You can subscribe to this list here.
2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(7) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2003 |
Jan
(26) |
Feb
(29) |
Mar
(27) |
Apr
(61) |
May
(179) |
Jun
(176) |
Jul
(243) |
Aug
(270) |
Sep
(147) |
Oct
(161) |
Nov
(110) |
Dec
(132) |
2004 |
Jan
(161) |
Feb
(114) |
Mar
(190) |
Apr
(79) |
May
(265) |
Jun
(269) |
Jul
(176) |
Aug
(159) |
Sep
(138) |
Oct
(45) |
Nov
(85) |
Dec
(80) |
2005 |
Jan
(145) |
Feb
(65) |
Mar
(49) |
Apr
(80) |
May
(136) |
Jun
(134) |
Jul
(408) |
Aug
(107) |
Sep
(75) |
Oct
(32) |
Nov
(42) |
Dec
(28) |
2006 |
Jan
(74) |
Feb
(134) |
Mar
(804) |
Apr
(984) |
May
(829) |
Jun
(427) |
Jul
(397) |
Aug
(745) |
Sep
(176) |
Oct
(564) |
Nov
(748) |
Dec
(1052) |
2007 |
Jan
(984) |
Feb
(678) |
Mar
(568) |
Apr
(434) |
May
(644) |
Jun
(396) |
Jul
(655) |
Aug
(693) |
Sep
(497) |
Oct
(411) |
Nov
(316) |
Dec
(310) |
2008 |
Jan
(192) |
Feb
(169) |
Mar
(141) |
Apr
(55) |
May
(143) |
Jun
(157) |
Jul
(136) |
Aug
(187) |
Sep
(131) |
Oct
(228) |
Nov
(227) |
Dec
(144) |
2009 |
Jan
(205) |
Feb
(211) |
Mar
(302) |
Apr
(186) |
May
(99) |
Jun
(127) |
Jul
(74) |
Aug
(18) |
Sep
(110) |
Oct
(61) |
Nov
(149) |
Dec
(186) |
2010 |
Jan
(108) |
Feb
(135) |
Mar
(85) |
Apr
(109) |
May
(115) |
Jun
(176) |
Jul
(81) |
Aug
(210) |
Sep
(76) |
Oct
(41) |
Nov
(69) |
Dec
(78) |
2011 |
Jan
(65) |
Feb
(48) |
Mar
(78) |
Apr
(34) |
May
(78) |
Jun
(92) |
Jul
(42) |
Aug
(40) |
Sep
(175) |
Oct
(26) |
Nov
(22) |
Dec
(15) |
2012 |
Jan
(20) |
Feb
(24) |
Mar
(20) |
Apr
(13) |
May
(29) |
Jun
(22) |
Jul
(12) |
Aug
(14) |
Sep
(22) |
Oct
(51) |
Nov
(74) |
Dec
(45) |
2013 |
Jan
(10) |
Feb
(40) |
Mar
(17) |
Apr
(59) |
May
(186) |
Jun
(67) |
Jul
(25) |
Aug
(51) |
Sep
(67) |
Oct
(47) |
Nov
(70) |
Dec
(39) |
2014 |
Jan
(41) |
Feb
(32) |
Mar
(67) |
Apr
(58) |
May
(89) |
Jun
(36) |
Jul
(59) |
Aug
(50) |
Sep
(86) |
Oct
(43) |
Nov
(43) |
Dec
(31) |
2015 |
Jan
(43) |
Feb
(40) |
Mar
(35) |
Apr
(23) |
May
(24) |
Jun
(45) |
Jul
(26) |
Aug
(38) |
Sep
(38) |
Oct
(17) |
Nov
(15) |
Dec
(21) |
2016 |
Jan
(28) |
Feb
(81) |
Mar
(157) |
Apr
(59) |
May
(9) |
Jun
(30) |
Jul
(77) |
Aug
(44) |
Sep
(64) |
Oct
(31) |
Nov
(26) |
Dec
(59) |
2017 |
Jan
(27) |
Feb
(56) |
Mar
(24) |
Apr
(14) |
May
(31) |
Jun
(35) |
Jul
(19) |
Aug
(7) |
Sep
(11) |
Oct
(2) |
Nov
(15) |
Dec
(22) |
2018 |
Jan
(13) |
Feb
(9) |
Mar
|
Apr
(4) |
May
(8) |
Jun
(11) |
Jul
(26) |
Aug
(14) |
Sep
(5) |
Oct
(2) |
Nov
(11) |
Dec
(7) |
2019 |
Jan
(5) |
Feb
(4) |
Mar
(5) |
Apr
(1) |
May
(7) |
Jun
(15) |
Jul
|
Aug
(4) |
Sep
|
Oct
(6) |
Nov
(20) |
Dec
(14) |
2020 |
Jan
(11) |
Feb
|
Mar
(32) |
Apr
(3) |
May
(14) |
Jun
(8) |
Jul
|
Aug
(9) |
Sep
(14) |
Oct
(5) |
Nov
(1) |
Dec
|
2021 |
Jan
(13) |
Feb
|
Mar
(6) |
Apr
(6) |
May
(18) |
Jun
(3) |
Jul
(7) |
Aug
(20) |
Sep
(20) |
Oct
(3) |
Nov
(5) |
Dec
|
2022 |
Jan
(7) |
Feb
(4) |
Mar
(7) |
Apr
(2) |
May
(1) |
Jun
|
Jul
|
Aug
(3) |
Sep
(4) |
Oct
(1) |
Nov
|
Dec
|
2023 |
Jan
(5) |
Feb
(2) |
Mar
|
Apr
(3) |
May
(3) |
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
2024 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(3) |
Aug
(8) |
Sep
|
Oct
|
Nov
|
Dec
|
From: Manuel M. <li...@ma...> - 2003-09-29 23:05:03
|
Hello Nathan, On Mon, 29 Sep 2003 12:51:51 +1000 "Nathan Chan" <ch...@xs...> wrote: > [root@fw assp]# ba=content-\w+: > .*\s+.*name\s*=\s*".*\.(exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|c > md|com|ht[ab])"|content-\w+: > .*\s+.*name\s*=\s*.*\.(exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|c > md|com|ht[ab])\s > be=1 > ok > > ????? Nothing to worry about, these are some leftover debug messages. If you want to get rid of them, just locate the line: print "ba=$badattach \nbe=$BlockExes\n",$b=~/$badattach/i,"ok\n"; and change it to: #print "ba=$badattach \nbe=$BlockExes\n",$b=~/$badattach/i,"ok\n"; or remove it completely. Bye, MM -- Latest personal build of ASSP is 4.2b Get it here: http://www.martinnet.de/assp-mmb42b.zip Please read the instructions in the config-options carefully. |
