > - 'DoNoFromSelect','Select Checks for From: and Sender: Header' >

Re: [Assp-user] assp developent has switched perl base

eps http://search.cpan.org/dist/ > perl-5.24.0/pod/perldelta.pod > Maintening Strawberry Perl for assp is much more easy than Active Perl - > except the installation of NetSNMP::agent, which needs a MSVC compiler > instead of gcc. > > Thomas > > > > > > Von:K P

Re: [Assp-user] assp developent has switched perl base

t; > > -- or are you suggest Strawberry for Windows (which I've never touched)? > > On Mon, Jan 2, 2017 at 11:34 AM, K Post <*nntp.p...@gmail.com* > <nntp.p...@gmail.com>> wrote: > Thanks for letting us know. Has any testing been done with 5.24.1 Per > ActiveState on

Re: [Assp-user] Any Outlook users out there? Reporting / analyze question

Can any of you report back on this? THANKS On Sun, Dec 4, 2016 at 4:32 PM, K Post <nntp.p...@gmail.com> wrote: > I'm curious if there are any ASSP admins out there who use Outlook on a PC. > > We're having 2 minor issues with Spam/NotSpam reports sent from Outlook > and I'm

[Assp-user] For Jay: "Tangerine" email

Jay, ASSP doesn't have a bias built into it against any particular word I believe your problem is that your bayesian or HMM database is inaccurate, and probably too immature to be used if the appearance of a single word causes a rejection. - or the scoring and thresholds you've set isn't good.

Re: [Assp-user] Postfix -> ASSP -> Postfix on one server - ideas?

ASSP should be the first hop, internet -> assp -> MTA (exim, postfix, whatever). If you put an MTA first, it might work, but it won't work well. ASSP wouldn't be able to do most of its IP based analysis for example. On Thu, Oct 13, 2016 at 9:41 AM, wrote: >

Re: [Assp-user] get more protection from ransomeware

Never mind on my question on the SaneSecurity.Foxhole prefix. The example signature names at http://sanesecurity.com/foxhole-databases/ explain it a bit, though I don't understand how it works. No matter. --

Re: [Assp-user] get more protection from ransomeware

le ClamAV definitions: > > https://github.com/extremeshok/clamav-unofficial-sigs > > -Original Message- > From: K Post [mailto:nntp.p...@gmail.com] > Sent: 27 September 2016 15:51 > To: For Users of ASSP > Subject: Re: [Assp-user] get more protection from ransomeware

Re: [Assp-user] get more protection from ransomeware

I'm ashamed that I missed the .js / .exe at the end of the regex. Makes total sense now!! And absolutely, I'm in favor of multiple layers of scanning / protection. ClamAV, AFC, Exchange scanning, server scanning, and multiple levels of workstation scanning still isn't enough! Is there a reason

Re: [Assp-user] get more protection from ransomeware

I concur with this great tip. I've been using foxhole js and file for a while now with great success. I'm afraid of foxhole_all.cdb, as they say there's a high likelihood of false positives. Has that not been your experience? I don't quite understand the point of your own signatures. Doesn't

[Assp-user] Win32 Smarthost alternative to MS IIS SMTP

With Google now flagging messages as unencrypted in users' inboxes, I've decided that it is time to retire our ever trust Microsoft IIS Virtual SMTP Server. She's been good to us, but doesnt support optional outbound TLS (it's either always on or always off). I'd love to hear what servers the

Re: [Assp-user] [OT] Extreme slow on bigger emails

So I guess the problem is bigger than just gmail inbound TLS encrypted mail for some. The question becomes, "Why?" Why is is slow/unusable for some, but not others? I suspect there are lots more installations run by people who don't participate here who are experiencing the same type of

Re: [Assp-user] [OT] Extreme slow on bigger emails

I'm talking TLS over SMTP, right over port 25 for inbound email. On Tue, Sep 13, 2016 at 2:36 PM, Tanstaafl <tansta...@libertytrek.org> wrote: > On 9/13/2016 2:09 PM, K Post <nntp.p...@gmail.com> wrote: > > For clarification, the issue I see is with multi-megabyte fi

