sorry. corrected.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
we are supposed to set up assp for about 8000 users.
Installations with 5 messages a day and more running fine.
Regarding testmode: The newest versions of ASSP have a lot of
different instruments to fight SPAM and we have a testmode for
everything. But it should be clear, that testmode is
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Is there any chance to add it on spamlover ?
it is already included - use Invalid Sender Spam-Lover*
-
Take Surveys.
mails which failed URIBL checks are stored in spam folder.
Is it possible to CC these mails like the Bayesian checked mails?
what is the status of
URIBL Failures
Where to store RBL Failure spam emails.
-
Take Surveys.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
What do you mean with all collecting modes have to be not 6?
In section logging (since 1.2.7 it is collecting) are the modi defined
like:
3 = spamfolder, 4 = mailok folder, 5 = attachment
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
I have this error only with spamaccount but sometimes imss don't
receive the
dot command
Do you use CCallspam ?
May be it is easier to test by using the new destination field for
ccallspam.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
I miss 8 = spamfolder ccallspam.
but is that not 3 already ?.
Please set filelogging to on. You can then better see, if store/not
store.
Show me then the log to demonstrate it.
With assp 1.2.7.2(3) I have many restarting and you ?
But this are planned restarts not crashes Do you have you field
restart every .. filled? Or do you something running which kills
ASSP on a regularly base, for me it looks like a quit from webadmin
Jan-26-07 11:05:34 Saving whitelist
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
not good :
Jan-26-07 11:57:37 Connected: 127.0.0.1:3490 - 127.0.0.1:25 -
IMSS:25
Jan-26-07 11:57:38 127.0.0.1 [EMAIL PROTECTED] invalid address
rejected:
[EMAIL PROTECTED]
Jan-26-07 11:57:38
Connected: 127.0.0.1:3490 - 127.0.0.1:25 - IMSS:25
Please use in the destination fields ipnr:port or port alone, as
described in the webinterface.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join
*
Having spent a significant chunk of last night inside the 9000+ lines
of its poorly-commented, spaghetti Perl, I can see why you would wish
that [I had said something about hoping Fritz lives forever ;: ]:
it's
very badly structured/written. Oh, some of the ideas are pretty
Jan-26-07 15:04:53 213.165.64.20 [EMAIL PROTECTED] to:
[EMAIL PROTECTED]
failed URIBL checks URIBL_Testmail_ - ./spam/9686.eml
This is not cced?
-
Take Surveys. Earn Cash. Influence the Future of IT
Join
Fritz you need to delegate more!
I need more people to delegate to! )))
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT
No!
Question to all: Are you using URIBL? Is it doing ccallspam when it
should?
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions
Could ASSP ever
Please refrain from this time wasting discussion. I cannot answer it
honestly, that is why this was asked. I actually consider this a
smear attack and think it is proving that ASSP is far ahead now ))).
fritz
I'm disappointed, Fritz. I thought it was - and still is - a valid
question.
You want from me assurances? I'm disappointed, too.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
I asked this on the primary support email list for ASSP, where I know
the primary developer of ASSP happens to reside. I asked because I
genuinely DON'T KNOW.
That cannot be answered, that is
Ok, try the last built, or we have to go back. With me everything is
running fine.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Any suggestions how I can find the contents of the message or what is
going on?
try to catch it with HeaderMaxLength
-
So are you saying increase the HeaderMaxBytes to see if the message
passes?
Current setting - HeaderMaxBytes:=10
Is this a know problem? Or am I missing the point?
No, but you said, you have everything in testmode, so you may have
headermax also in testmode .
From other reports I hear that 1.2.7.2(2) is ok.
Is somebody running it here?
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT
I'm 98% confidant that this is not possible as ASSP use to look into
local
domains and local users list files
A catch-all address is a catch-all for the domain right? you can
define just the domain in the localuser list, then everything for this
domain will pass.
the local user list may look
This is defaulted to not checked, which seems to be to be contrary to
the
Redlists previous functionality which I took to be 'does not
contribute to
the corpus'.
It has no function at the moment. It will have the right functionality
in the next built.
Hmm, it works for me. If somebody could (dis)confirm:
It is catched by Bayesian )))(((.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
shold be:
if ($uri=~/(?:[^\s\/[EMAIL PROTECTED]@)?($URICharRe+)/io) {
success:
Jan-28-07 14:39:39 193.99.144.71 [EMAIL PROTECTED] to:
[EMAIL PROTECTED] failed URIBL checks (obfuscated uri)
I setup an email address to receive the virus warning but have only
seen
phishing notices come through so far. Should I be seeing others?
yes. avbytes should be 40k.
