:: On Tue, 18 Jul 2017 11:58:09 -0400
::
:: "Robert K Coffman Jr. -Info From Data Corp."
wrote:
> https://pastebin.com/NKPYnZsD
>
>
> I have UserAttach set up for huntington.com (see bottom of the paste)
> but their html attachments are still being blocked. Why is that?
Jul-18-17 09:58:09 m1
:: On Wed, 28 Jun 2017 08:38:34 -0700
::
::
Daniel Miller wrote:
> Again, my request is to auto-block *IPs* of *failed* auths. Not lock
> the account. Not block valid auths. Regular users would never see a
> problem.
The "problem" with such an approach are the critters I call "slow
crackers";
:: On Mon, 13 Feb 2017 06:53:48 +0100
::
::
Thomas Eckardt wrote:
> http://assp.sourceforge.net/forum/viewtopic.php?f=6&t=3031
>
> I don't want to start a discussion about this! It's only for your
> information. I don't know, if I should cry or laugh.
Plain vanilla trolling imHo, see, the te
:: On Sun, 22 Jan 2017 07:55:22 -0500
::
:: Doug Lytle wrote:
> Hey guys,
>
> I just followed and setup LetsEncrypt SSL Certificates for my Zimbra
> mail server following the below link:
>
> https://forums.zimbra.org/viewtopic.php?f=15&t=60781
>
> I wanted to know if this could also be used
:: On Wed, 19 Oct 2016 22:04:31 +0530
::
:: Vaibhav Jaiman wrote:
> - have setup assp and mailenable on the same box .
> - ASSP listening on 25|587|2525
> - MailServer listening on 125
>
> (Inbound)
> Internet -> ASSP -> MailServer -> Remote
>
> have configured below settings
>
> listenport -
:: On Wed, 19 Oct 2016 13:31:55 +0200
::
::
Thomas Eckardt wrote:
> 4. I'm unable to password protect RTF files (tried office 2003, XP,
> 2013) - password is removed
I suspect it isn't a real RTF file but a passworded zip with a modified
extension; basically whoever builds such kind of trash
:: On Wed, 19 Oct 2016 09:14:44 +0200
:: <20161019091444.5...@gmx.net>
:: Grayhat wrote:
> Ok for the sigs being up-to-date; but my point was about the "extra"
> signatures offered by SaneSecurity, not the regular ones; I found that
> the regular signatures are ofte
:: On Tue, 18 Oct 2016 11:29:44 -0400
::
:: K Post wrote:
> > I suppose that, since you're talking (ok, writing) about AFC, you're
> > running ClamAV; now... are you using the extra signatures available
> > from SaneSecurity ? I'm referring to
> >
> > http://sanesecurity.com/usage/signatures/
>
:: On Tue, 18 Oct 2016 17:19:55 +0200
:: <20161018171955.3...@gmx.net>
:: Grayhat wrote:
> :: On Tue, 18 Oct 2016 10:27:10 -0400
> ::
> ::
> K Post wrote:
>
> > VirusTotal has zero hits on the samples that I submitted, but if
> > they're encrypted,
:: On Tue, 18 Oct 2016 10:27:10 -0400
::
:: K Post wrote:
> VirusTotal has zero hits on the samples that I submitted, but if
> they're encrypted, that explains why...
I suppose that, since you're talking (ok, writing) about AFC, you're
running ClamAV; now... are you using the extra signatures a
:: On Tue, 2 Aug 2016 18:02:25 +0200
::
::
Thomas Eckardt wrote:
> I really don't know what I can do to fix up the SSL/TLS problems.
Well, Thomas, if the OP agrees, you may make private contacts and
connect to his ASSP box to run some tests, maybe reproducing the issue
while "at the console
:: On Mon, 1 Aug 2016 18:06:11 -0400
::
:: K Post wrote:
> Disabling TLS for any gmail inbound mail isn't a feasible option,
> plus I don't know if it really is just google, or just the way that
> google connects which others might too...
>
> Thank you all.