Re: [Assp-user] Extreme slow on bigger emails

trouble specifically with gmail TLS connections. If you have something useful to add to that discussion, great, if not please go be bravado elsewhere. On Mon, Sep 12, 2016 at 2:17 PM, James Moe <ji...@sohnen-moe.com> wrote: > On 09/12/2016 07:55 AM, K Post wrote: > > Gmail's m

Re: [Assp-user] Extreme slow on bigger emails

I can't stand that people email large files, but they do - and regularly. Gmail's max message size is 25mb I believe. At around 15mb things become too slow here and gmail times out. I'd guess my convert::scalar module's fine, as if TLS isn't on, the messages fly though without issue. Looks

Re: [Assp-user] Extreme slow on bigger emails

he one in the MX-record (both are equal) are valid for this > certificate and the certificate itself is also valid! > > The strongest possible encryption was negotiated: TLSv1_2 , > ECDHE-RSA-AES256-GCM-SHA384 > > You can see - it is working perfect - even with gmail.

Re: [Assp-user] Extreme slow on bigger emails

-standard? On Thu, Sep 8, 2016 at 2:37 AM, Thomas Eckardt <thomas.ecka...@thockar.com> wrote: > >But what happens when they start sending > from another IP? > > Than, the SPF record is changed. > > Thomas > > > > > > Von:K Post <nntp.p...@g

Re: [Assp-user] Extreme slow on bigger emails

This sounds similar to what I'm seeing with gmail mails when TLS is on. It's hard for me to believe that Google would be doing something completely non-standard. I can't see there being a chance that they'd have some setting that makes outgoing mail slow for them, though I suppose it's

Re: [Assp-user] ASSP_AFC 4.34 released

ust released. On Thu, Aug 18, 2016 at 6:08 PM, K Post <nntp.p...@gmail.com> wrote: > Nope, even with the ASSP.pl tweak, I'm still getting > > Aug-18-16 18:06:33 Warning: got unexpected signal SEGV in Worker_2: > package - ASSP_AFC, file - c:/ASSPPlugins/ASSP_AFC.pm, line - 195

Re: [Assp-user] ASSP_AFC 4.34 released

Nope, even with the ASSP.pl tweak, I'm still getting Aug-18-16 18:06:33 Warning: got unexpected signal SEGV in Worker_2: package - ASSP_AFC, file - c:/ASSPPlugins/ASSP_AFC.pm, line - 1959! On Thu, Aug 18, 2016 at 5:47 PM, K Post <nntp.p...@gmail.com> wrote: > I'm running Perl 5.20.1 o

Re: [Assp-user] ASSP_AFC 4.34 released

I'm running Perl 5.20.1 on Windows and even with AFC 4.35 I'm getting LOTS of Aug-18-16 17:37:06 Warning: got unexpected signal SEGV in Worker_1: package - ASSP_AFC, file - c:/ASSP/Plugins/ASSP_AFC.pm, line - 1959! I'll try the ASSP.pl modification, but wanted to raise a flag since you

Re: [Assp-user] Whitelist & spam

Do you have ups.com in whiteListedDomains? The line: Aug-18-16 12:46:17 m1-17176-01346 [Worker_3] 83.110.218.163 < rosalyn.backman...@ups.com> to: s...@seniorennet.be Whitelisted sender Domain: @ups.com leads me to believe that you do. On Thu, Aug 18, 2016 at 7:44 AM, Andy Knuts

Re: [Assp-user] ASSP_AFC 4.34 released

Thanks. Will there be an update to 3.x? Or can we just use 4.x without using/paying for the smime portion? On Mon, Aug 15, 2016 at 2:23 AM, Thomas Eckardt wrote: > Hi all, > > The ASSP_AFC plugin version 4.34 is released at CVS and SF download. > > It contains

Re: [Assp-user] Parameter OutgoingBufSizeNew not applied in ASSP 2.4.7?

maxsize paired with MaxRealSize On Thu, Jul 28, 2016 at 2:25 AM, Nguyen Nang Thang wrote: > Hi, > > We deployed an email system using ASSP as an Email Gatewy for Inbound & > Outbound SMTP traffic > Our topo: Internet <-> ASSP <-> Internal Email Server <-> Mailbox. > >

Re: [Assp-user] How do you guys manage the spam/notspam folders?