-
Take Surveys. Earn Cash. Influence the Future of IT
TreeWalk [EMAIL PROTECTED] schreibt:
I'm seeing phishing notices and *also* worms notices; as a matter
of fact I've set my buffer to 100.000 and now the ClamAV is picking
each and every worm; about the clamwin setup; here are my clamd
config file (clamd.conf) contents
4 is sufficient.
ASSP_ip:1137 - ASSP_ip:225 - IWSS:25
You have
IWSS:25
in your smtp destination field. I bet your delaying/greylisting is
not working.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay
May I ask everybody to run the latest built, it is stable and has some
nice additional enhancements: SRS is finally working and URIBLs
deobfuscating is catching everything )).
ClamAV should have a buffersize of 100k to catch everything of the
newest virus.
My old advice of 40k is obsolet. A last
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
It seems that testmode for URIBLs at least is not working.
yep, but should work now.
-
Take Surveys. Earn Cash.
or, you you feel the urge to release it soon, call it 1.99 so it's
clear to
everybody that's just a temporary 'technological preview' version and
you're
going to realease a major new 2.0 in a month or so...
I will release it as a production version to Ged, a I always did. He
can name it as he
The problem here was, that the the activity at midnight and minutes
later was zero, i had built in a grace time of 5 minutes, now i
increased to 30 minutes. Try it, please.
-
Take Surveys. Earn Cash. Influence the Future of
The problem here was, that the the activity at midnight and minutes
later was zero, i had built in a grace time of 5 minutes, now i
increased to 30 minutes. Try it, please.
Please set the logrolltime to 2 days just to get it rolling. If you do
not do that, it may override one last time.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Sorry to be simple, but what advantage to deobfuscating provide? I
thought uribl calls/results were strait forward?
http://www.pc-help.org/obscure.htm
Matti Haack [EMAIL PROTECTED] schreibt:
I think it should be able to send those mails to the email
interface (which is not possible now).
to do what?
And if you send a mail from localuser, the recipient-adress should be
whitelisted and the message should be added to the corpus.
so no skipping
Matti Haack [EMAIL PROTECTED] schreibt:
Yes, no skipping if the sender is local.
that is already so.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to
I executed other test on a server with high mail traffic
Invalid Sender Spam-Lover* never worked (on 1.2.6 and on 1.2.7.7 too)
I reworked that part:
There are now ptrSpamLovers and mxaSpamLovers
please try it
-
Take
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
1) Relay Port example states in webinterface 127.0.0.2.
This is not possible, you need to add a port to the ip address like
127.0.0.2:25:
Jan-31-07 14:01:01 Couldn't create server socket on port
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
2) Changing Listen Port gives wrong log output.
It states two times the old value:
Request to listen on new mail port xxx:25,127.0.0.1:25 (changed
from
xxx:25,127.0.0.1:25) -- restart required;
thanks for your reply Fritz,
try the newest built please.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics
There is a new built which catches the killer. )))
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through
we made a new try.
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
yep, i know, in the moment bayesian is abolut last, so scoring does
not add to message mode.
I will fix that...later
fritz
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly
np, it's just about the last 2 percent spam to catch :-)
Try the newest built please.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to
Matti Haack [EMAIL PROTECTED] schreibt:
Defines how many bytes of a matching Regex will be shown in the log
Some matching expression are too long for one line. Default: 20
... Default is 20 in the last version.
Default is 32, description is 20 )))
what version was that? seems to be an older one?
fritz
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
(that is not catched by the bombregexp) *g
set bombregex to scoring
-
Using Tomcat but need to do more? Need to support
So.. if the spammer try again it goes on whitelist ?! It doesn't
seem good.
Does it work in this (bad) way ?
No.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with
So.. if the spammer try again it goes on whitelist ?! It doesn't
seem good.
Does it work in this (bad) way ?
It goes on the *whitelist for greylisting*, not on the *whitelist*.
-
Using Tomcat but need to do more? Need to
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
I must search for bounce delayed ?
no, you must search for delayed
-
Using Tomcat but need to do more? Need to support
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
if a message matched Bombre with an attachment (prehaps maxbytes)
there is no SMTP errors and this message is sended and sended.
Without attachment, the sender receives a Delivery Status
These netblocks cover multiple
sending domain names that you may or may not be aware of (
. http://www.senderbase.org/
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Spam Bomb Error : 500
Everybody should look through the SMTP codes in the SMTP messages,
500 is wrong for a lot of dumb servers, always use 550.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Are they RBL tested again?
why not?