If you didn't already do so, I'd s
:: On Thu, 9 Jun 2016 12:37:26 -0400
::
:: K Post wrote:
> Windows 2012 R2
> the certificate is a 2048 bit RSA cert
>
> SSL_Version is SSLv23:!SSLv3:!SSLv2
> Cipher list
> is
> kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+RC4:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!DSS:!PSK:!SRP:!kECDH:!CAMELLIA128:!IDE
:: On Thu, 9 Jun 2016 17:27:28 +0200
:: <20160609172728.0...@gmx.net>
:: Grayhat wrote:
> also, what OS are you running on ?
I mean windows version, btw; also, is the box also running an AV (other
than the ClamD used by ASSP) and if yes,
:: On Wed, 1 Jun 2016 22:55:00 -0400
::
:: K Post wrote:
> Could this be the problem? Is OpenSSL even used by ASSP for receiving
> email? I feel like it's not, but thought I'd put this out there.
What do you have in SSL_version and SSL_cipher_list ?
If empty, try the following config
SSL_ve
:: On Fri, 3 Jun 2016 12:29:01 +0200
:: <20160603122901.7...@gmx.net>
:: Grayhat wrote:
> :: On Fri, 3 Jun 2016 10:17:58 +
> :: <5ad00d80569e0f4f9a12bbb01f00ee795a868...@bcsw-smx07.mymhp.net>
> :: Martin Voßloh wrote:
>
> > Hi,
> >
> > it´s
:: On Fri, 3 Jun 2016 10:17:58 +
:: <5ad00d80569e0f4f9a12bbb01f00ee795a868...@bcsw-smx07.mymhp.net>
:: Martin Voßloh wrote:
> Hi,
>
> it´s possible that the entry is going wrong in this mail?
>
> kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+RC4:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!DSS:!PSK:!SRP
:: On Thu, 2 Jun 2016 11:55:38 +
:: <5ad00d80569e0f4f9a12bbb01f00ee795a865...@bcsw-smx07.mymhp.net>
:: Martin Voßloh wrote:
> Hello,
>
> I have very often this error in my logs:
> Jun-01-16 11:39:39 [Worker_5] Error: Couldn't upgrade to TLS for
> client XXX.XXX.XXX.XXX:
>
> These settings I
:: On Wed, 18 May 2016 09:37:39 +0200
:: <20160518093739.4...@gmx.net>
:: Grayhat wrote:
> :: On Mon, 16 May 2016 17:25:00 +0200
> ::
>
> ::
> Thomas Eckardt wrote:
>
> > Hi all,
> >
> > fixed in assp 2.5.2 build 16137:
> >
> >
:: On Mon, 16 May 2016 17:25:00 +0200
::
::
Thomas Eckardt wrote:
> Hi all,
>
> fixed in assp 2.5.2 build 16137:
>
> - the termination reply, if 'preHeaderRe' matched, was send to the
> wrong peer
bug: connection debug files reappeared (debug folder) !
--
:: On Wed, 11 May 2016 13:57:47 +0200
::
::
Thomas Eckardt wrote:
> >Error: Worker_2 accept_SSL SSL wants a read first
>
> Accept failes because there are data at the socket which have to be
> read first. But there is nobody who can read this data (without an
> accept) except the Net::S
:: On Wed, 11 May 2016 11:11:33 +0200
:: <2016051133.7...@gmx.net>
:: Grayhat wrote:
> Just upgraded to the latest version and noticed a number of these
> messages appearing in the log (ok, dbgview) for different IPs
just to be clear, maybe the issue has been there for a w
Just upgraded to the latest version and noticed a number of these
messages appearing in the log (ok, dbgview) for different IPs
[5756] (ASSP): 2016-05-11 02:00:12 [Worker_2] Error: Worker_2 accept_SSL to
client 192.0.2.0 failed IO::Socket::SSL=GLOB(0x3c3d38c4) (timeout: 10 s) : SSL
wants a read
:: On Mon, 9 May 2016 14:14:20 +0200
::
:: aquilinux wrote:
> '/opt/assp/tmp/zip_1_1462793996/File_di_input.xlsx' -
I wonder if the "iscompressed" detection gets fooled by that "zip_..."
in path; an alternate approach may be extracting the filename w/o path
from the whole string ("File_di_input
:: On Thu, 28 Apr 2016 12:05:35 +0200
::
:: aquilinux wrote:
> Hi Thomas, any chance in having assp processing rar archives?