>the spam/notspam folders are growing rapidly so I will need to write a script to wipe old items regularly since ASSP doesn't do this if I'm not mistaken? See Max Files (*MaxFiles*) and Maintenance for Bayesian Collection (*MaintBayesCollection*) Set MaxFiles the the approximate maximum number

Re: [Assp-user] SAN ssl suport

I've got ASSP 2 running with a wildcard certificate, but not a SAN certificate. FYI - I'm having very bad TLS slowness. I wonder if it's the certificate... On Thu, Jun 16, 2016 at 8:52 AM, Ethical Host - John MacKenzie < j...@ethicalhost.ca> wrote: > Hi All > > > > Does either version of assp

Re: [Assp-user] Email flow question

The confidence on this message is 0.000. Provided that is less than baysConf, the normal score for bayesian spam is cut in half (And apparently rounded up to the next whole number) On Fri, Apr 29, 2016 at 1:48 PM, Jay wrote: > Good day. > I just wanted to thank everyone

Re: [Assp-user] Email flow question

Jay, Just a general suggestion. The defaults in ASSP are a good general guide of what the settings should start out as in my experience. If you want to tweak later, fine, but start our using defaults. Grow the database and correct it. If you don't fully understand a setting, don't change it

Re: [Assp-user] Additional My-Name-Definitions (myNameAlso)

enabled for outgoing mail. > That the analyzer shows these results is not nice, but can't be changed. > > And NO, if the mail is forwarded as attachment, assp ignores the real mail > header, it uses only the mail header from the attachment (if there is > one!). > > Thomas > > > > &g

Re: [Assp-user] Additional My-Name-Definitions (myNameAlso)

blem" (IMHO like every other mail > client) with the simple forwarding to the report addresses, I've written > an agent that converts the reported mail to a comressed attachment and > sends it to assp. > > Thomas > > > > Von:K Post <nntp.p...@gmail.com> > A

[Assp-user] Additional My-Name-Definitions (myNameAlso)

Should we list other non-ASSP servers in Additional My-Name-Definitions (myNameAlso) For example: exchange server names. smarthosts, the real SMTP server, etc My question is prompted by seeing spam report analyze reports showing things like the below under bad prob. ourcharity org 0.991

Re: [Assp-user] A few questions on ASSP.....

ized at any point. > > Perl -v shows this on our version: > perl 5, version 16, subversion 3 (v5.16.3) built for > MSWin32-x86-multi-thread > > So no 64bit flag turned on when it was compiled and distributed by > ActiveState. > > > On 3/16/2016 12:24 PM, K Post wrote:

Re: [Assp-user] A few questions on ASSP.....

>I may just leave HMM off and run with it. That makes me sad. HMM is really good. Worth fixing. On Thu, Mar 17, 2016 at 11:48 AM, Jay wrote: > I appreciate the advice and input. I don't suspect hardware just yet, > since the mail server software runs on the same box and has

Re: [Assp-user] A few questions on ASSP.....

rent) to 5.5.48 but I am not totally > convinced this will be the answer to the issue we dealt with. Could it be > that my HMM table is corrupt? > > K Post, what version of MySQL are you running? > > > On 3/16/2016 2:30 PM, K Post wrote: > >> I'm no expert here, but I don't

Re: [Assp-user] A few questions on ASSP.....