-
Using Tomcat but need to do more? Need to support web services, security?
Get
Are the RBL requests sent before the TCP ACK is sent back to the
connecting
mail server?
??
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated
I was hoping they would be checked again as they may now be on one of
the
RBL lists.
There is obvious a complete misunderstanding what part
delaying/greylisting plays.
It has *nothing* to do with any checks ASSP is doing after the message
is accepted.
Is the -notick option not working anymore in the latest rebuildspamdb
versions ?
I put in in.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated
[EMAIL PROTECTED] schreibt:
Question: If you have attachment blocking on, why is it also
necessary to scan the attachment for viruses?
Answer: Because I am to slow, to do everything right the first time
(or the second).
-
[EMAIL PROTECTED] schreibt:
Thanks, got it working with kill -HUP `cat pid`. Needed a way to do a
'service assp reload' when I automatically add entries to a file of
blacklisted domains (ie. From a virus report).
That is not necessary. ASSP reloads changed files automatically.
[EMAIL PROTECTED] schreibt:
assp.cfg
is the only one, which is not automatically reloaded.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
now i even changed the 550 to 554 5.7.1 Delivery not authorized. But
it
seems sourceforge (and other hosts with whitelisted or np senders)
don't get
it.any idea ?
I have no idea. However in
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
But I liked being able to scan for certain regexes only in the header.
Some might give false positives in the body or be just useless if
scanned in the body.
sigh...
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
(and return a 55x BEFORE the data phase !)
-
Using Tomcat but need to do more? Need to support web services,
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
(and return a 55x BEFORE the data phase !)
I do not understand. The header is part of the data phase. We return
an error code before data with senderbomb.
[EMAIL PROTECTED] schreibt:
In my ASSP setup, I don't have anything in my Accept All Mail line.
Should there be?
If your users are authenticating for outgoing mails you need no
accept all mail for relaying. However you can use accept all mail
as an IP-whitelist.
Matti Haack [EMAIL PROTECTED] schreibt:
These are my stats:
Mac OSX:
ASSP Proxy Uptime: 0.314 days
Messages Processed: 17377 (55260.5 per day)
Non-Local Mail Blocked: 89.4%
CPU Usage: 33.52% (55.10% avg)
Concurrent SMTP Sessions:
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
However, postcard.exe attachments are being delivered to my catch-all
address. My understanding was that bad attachments would be bounced.
What have I done wrong?
what version are you
I would recommend that the default be changed to a 550, and that this
error response function only be used when intentionally rejecting
softfail and neutral responses. Otherwise, I think the reply code
should
be a 200.
I do not understand. When should here happen what? There is no
reply-code
I agree. Keeping it simple is probably the best approach in this
case.
ASSP is either rejecting because of a SPF return code or not. In-turn
it makes sense to have an SPF error response or not.
But it is requested that softfail and neutral are not blocking
conditions.
I think it is even more
I think the only time ASSP should send something other than a 2xx
status
for a softfail would be when the admin is intentionally failing
softfails,
we are talking only here about intentionally failing softfail and/or
neutral.
At this time
ASSP file blocking is not absolutely reliable for this reason.
With 1.2.7 my experience is different.
fritz
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly
- I think we should call the upcoming version 1.3.0
- 2.0 should be reserved for Przemek
- we need lists for the configuration
- accept all mail
-bomb regex
-
Using Tomcat but need to do more? Need to support web services,
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Is that what you meant Fritz?
yep, and his code is far more advanced than mine.
fritz
-
Using Tomcat but need to do
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
RegEx lists for files?
yep, example/starter files! especially bomb regex and accept all
I think a very expanded accept all list would ease a lot for
starters.
We are talking about that one year,
Including example starter files will also greatly expand the
audience
for this important product. Anything to make it easier for someone to
get it and go is always a good thing. Here Here!
I know. And it is always good, to have others working.
fritz
just sent italy-white to fritz.
ASSP has already ways to let IPs pass:
Nonprocessing-Re - does not add to whitelist and to notspam
Accept all mail - allows relaying and stores in notspam, adds to
whitelist
in some checks there are IP-exclusion lists:
Nodelay
Nopenalty
And ISPIP skips all
Matti Haack [EMAIL PROTECTED] schreibt:
Yes. No Processing IP Whitelist
And handle it for viruschecking etc. like the NP-RE list. So that
if you check eg. Scan No Processing Senders in Virus section, the
whitelist will also be checked
On the other hand, the NP-RE does exactly that.