well, in theory it should be possible (rar and 7z below)
http://search.cpan.org/dist/Compress-Deflate7/lib/Compress/Deflate7.pm
http://search.cpan.org/~jmbo/Archive-Rar
:: On Tue, 12 Apr 2016 11:23:57 +0200
::
::
Thomas Eckardt wrote:
> SSL_version:=SSLv2/3:!SSLv3:!SSLv2
> SSL_cipher_list:=DEFAULT:!aNULL:!RC4:!MD5
in case someone is interested, here's my config (watch the wrap)
DoTLS := do TLS
SSL_version := SSLv23:!SSLv3:!SSLv2
SSL_cipher_list :=
kEECDH+ECD
:: On Fri, 19 Feb 2016 09:59:58 -0500
::
:: K Post wrote:
> I'm getting some verbal reports of people getting spam, from some of
> my more difficult users (despite clear instructions on how to report
> them).
>
> Question:
> How difficult would it be to have either a daily or on demand report
>
:: On Wed, 10 Feb 2016 11:14:45 -0500
::
:: Scott MacLean wrote:
> Any idea where I could start to try to figure out what is going on?
I'd try the following:
stop assp
remove the assp\sl-cache folder
run a
ppm update --install
once the update completes run a
ppm log --errors 60
check fo
:: On Thu, 21 Jan 2016 17:02:56 +
::
:: cw wrote:
> Does ASSP currently log anything that would help diagnose where this
> slowness is or is there something that I can turn on?
I think that activating the debug log and increasing the loglevel may
be of help, even if this will cause the logs
:: On Thu, 21 Jan 2016 11:20:23 +
::
:: cw wrote:
> 2016-01-19 20:31:15 m1-35475-10020 [Worker_6] [TLS-in] 94.186.192.136
> info: found message size announcement: 5.36 MByte
here the sender announces the message size
> Accepted 2016-01-19 20:31:16 m1-35475-10020 [Worker_6] [TLS-in]
> 94.
It was Fri, 8 Jan 2016 17:21:21 +0100 when
Thomas Eckardt wrote:
> Does the same happens using http ?
just a note; since previous versions of ASSP didn't allow the use of
HTTPS, in some cases, I used stunnel https://www.stunnel.org to setup
things so that ASSP was/is listening over SSL; the whol
It was Mon, 28 Dec 2015 12:33:53 +0100 when
Thomas Eckardt wrote:
> - RBL,RWL and URIBL queries were not answered correctly by the
> DNS-server, if any of the last versions
> of Net::DNS was installed, because the RD (recursion) flag was no
> longer set in DNS packet header.
this also means (I
It was Mon, 28 Dec 2015 12:46:12 +0100 when
Thomas Eckardt wrote:
> The only reason I can see for this is a online filesystem virus
> scanner (defender, MSE, ), that is locking the just closed
> maillog.txt. Define a scan exception rule for the 'assp/logs' folder.
Or, even better, exclude th
:: On Mon, 9 Nov 2015 12:36:00 +0100
:: <20151109123600.3...@gmx.net>
:: Grayhat wrote:
> No, ok, seriously, sounds like Thomas fixed it with #15313; as for the
> feature, the idea is to attempt protecting the mail system from bots
> attempting to abuse stolen credentials t
:: On Mon, 9 Nov 2015 12:36:00 +0100
:: <20151109123600.3...@gmx.net>
:: Grayhat wrote:
> No, ok, seriously, sounds like Thomas fixed it with #15313; as for the
> feature, the idea is to attempt protecting the mail system from bots
> attempting to abuse stolen credentials t
:: On Sun, 8 Nov 2015 12:09:34 -0500
::
:: Scott MacLean wrote:
> This sounds like a great feature, but as soon as I turned it on (I
> used 3 600), EVERY user attempting to send email, even those
> connecting for the first time (including myself) were blocked with a
> 4.7.1, and subsequent attem
It was Fri, 16 Oct 2015 10:12:49 +0200 when
Thomas Eckardt wrote:
> offering PLAIN and discard it - is an admin config mistake
> doing PLAIN if it is not offered - is a client fault and will be
> counted doing wrong authentication - is a client fault and will be
> counted
the server offers (and
I'm running the latest version of ASSP and I've possibly spotted a bug;
some clients try authenticating with "PLAIN" login, fail, retry using
the "LOGIN" mechanism and succeed, here's a log snippet
info: authentication - plain is used
info: authentication (PLAIN) realms - foruser:u...@domain.xyz,
:: On Thu, 8 Oct 2015 11:23:49 -0400
::
:: K Post wrote:
> and for clarification, it looks like the organization sends from
> something like 98 different IP's that I know about - I'm sure there
> are others - and some of them are blacklisted.