Thomas, this is your baby and we will honor your requests. Would a discussion like this be better suited on the seemingly less used ASSP forum at sourceforge? http://assp.sourceforge.net/forum/ Somewhere else? Not at all? Jay, I won't speak for the rest of us, but I personally didn't get the

Re: [Assp-user] Problem with sending Mails to particular Server

I don't see an attachment. Can you post it as text and maybe info from the log? On Wed, Jan 13, 2016 at 6:17 PM, Manuel Weikert wrote: > Hi list, > > i'm using ASSP in front of a MS-Exchange Server. > I have a problem with sending mails to just one special Server:

Re: [Assp-user] Analyze report

We always forward as an attachment from Outlook. It's been an ongoing problem, but I don't have the luxury of time to figure out what's what. The email goes out via exchange, to ASSP as a smarthost. It seems to hit the corpus just fine, but the report email (the one that gets emailed to the admin

Re: [Assp-user] Analyze report

Jay, what's the last version you ran that had this info? My analysis reports have been broken for months, but Thomas can't reproduce either. I'm wondering if it makes sense for us to compare our setup. On Tue, Sep 8, 2015 at 11:27 AM, Jay wrote: > Since updating our ASSP to

Re: [Assp-user] Issues with BerkeleyDB on Win2012 - webUI unresponsive when enabled.

Not that this is going going to be particularly helpful but I ran into similar problems, I think with HMM and Bayesian refusing to work properly and the admin gui not working with Berkeley on Win2012 R2. I wound up giving up and using MySQL. I've never looked back. We're not super high volume

Re: [Assp-user] Headerlength error odd situation

It appears that ASSP is detecting an unusually large header. I wonder if the c@ email is just barely slipping trhough. Is the b...@mydomain.com address longer than the c...@mydomain.com address? is the person's name longer? Subject length? Is DKIM being used? Lots of relay servers? Maybe

Re: [Assp-user] I think I'm doing something wrong

an asspanalyze result to the list? Thanks, Miles -Original Message- From: K Post [mailto:nntp.p...@gmail.com] Sent: 01 June 2015 14:51 To: For Users of ASSP Subject: Re: [Assp-user] I think I'm doing something wrong I've always used subject name logging for that very reason, but the random

[Assp-user] NoProcessing RE mails still being processes??

I've got a couple addresses in npRE like this receipientname@ourcharity\.org volunteer\-application@ourcharity\.org I don't know how long this has been going on, but it appears that spamemrs have hold of one of these addresses, the one with the hypen in it. (this is happening with the latest

[Assp-user] Honeypot addresses, any way to bypass extremepb?

I've setup a couple honeypot subdomains. My intention is to use them to gather more and more varied spam messages. This might just be a case of ASSP not being intended for this, in which case I'll just kill the subdomains or donate them to project honeypot. ..or I could just be doing it wrong.

Re: [Assp-user] I think I'm doing something wrong

recommend. I'll have to switch back to subject name logging first. I do appreciate this! Miles -Original Message- From: K Post [mailto:nntp.p...@gmail.com] Sent: 29 May 2015 15:32 To: For Users of ASSP Subject: Re: [Assp-user] I think I'm doing something wrong I agree with your

Re: [Assp-user] Country Cache Refresh Interval (SBCacheExp)

if there is something I am missing in the config for ASSP. We have been running the same config for years, so it just puzzles me why all of the sudden now. Is there something else I am missing? Just seems really odd. On 5/29/2015 10:36 PM, K Post wrote: I BELIEVE that the SBCachePB is the cache of country

Re: [Assp-user] Help determining known good helo scoring

0.09 - 0.20 are the possible values for good HELO's in spamdb.helo - in my case 100% have a value of 0.2 10 is a fixed factor Terrific info! Thank you. Assuming a fixed factor of 10 for BAD helos, and again between 0.09 and 0.20, is does it make any sense to indicate this in the hlValance

Re: [Assp-user] Unable to log into web admin interface

What version of ASSP? What OS? Have you tried to use the gui from the machine itself? Have you tried telnetting to the admin port? What do you have listed for allowAdminConnectionsFrom? How about webAdminPort? If just a port number, can you try http://127.0.0.1:adminport or https?? Any