From: Manuel M. <li...@ma...> - 2003-09-29 22:58:13
|
Hello John, On Sun, 28 Sep 2003 15:32:59 -0400 Doug Lytle <su...@dr...> wrote: > I've been watching the tail log of maillog.txt over the weekend and have > noticed something strange. Sometimes I see an incoming mail to a > user(s) that is labeled as 'spam address', when it isn't in the 'Spam > Addresses' field. Would this be a bug (Maybe fixed in 1.02), or would > it be because the from email address is probably a bad address? The spamaddresses are parsed independantely to everything else (at least in 1.0.3), the from: doesn't play a role for the check (noprocess, black and whitelisted is checked before applying the rule for spamaddresses, so these may pass / be blocked nevertheless, but this isn't the case for you) A mail is classifed as spam if _any_ rcpt-to: is in the spamadresses (and no noprocess or whitelist applies), e. g. someone sends to all your users a SPAM in one go. That's nice, because no legit user should feel the urge to send anything to a spambucket. HTH. Bye, MM -- Latest personal build of ASSP is 4.2b Get it here: http://www.martinnet.de/assp-mmb42b.zip Please read the instructions in the config-options carefully. |
From: Doug L. <su...@dr...> - 2003-09-29 22:02:37
|
John, I've been watching the tail log of maillog.txt over the weekend and have noticed something strange. Sometimes I see an incoming mail to a user(s) that is labeled as 'spam address', when it isn't in the 'Spam Addresses' field. Would this be a bug (Maybe fixed in 1.02), or would it be because the from email address is probably a bad address? Curious, Doug |
From: Doug L. <su...@dr...> - 2003-09-29 21:03:58
|
John, I've been watching the tail log of maillog.txt over the weekend and have noticed something strange. Sometimes I see an incoming mail to a user(s) that is labeled as 'spam address', when it isn't in the 'Spam Addresses' field. Would this be a bug (Maybe fixed in 1.02), or would it be because the from email address is probably a bad address? Curious, Doug |
From: Enrico S. <sc...@es...> - 2003-09-29 19:57:00
|
Hi all I am currently testing this special build (mainly because of the "Internal-Whitelist-Addition" feature, but also enabling the new DNSBL handling and others). The features I am using are very useful to me and I could not find any negative side-effects so far. I suggest that after a phase of testing it would be great if John could integrate them into his own build. Everything is well documented and configurable using the web interface Enrico SourceForge.net wrote: >Read and respond to this message at: >https://sourceforge.net/forum/message.php?msg_id=2212682 >By: mmartinfs > >Hello, > >I've upgraded my customized build of ASSP to 1.0.3 and added some >new options. I can be obtained at http://www.martinnet.de/assp-mmb42b.zip. >I'm still looking for more testers and much more feedback, therefore I'm posting >to the forums, too. > >An overview follows: >* denotes a generally useful feature (I think), ># an addition for my personal use, >- a fix > ># Password hidden (for my personal use, was kindly prepared by John >Hanna) >* X-Assp-Report: YES for messages generated by the Mail-Interface (easy > filtering) >- Modified regular expression for mail-address ($mailregex) which is > used throughout the programm now. I added [,],: in some places, > because I experienced that some addresses were whitelisted but not > recognized afterwards because different expressions were used (I think). > Also, I added the necessity to include a dot in the domain part (which > is arguably good or bad). Change as you wish. >* made DNSBL