>
> If I could skip dnsbl either using a wildcard re
:: On Fri, 18 Sep 2015 11:39:06 -0400
::
:: K Post wrote:
> I can't imagine what could be going wrong with my DNS servers, but I
> will absolutely dig deeper! Thanks for the fix and for pointing me
> in the right direction. DNS issues are no joke.
assuming your DNS servers are sitting behind
:: On Fri, 18 Sep 2015 17:46:12 +0200
:: <20150918174612.6...@gmx.net>
:: Grayhat wrote:
> :: On Fri, 18 Sep 2015 11:39:06 -0400
> ::
> ::
> K Post wrote:
>
> > I can't imagine what could be going wrong with my DNS servers, but I
> > will absolutely d
:: On Wed, 16 Sep 2015 09:04:55 -0400
::
:: K Post wrote:
> DNSReuseSocket being unticked didn't help. Another 4 hours after
> restarting and the RWL/RBL errors are back.
first of all, are you using your own DNS resolvers or are you relying
on some external (public, ISP, ...) DNS resolver ? In
It was Tue, 11 Aug 2015 08:47:55 +0200 when
Thomas Eckardt wrote:
> Thank you for the information -Tom. At this time I'm unable to use
> these very nice new features of SURBL in assp. Implementing them in
> the current URIBL-code, will make the code too complex.
> The current code has to be redes
:: On Thu, 23 Jul 2015 15:00:06 +0200
:: <20150723150006.2...@gmx.net>
:: Grayhat wrote:
>
> Not sure ASSP needs it, but in case, here's the main site
>
> https://publicsuffix.org/
>
> and here's the list
>
> https://publicsuffix.org/list/public_su
Not sure ASSP needs it, but in case, here's the main site
https://publicsuffix.org/
and here's the list
https://publicsuffix.org/list/public_suffix_list.dat
notice that it's used from (e.g.) "mozilla" and others to find out
TLDs, also notice that the file uses some particular syntax, so some
r
:: On Fri, 15 May 2015 10:29:50 -0400
::
:: K Post wrote:
> I propose that if an IP does not reverse that a line look like this
> instead: Received: from *possibily.bogus.server.detected*
> ([81.xx.xx.xx] helo= mail.paypal.com) by...
> or something like that. I >>think<< this is still compliant
:: On Sun, 10 May 2015 22:54:08 -0400
::
:: K Post wrote:
> example:
> 63.249.66.210 SenderBase: status=not classified, data=US, CRUZIO,
> cruzio.com, , Y, 19, changedetection.com
> SO GREAT that it shows the changedetection.com hostname in the
> analyze gui now, but it's not matching my whiteli
:: On Thu, 7 May 2015 14:35:35 -0400
::
:: K Post wrote:
> However, a nslookup for the txt record only shows
> 38.100.169.66.query.senderbase.org text =
>
> "0-0=1|1=CHARTER
> COMMUNICATIONS|2=7.2|3=7.3|4=62870|6=0|7=47|8=9404927|9=157351|45=N|46=16|48=24|50=Fort
> Worth|5
> 1=TX|5
:: On Tue, 5 May 2015 11:22:07 -0400
::
:: K Post wrote:
> > Sorry Greyhat, you lost me. What does this show different from
> > what I was
> saying? Maybe I wasn't clear.