Re: [Assp-user] Country Cache Refresh Interval (SBCacheExp)

I BELIEVE that the SBCachePB is the cache of country codes matched to ip's along with the other SenderBase info. The cache helps reduce ASSP workload by not looking up the country or network names for ip's that are in the cache already. Whether they're blocked or not depends on DoCountryBlocking

Re: [Assp-user] ASSP goes zombie of a couple of days

Any one? I can't help with the specific problem, but you're using a v1 from around 7 months ago. Have you considered looking at version 2? -- ___ Assp-user mailing list

Re: [Assp-user] I think I'm doing something wrong

I agree with your analysis of the problem. Why it's happening, I can't say - I'm sure Thomas will chime in, but in the interim, if you're not fining HMM reliable (please check more than just the 1 message) consider turning it to monitor mode instead of scoring/blocking so that the HMM

Re: [Assp-user] Help determining known good helo scoring

Thanks, again this is mostly just curiosity, so please reply only at your convenience. Things here seem to be working, I just would like to get a better grasp on the concept so that I can figure out if I should be adjusting hlValancePB for my installation. 0.2 * -10 = -2 -2 [[ your weight

[Assp-user] Help determining known good helo scoring

I've read and re-read the GUI. I've looked through the code. I can't figure out where weight is -2 is coming from in my log sample below. I'got hlValancePB (Blacklisted/Good HELO) set to the default of 20. In the log, I see messages getting -40 for a known good helo. From what I can figure

Re: [Assp-user] ASSP_AFC.pm 3.15 released

Erick- FYI-Log searching seems fine in my test lab with the newest assp and ASSP_AFC.pm I know that's not much help to you, but thought you'd want to know that all seems fine. Check your versions?? On Thu, May 14, 2015 at 12:11 PM, Global411.net global...@global411.net wrote: Any way to fix

Re: [Assp-user] migrating question

Database or flat files only? On Sat, Apr 11, 2015 at 12:20 PM, PlusPlus Internet Solutions LLC plusplushost...@gmail.com wrote: Hi guys, Im about migrating two servers running ASSP, and im merging both servers in another one. My question is if there is any way to merge the whitelist,

Re: [Assp-user] Massive spam getting through

Jay, my reply was meant for Scott - he should have received it as part of this list. On Tue, Mar 24, 2015 at 4:21 PM, Jay h...@herodata.com wrote: Thanks for the reply K Post. I was just adding to the thread to give Scott some other areas to look into. I know I had struggled

Re: [Assp-user] Massive spam getting through

those files and created a new text file that I manage on my own. On 3/23/2015 8:02 PM, K Post wrote: I've got to believe that the majority of us who are using ASSP are having great results with it. I know that I sure am. What version are you running? What features are you using? Have

Re: [Assp-user] Massive spam getting through

I've got to believe that the majority of us who are using ASSP are having great results with it. I know that I sure am. What version are you running? What features are you using? Have you looked through your spam collection and if so are there lots of miscategorized mail in spam and notspam?

Re: [Assp-user] Different versions

You couldn't make 0.39 available? :) On Sat, Mar 14, 2015 at 4:57 AM, Thomas Eckardt thomas.ecka...@thockar.com wrote: https://sourceforge.net/projects/assp/files/OldFiles/ - this requires a SF login http://assp.cvs.sourceforge.net/viewvc/assp/assp2/ Thomas Von:William L.