Matti Haack [EMAIL PROTECTED] schreibt:
Yes. No Processing IP Whitelist
And handle it for viruschecking etc. like the NP-RE list. So that
if you check eg. Scan No Processing Senders in Virus section, the
whitelist will also be checked
May be the best would be to have both:
whitelisted-ips
so my suggestion is to start easy and default assp to use a single
list (of
known good hosts) for all 'ip pass' strategies.
I have too see besides your view what the bayesian filter needs. And
so there is a fundamental difference between a nonprocessing and
whitelisted list.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
so i think all we need is an expanded nodelay.txt that includes a few
more
large mailhubs. And use that also to bypass ip filtering (rbl,
validate
sender, PB, griplist etc)
I put in now two
different his version is,
functionality wise
The versions are close ( 80/90 %) in functionality.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated
if you return a 55x too soon (ie- in the banner) some mta (postfix
!!)
default to retry.
The example you showed has no early response. black domain is handled
after receiving the complete header.
-
Using Tomcat but need
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
now i'm curious if i'm the only to experience this kind of problem.
Looking
im my logs for blacklisted or bombh shows me a few more loops
this week.
It does not help to call this a loop.
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Thank you .
It happened because upgrading from 1.2.7 to 1.2.9
assp moved my flat list of local email from
Local Addresses
to
Accept Mail from Local Domains only
instead to move them to
Lookup
and I found my flat email list
on
Accept Mail from Local Domains only
Instead of
Lookup valid Local Addresses from here*
I confirm this.
Thanks
And i would state: just impossible.
-
Using Tomcat but need to do more? Need
in 60 days of assp usage I had 9500 SMTP Connections Timeouts (and
746684 messages processed) . Should I be worried of this high value ?
smtpIdleTimeout is completely set by you. The connection is
disconnected because there is no activity,
Set it higher ( eg 300 (seconds)) and look if the
Try the last built, i think i found something.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Sorry for that confusion, I meant ENABLED/CHECKED.
I tried adding the word [SPAM] to the Prepend spam subject field,
and
message which are obviously spam are having their subjects prepended
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Is also prepended to 'normal' spam mail, so not only CC, i don't
think
this what it should do!
set it to off
-
Using
Just give fritz a lil while
Its fixed.
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
The problem is, that this line makes it impossible to use the great
RTBL
feature. How about adding a pre-processing option to strip the first
received line?
That would do nothing to enable this
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Users like me have all inbound mail route through an ISP. This adds
one
received line to the top of the header file.
One line? You are sure? ISPs like myself may add some hops between
receiving
As for ASSP, could it be an option to use the connection IP or the
header
IP?
It could, but that is not as simple as you may think. If it is so
simple why is a small percentage of servers doing it?
I am thinking quite a while about it, but not because of RBL but
because of Delaying and TLS.
For
A lot of companies are using 3rd part services as a backup MX
(queuing) for
disaster recovery etc; so mail is routed through that ISP.
Yeah, but it is waste. And completely unnessary.
-
Using Tomcat but need to do more?
The power of ASSP is, that there is nothing to send back. ASSP answers
and reject on the spot. So if you use the flatfile or LDAP for user
validation, there is nothing to store at the mailserver. ASSP can
also use the 550 answer from the mailserver to reject the mail. No NDN
necessary.
[EMAIL PROTECTED] schreibt:
Agreed, for IN-coming mail. However, Nicole and I were talking about
OUT-going mail. The sender isn't forged, he's just an idiot who can't
type
an (outgoing) address correctly.
I think, that is an incorrect analysis.
Nicole were talking about bounces. And this bounces
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Hello,
Are the Local Domains and Local Addresses necessary? What if I leave
them
empty? Would it pass all incoming messages to my SMTP server or simply
bounce?
What will happen?
Local Domains
Oh, I forgot about that, try it again please.
fritz
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Hi Fritz,
Just tried the 1.3.0(1) version. But it doesn't seem to work. I also
have postmaster and abuse in the spamlover section can this be
problematic ?
No.
I have postmaster and abuse
Questions and Answers for users of ASSP Anti-Spam SMTP Proxy
assp-user@lists.sourceforge.net schreibt:
Sometime with 1.3.0(0) I'm noticing that someone CAN send email to
[EMAIL PROTECTED] but [EMAIL PROTECTED] is not on my flat list.
How could be possible ?
Is this a nonprocessing condition?
501 - 600 of 2408 matches
Mail list logo