> When I pull up the analyze interface in assp it shows only Cogent,
> doesn't show e.delta.com, do it's not a match to my
:: On Tue, 5 May 2015 10:42:12 -0400
::
:: K Post wrote:
> Take Delta Airlines for example. They send a message from
> 38.100.169.66
>
> Looking at senderbase:
> http://www.senderbase.org/lookup/?search_string=38.100.169.66
> I get
> Hostname mta602.e.delta.com
> Domain Help e.delta.com
> Net
:: On Mon, 4 May 2015 12:47:33 -0400
::
:: K Post wrote:
> Yeah, a chuckle (and I hope that didn't come across as mean spirited
> or anything - certainly wasn't intended that way - I just gave a
> chuckle, because it's more of a "yeah right - that'll never be
> approved" type of situation - I di
:: On Mon, 4 May 2015 11:36:22 -0400
::
:: K Post wrote:
> On Mon, May 4, 2015 at 2:28 AM, Grayhat wrote:
>
> >
> > yes, have a look here https://dmarcian.com/get_started/ :)
> >
>
> Thanks for the chuckle grayhat! Ah, the joys of a virtually no IT
> bud
:: On Sat, 2 May 2015 18:56:45 -0400
::
:: K Post wrote:
> I'm loving the idea of DMARC. We've been getting reports for a couple
> different .org domains. The problem is that they need to be parsed
> manually.
>
> Any chance that ASSP could intercept DMARC reports (aggregate and
> failure rep
:: On Tue, 24 Mar 2015 14:06:29 +0100
::
:: Jean-Pierre van Melis wrote:
> coming from banks that are local in my country. Some of these banks
> use SPF-records and I've set all these domains to convert these
> SPF-records to strict.
>
> This isn't enough because these spammers are now using
>
:: On Mon, 9 Mar 2015 06:37:32 +0100
::
::
Thomas Eckardt wrote:
> The concept of the central RDB (for HMM and Bayesian) backend is not
> fast enough to process several hundred thousands or million mails a
> day. If 100.000 mails have to be processed with HMM and/or Bayesian
> in a day, this wi
It was Sun, 8 Mar 2015 13:38:51 +0100 when
Thomas Eckardt wrote:
> Such a setup requires an enormous and expensive amount of hardware
> resources, a very high knowledge in
does this mean that if one upgrades ASSP it will not work anymore due
to system constraints ?
:: On Fri, 27 Feb 2015 22:14:43 +
::
:: Colin wrote:
> This isn't an ASSP bug, but a heads up to anyone building a new
> system. As it turns out, apparently Net::SMTP::SSL hasn't been
> updated in many years. Recent changes in libnet (post 1.27) mean that
> Net::SMTP::SSL will no longer pass
It was Mon, 29 Dec 2014 10:04:03 -0500 when
Trevor Jacques wrote:
>
> > try the following; setup a virtual machine ...install the OS which
> > you have/need,
>
> One can’t do that with OS X Server Leopard. :-( I have to find a way
Hmmm... sounds like using VirtualBox and a couple tricks it sh
It was Sat, 27 Dec 2014 04:03:40 -0800 when
"Mr. Courtney Creighton" wrote:
> Mr. Courtney Creighton wrote on 12/27/2014 1:17 AM:
> > So, I'd like to ask if it's possible to add additional logging info
> > so that ASSP can log the SMTP AUTH attempts in a manner to
> > distinguish failures?
>
> W
It was Mon, 29 Dec 2014 09:36:48 -0500 when
Trevor Jacques wrote:
> > microseconds 29-Dec-2014 07:34:01 [Worker_1] Delaydb database
> > error: TIEHASH: Can't open dbi:mysql:database=assp;host=127.0.0.1,
> > Can't connect to MySQL server on '127.0.0.1' (61) at assp.pl line
try editing the "ho
It was Mon, 29 Dec 2014 07:18:56 -0500 when
Trevor Jacques wrote:
> Understood, but:
>
> >> The version of asap is the latest that my server config can run,...
>
> I’m not yet in a position to change that configuration. It’s an old
> box. :-/ All other indications are that using a db should w
It was Mon, 29 Dec 2014 08:59:15 +0100 when
Thomas Eckardt wrote:
> >Can't connect to MySQL server on '127.0.0.1'
> MySQL-Server: my.ini - max_connections=800 (very old assp versions
> may require this)
>
> assp.pl diff: 2.1.2(11329) - 2.4.4(14355)
>
> 4500 changed lines
> 14000 missing lines
It was Sun, 28 Dec 2014 16:50:22 -0500 when
Trevor Jacques wrote:
> > 27-Dec-2014 22:26:34 [Worker_1] Delaydb database error:
> > TIEHASH: Can't open dbi:mysql:database=assp;host=127.0.0.1, Can't
> > connect to MySQL server on '127.0.0.1' (61) at assp.pl line 8259
> > thread 1.