Re: [Assp-user] Different versions

FY: SourceForge does have some previous versions, but they seem to only go back to January http://assp.cvs.sourceforge.net/viewvc/assp/assp2/assp.pl?view=log I've not seen this request since I've been using ASSP, but if enough people need it, maybe Thomas could create a Old Versions folder at SF

Re: [Assp-user] How do block helo/ehlo

and invalidFormatHeloRe are for this. invalidFormatHeloRe - add something like ylmf-pc=a very high score Thomas Von:K Post nntp.p...@gmail.com An: For Users of ASSP assp-user@lists.sourceforge.net Datum: 02.03.2015 17:32 Betreff:Re: [Assp-user] How do block helo/ehlo ylmf-pc

Re: [Assp-user] How do block helo/ehlo

ylmf-pc is a known brute force attack. Why they're using all the same helo string is beyond me, but this has been going on for over a year. I don't think that there's a way to drop a connection based on HELO, though I'll yield to Thomas' input on that. I'm no expert but I believe that it should

Re: [Assp-user] ASSP Tuning

From what I can tell, the simple answer is that the total message score is too low. I wouldn't suggest assigning a negative value for an SPF match. We assign 10 if SPF doesn't match, but we don't reward SPF matches. I know that -10 is the default, but I feel like a lot of spammers pass SPF now

Re: [Assp-user] Problems with BombRe after upgraded to 2.4.3(14349)

Does 150025 help? I've only got this running in a lab, not enough to test yet. On Tue, Feb 10, 2015 at 3:57 PM, Daniel Miller dmil...@amfes.com wrote: I'm having the same problem - at this point I've disabled all regex checks as a result. No matter what I set either in the Do xxxChecks for

Re: [Assp-user] Q: How to configure ASSP to only check the most recent received header against a Black List

Hi John- Thomas sent me a message a while back answering the same question. If you think, this feature does not working well, you are free to start assp with the 'enhancedOriginIPDetect:=0' switch or to modify the 'CorrectASSPcfg.pm'. On Mon, Oct 31, 2011 at 7:21 PM, John H. Nyhuis

Re: [Assp-user] ASSP Block Reports

You should be able to do a request like: *@*=yourem...@domain.com=1 to send everything in a single email to your address. Hope this helps. On Fri, Jun 24, 2011 at 9:40 AM, Paul Farrow a...@thefabfarrows.com wrote: Ok so I got the block reports going and it was down to who I had as the

Re: [Assp-user] Can someone clarify how many times a message gets delayed please

replied 3 times within the 5 minutes and the fourth try was outside the 5 minutes so it got in. I understand fully now. Thank you so much for explaining that. Cheers Paul On Tue, 7 Jun 2011 08:11:05 -0400, K Post wrote: It only gets delayed once IF the retry occurs after the delay

Re: [Assp-user] Can someone clarify how many times a message gets delayed please

It only gets delayed once IF the retry occurs after the delay period you specify. What do you have set for DelayEmbargoTime? 5 minutes is the default, though I reduced this to 2 minutes which seems to work just fine for me. For example, if you've got it set to 5 and the server tries after 4

Re: [Assp-user] SPF validation on white listed users

Just a FYI, I've seen spammers try mx-out.facebook.com as the helo. -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact

Re: [Assp-user] Need help

. On Wed, Jun 23, 2010 at 6:52 AM, Charles Marcus cmar...@media-brokers.comwrote: On 2010-06-22 4:43 PM, K Post wrote: Is there a way for ASSp to log the username sent when smtp-auth is used? That would (should) be in your MTA logs. ASSP doesn't have to reproduce every wheel... -- Best regards

Re: [Assp-user] Need help

If the MTA doesn't log it then the MTA's logging is broken. Or it's not set to log Or it's on a different system and the assp admin doesn't have access to it (this was the case back in the day when I was in the corporate world) Broken or not, all I'm saying is that it would be easier to track

Re: [Assp-user] Need help

Is there any way that ASSP can be coded to provide oxygen or does it do this already? -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit.

Re: [Assp-user] Need help

Is there a way for ASSp to log the username sent when smtp-auth is used? On Tue, Jun 22, 2010 at 4:13 PM, Grayhat gray...@gmx.net wrote: That ip is not Local to us, so why is assp thinking it is? stolen credentials

Re: [Assp-user] Sending domain

Under the Email Interface put the full email address (domain included) in the EmailFrom field. On Tue, Jun 8, 2010 at 9:47 AM, Anthony asale...@tpg.com.au wrote: I am trying to use Blockreporting but the email appears to be sent from asp.local instead of mydomain.com..how do i change it so

Re: [Assp-user] Regex help please.

Just so that I understant, you're not looking for an email that has: Sales test Anotherword Stotoblock Ihatespam but instead anthing that is either: Sale test Sales anotherword etc... and you only want the regex to be multiline so that it's easier to edit in the admin interface? (I don't think

Re: [Assp-user] Regex help please.

it. Paul K. Dickson Systems Administrator Interagency Information Technologies Frederick County Government Frederick, MD 21701 pdick...@frederickcountymd.gov 301-600-2399/x12399 From: K Post nntp.p...@gmail.com Reply-To: For Users of ASSP assp-user@lists.sourceforge.net Date: Wed, 2 Jun

Re: [Assp-user] Round Robin DNS

Thanks for the info Fritz! On the mx records, I was talking about how you have DNS setup for inbound email. On Fri, Apr 23, 2010 at 11:38 PM, Fritz Borgstedt f...@iworld.de wrote: For Users of ASSP  assp-user@lists.sourceforge.net schreibt: 1) Am I correct that the 2 slaves simply copy the

Re: [Assp-user] Round Robin DNS

In DNS, there are MX records. For example, for your domain they are gate01 and gate02. gate01 has a preference of 10, which means that SMTP servers will try that host before gate02, which has a preference of 30. What I'm trying to determine is how you have MX preferences set for your 3 assp

Re: [Assp-user] Round Robin DNS

I understand now, I didn't know that you were talking about DNS there. Appreciated. -- ___ Assp-user mailing list Assp-user@lists.sourceforge.net

Re: [Assp-user] How to tell version status

funny, before reading this thread, I had the same thoughts and just made a suggestion to change the numbering schema a bit. On Fri, Mar 12, 2010 at 1:02 PM, Scott Haneda talkli...@newgeo.com wrote: On Mar 11, 2010, at 1:21 PM, PMW-Troy wrote: Scott, AFAIK, you cannot determine the release

Re: [Assp-user] ASSP 1.7.1.0 released

Hi Fritz. You've got Blackish Whitish Addresses** (blackAddresses) and Black Green Addresses** (blackAddresses) both seem to use blackAddresses. Also, can you explain a bit as to what black, green, blackish, and whitish are? Thanks

Re: [Assp-user] Regex question.

, 2010, at 12:33 PM, K Post wrote: Make sure you use a backslash ( \ ) not the forward slash that is listed below. On Mon, Jan 4, 2010 at 1:15 PM, Scott Haneda talkli...@newgeo.com wrote: /% OFF I would escape the percent. While I am not aware of the percent having special meaning, you can

Re: [Assp-user] Regex question.

Make sure you use a backslash ( \ ) not the forward slash that is listed below. On Mon, Jan 4, 2010 at 1:15 PM, Scott Haneda talkli...@newgeo.com wrote: /% OFF I would escape the percent. While I am not aware of the percent having special meaning, you can safely escape any character you desire

Re: [Assp-user] Blacklists

Here's the list from grayhat I believe that karamsphere is no longer. I've also found that the five-ten-sg has a lot of IP's like constantcontact on it. Hope this helps. zen.spamhaus.org=1 bl.spamcop.net=1 ix.dnsbl.manitu.net=1 combined.njabl.org=1 dul.dnsbl.sorbs.net=1

Re: [Assp-user] Blacklists

Thanks for the update and explanation! On Sun, Nov 8, 2009 at 12:53 PM, Grayhat gray...@gmx.net wrote: Here's the list from grayhat   I believe that karamsphere is no longer. Yes, karmasphere is discontinuing service, so remove it; also, my current DNSBL setup is the following

[Assp-user] SenderBase explanation please

I'm just getting started with a version of ASSP (2.0.1 rc 0.4.19) that supports SenderBase. My previous installation (1.4) didn't have this functionality. I'm trying to find some documentation on it, but I can't seem to find any. My questions are: 1) I'd like some explanation on the whiting