First of all
:: On Mon, 22 Dec 2014 12:22:10 +0100
::
::
Thomas Eckardt wrote:
> Sets the version of the SSL protocol used to transmit data.
> 'SSLv23' uses a handshake compatible with SSL2.0, SSL3.0 and TLS1.x,
> while 'SSLv2', 'SSLv3', 'TLSv1', 'TLSv1_1' or 'TLSv1_2' restrict
> handshake and protocol to t
:: On Mon, 22 Dec 2014 12:12:39 +0100
:: <20141222121239.1...@gmx.net>
:: Grayhat wrote:
> :: On Mon, 22 Dec 2014 12:02:48 +0100
> ::
>
> ::
> Thomas Eckardt wrote:
>
> > Net::SSLeay
>
> C:\> ppm s Net-SSLeay
> 1: Net-SSLeay
>Perl exte
:: On Mon, 22 Dec 2014 12:02:48 +0100
::
::
Thomas Eckardt wrote:
> Net::SSLeay
C:\> ppm s Net-SSLeay
1: Net-SSLeay
Perl extension for using OpenSSL (1.0.1j)
Version: 1.66
Author: Maintained by Mike McCauley and Florian Ragwitz since
November 2005 Repo: bribes.org
CPAN: http://sear
First of all, the config; ASSP SSL is configured as follows
DoTLS = do TLS
SSL_version = TLSv1
SSL_cipher_list = HIGH:!LOW:@STRENGTH
so basically the SSL configuration isn't so strict (for the sake of
testing I left the cipher list quite relaxed); now the problem: using
openssl I tested the ASSP
It was Sun, 21 Dec 2014 18:13:34 +0100 when
grayhat wrote:
> same issue with blocklist and other lists :( (oh and there's enough
> free space on disk)
sounds like it's unrelated; rolled back to previous version and the
issue remains, same error "riplist download failed:
It was Sun, 21 Dec 2014 17:56:12 +0100 when
ObiWan wrote:
> It was Sun, 21 Dec 2014 16:05:10 +0100 when
> Thomas Eckardt wrote:
>
> > Hi all,
> >
> > fixed in assp 2.4.4 build 14355:
> >
> > - the 'Received:' header line parser in the analyzer code was not
> > working correct in every case
>
:: On Thu, 11 Dec 2014 22:50:05 +0100
:: <009a01d0158c$6ce8b860$46ba2920$@scandinavianhosting.se>
:: "Pontus Hellgren" wrote:
> Thanx for all info!
>
> ASSP was set to proxy TLS but I guess I have some work to do on the
> MTA and ASSP because the chain of delivery is not working as I would
> lik
:: On Thu, 11 Dec 2014 14:55:31 +0100
:: <028501d0154a$210e68a0$632b39e0$@scandinavianhosting.se>
:: "Pontus Hellgren" wrote:
> Hi there!
>
> Got some people complaining about not getting mail from domains
> hosted at googles mailservers.
> Dec-11-14 14:44:24 [Worker_1] 209.85.214.182 info: go
:: On Wed, 22 Oct 2014 16:03:05 +0200
::
::
Thomas Eckardt wrote:
> used by the rebuildspamdb to make the spam detection more accuate.
> Only the resend is dangerous - an infected file should not (never) be
> resent.
uhm... well, in general I'd agree, but think about AV "false
positives"; in
:: On Wed, 22 Oct 2014 15:09:47 +0200
::
::
Thomas Eckardt wrote:
> How ever, assp has to make sure, that no other assp process is able
> to access the file before it was scanned - so, a long term queue
> (anytime queue) is not an option.
thinking loud:
store the file in a separate "scan" fol
:: On Wed, 22 Oct 2014 14:49:43 +0200
:: <20141022144943.0...@gmx.net>
:: Grayhat wrote:
> Thomas... why don't you change this feature to some kind of "stored
> mail scan"; that is, if the flag is enabled, ASSP may queue received
> mails into some "list&q
:: On Wed, 22 Oct 2014 14:42:58 +0200
::
::
Thomas Eckardt wrote:
> 'FileLogScan','Scan Stored Files for Virus with FileScan'
> 'If virus check is enabled ( DoFileScan ), every file/mail in the
> 'resendmail' (except reports) folder and
Thomas... why don't you change this feature to some kin
:: On Thu, 2 Oct 2014 07:57:27 +
:: <998763f529fc47b793af998c7c7b1cba@GTIEXMB02.ghobash.local>
:: Nadeem Abdulla wrote:
> 172.29.1.106
The above IP is a PRIVATE, unroutable one; see
http://en.wikipedia.org/wiki/Private_network
for details; if that's the IP you're trying to whitelist and if
:: On Mon, 22 Sep 2014 19:47:22 +
:: <5ccb67a6fa6f8244bed9f1a68b59fec00198148...@newman.corp.necomm.com>
:: Jay Tarbox wrote:
> I've been running it with Exchange for years now. The way I do it is
> - Exchange is configured with an outbound smarthost which is the
> "relay port" of ASSP.
>
>
> >"may fetch the notes and email them to the admin"
>
> Joining any of the available assp user mailinglists "solves this
> problem" :):):)
> the 'Notify' feature will do it , if configured this way - eg.
> somthing like: Info: autoupdate: new assp\.pl\.gz
> downloaded=>ad...@mydomain.org
>
>
:: On Wed, 10 Sep 2014 07:29:23 +0200
::
::
Thomas Eckardt wrote:
> Hi all,
>
> fixed in assp 2.4.4 build 14253:
>
> - the fix for invalid UTF8 data in build 14250 was too strict and has
> possibly destroyed mail data
Thanks Thomas; just a note/request, given that ASSP can alert the admin
a
:: On Wed, 9 Jul 2014 12:03:00 +0200
::
::
Thomas Eckardt wrote:
> Hi all,
>
> fixed in assp 2.4.2 build 14190:
Hmm... what's all this noise about CPUs ??
2014-07-09 03:28:11 [Worker_4] Warning: assp uses 2 CPU's - at least 4
CPU's are recommended
2014-07-09 03:28:12 [Worker_5] Warning: as
:: On Tue, 8 Jul 2014 16:09:42 +0200
::
:: aquilinux wrote:
> sorry i hijacked an old post (it was for build 14167).
> my questions about when will this fixes will be released to stable
> assp it was meant for this build 14188.
> can you confirm it will be in the next days?
What do you mean ? T
:: On Tue, 10 Jun 2014 15:41:36 +0200
::
::
Anders Westin wrote:
> Hi Grayhat
>
> Of course i run them virtual
> thanks for the tip of unbound and local RBL
oh, you're welcome; as for unbound, for further configuration tips and
ideas, have a look at https://calomel.org/unb
:: On Tue, 10 Jun 2014 14:17:49 +0200
::
::
Anders Westin wrote:
>
> Today:
> I´m running two linux servers:
>
> Server 1: (MX weight 10), it´s on this server i run "Rebuild SpamDb"
> dist:( 2.6.32-5-686-bigmem (Debian 2.6.32-39squeeze1))
> Mysql
> ASSP
> Bind
>
> Server 2: (MX weight 20)
> d
Folks, not sure you followed the lates security issue regarding
OpenSSL, if you didn't, have a look here
http://heartbleed.com/
http://filippo.io/Heartbleed/
https://github.com/FiloSottile/Heartbleed
basically, the issue is due to a bug affecting the *whole* OpenSSL
1.0.0x series and causing t
:: On Fri, 4 Apr 2014 17:26:20 +1100
:: <3f0c3797-6756-4e57-9577-ad7b56281...@bordo.com.au>
:: James Brown wrote:
> Looks like it is still happening under Mac OS X:
>
> Apr-04-14 01:01:11 [Worker_10001] Warning: got unexpected signal SEGV
> in Worker_10001: package - main, file - sub main::Bayes
:: On Fri, 14 Mar 2014 13:51:37 -
::
:: "Colin Waring" wrote:
> I was wondering if anyone else was seeing an increase in spam
> messages that come with a valid DKIM signature? It has gotten to the
> point where I have had to set DoDKIM to disabled because so much
> rubbish is coming through
> ASSP development mailing list
> schreibt:
> >
> >It now gives me exactly the credentials being used...
just a bit of warning; logging usernames AND passwords means that
anyone having access to the logs will be able to access those email
accounts; not so nice imVHo better if ASSP could only log
> @Grayhat It does appear there is such an increase... These people
> had these passwords for a long time (which in itself is wrong, of
> course).
Couple notes; if possible, try enforcing password "complexity" rules
[1] a little bit and ask your users to change their passwo
:: On Sun, 23 Feb 2014 19:38:38 +0400
::
::
Thomas Eckardt wrote:
> >Feb-21-14 17:44:09 [Worker_2] [TLS-out] 116.203.191.142 [SMTP Reply]
> >235
> 2.7.0 Authentication successful
[...]
> The connected server (85.214.251.232:25) has replied '235 2.7.0
> Authentication successful' - why shou
:: On Mon, 17 Feb 2014 14:05:38 -0500
::
:: Trevor Jacques wrote:
>
> On 17 Feb 2014, at 9:59, Thomas Eckardt
> wrote:
>
> > hmmm ... "lazy" - to log, or not to log, that is the question :):):)
>
> :-)
>
> > Be sure, delayed logging will never become a feature in assp.
>
> Given that it t
> I think the possibly maximum is around 50 seconds. The MainThread is
> monitored by the MaintThread for actions. If the delay is too long,
> it may happen that the assp process will restart.
the only real solution (assuming we need it ... and I'm not sure about
it) would be setting up the log
:: On Wed, 12 Feb 2014 19:01:23 +0400
::
::
Thomas Eckardt wrote:
> Andrea, please create the 'assp/rebuilddebug.txt' file before running
> the rebuild. If the rebuild stucks, the last line of the file will
> show the .eml file, which caused the problem.
> If you have some time, zip and send
> > Is there anyone else having a problem with a stucking rebuild
> > process or hanging workers (on HMM or Bayes) running ASSP_WordStem
> > 1.24 and Perl 5.16.3 or later?
>
> perl -v
>
> This is perl 5, version 16, subversion 3 (v5.16.3) built for
> MSWin32-x86-multi-thread
>
> upgraded to lat
> Is there anyone else having a problem with a stucking rebuild process
> or hanging workers (on HMM or Bayes) running ASSP_WordStem 1.24 and
> Perl 5.16.3 or later?
perl -v
This is perl 5, version 16, subversion 3 (v5.16.3) built for
MSWin32-x86-multi-thread
upgraded to latest ASSP *and* late
:: On Fri, 31 Jan 2014 15:56:48 +0100
::
::
Thomas Eckardt wrote:
> >"HMM-Check has given less than 6 results - using monitoring mode
> >only"
>
> This is related to 'maxBayesValues'.
> monitoring only if $this->{hmmres} < int($maxBayesValues / 12 + 1)
> scoring only if $this->{hmmres} < int($
By default the bays and HMM valence values are set to 49 and 55
(regular and local); now... according to the interface if one enables
both checks (setting them to score), the values should be revised...
the problem is that it's unclear how to set them; I mean, if I read the
GUI it says
"for this
> On my way to a new version - this is the nudge that I needed.
> (pending some more answers to my other thread on general windows
> recommendations and the requirements of hmm)
Well, as for the hMM, start vanilla, that is, install your new ASSP,
configure it, migrate your files, upgrade to DB an
> > I'm going to be starting from scratch on a new Windows install, but
> > migrating data over from an older 2.x install. That current install
> clamAV+signatures, domains...) and once all ok, move your files to the
> new box and ensure all's ok; done that *BACKUP* the config and then
forgot;
> I'm going to be starting from scratch on a new Windows install, but
> migrating data over from an older 2.x install. That current install
> uses all flat files, no database.
well... in theory flat-files should work as they are but I'd wait for
some notes from Thomas about it; that said...
> 1
:: On Tue, 28 Jan 2014 13:56:42 -0500
::
:: K Post wrote:
> Hey, would you look at that! There's a setting for senderbase log
> verbosity! Changing it to verbose, gives me:
> Timeout occurred getting results at C:/Perl/site/lib/Net/SenderBas
> e/Query/DNS.pm
>
> DNSTimeout was 5 seconds. Cha
1 - 100 of 1015 matches
Mail list logo