usable with dialups with the inclusion of a regular > expression to extract the sender's ip from a (trusted) external host > (e. g. your externally hosted mail server or proxy). Received: -lines > are read one by one top down and compared seperately to $dnsblre until > a matching line is found. Additionally, expressions can be evaluated > per line, so that different servers can be used simultaniously. >- X-Assp-Spam-Prob: is added only once (could happen twice if mail is > directly forwarded after delivery >* Redlist-Extension: optionally treat mail as redlisted if all envelope > recipients are redlisted (usefull for users with automatic forwarding > to external addresses, like road-warriors >* Internal-Whitelist-Addition: optionally add only addresses supplied by > "relayable" hosts >* Non-Greedy-Whitelist-Addition: optionally do not collect all > header-supplied adresses for inclusion in whitelist, use only envelope > recipients >* DNSBLRE is used for the Goodhost-Feature, too: Added a property to the > $Con-hash. ->{proxy} is the same as ->{ip}, unless we get to know > otherwise. {proxy} contains the "real" delivering agent's ip in a > scenario where ASSP is not the only proxy used to receive mail. After > the header is read completely, the Received:-lines are parsed with a > user-supplied regex for a suitable ip. This is afterwards used for > dnsbl-matching and the goodhosts database. If no ip can be found in > the header, {proxy} stays equal to {ip}, and can be used for all > non-connection-related stuff afterwards. > Thanks to John Hanna for his clean code and good documentation of it. > Otherwise, I wouldn't have been able to implement this. >* / - Added an option to broaden the DNSBL-search for CLASS B (-style) > subnets. Some mayor ISPs use entire /16-ranges for dialups, and it is > unlikely that a dialup-user doesn't deliver mail via a smarthost (like > he should) for something besides spamming, so it's common that such > dialin-subnets are included in blacklists. Formerly only exact matches > or CLASS C were looked up. >* Added an option to scan all Received:-lines for DNSBL-listed ips. My > theory is that a spammer will always try to relay through a > non-blacklisted host, but this host will often record the sender's ip. > If we find any blacklisted ip in the Received:-lines, there's a good > chance that this is SPAM. If we don't, we don't know if it's HAM or if > the spammer disguised himself too well (which is the point where we > started). The ips found can therefore be only used for blacklisting, > not for good/whitelisting. To prevent that all dialups become > blacklisted by error, only exact matches are used. >* Added an option to change $OutgoingBufSize via the interface > (requested by Enrico) > >Bye, MM > >______________________________________________________________________ >You are receiving this email because you elected to monitor this forum. >To stop monitoring this forum, login to SourceForge.net and visit: >https://sourceforge.net/forum/unmonitor.php?forum_id=235332 > > > |
From: Bill B. <bi...@we...> - 2003-09-29 19:55:42
|
John, We had an empty dnsbl file when we experienced these crashes last month. We have since stopped using ASSP. Will 1.0.3 now fix this problem you think? Bill -----Original Message----- From: "Bill B." Sent: Wed, 27 Aug 2003 17:16:38 EDT Subject: Re: [Assp-user] crash Any ideas on what I can do to track down this problem? It has crashed on me a few more times since Monday, but other than that its running great. One thing I noticed during the 60 seconds before the crashes, is that there are new incoming connections established (but no more than usual), but it doesn't look like all of the related connections are being made to the backend smtp server. There are no "Couldn't create server socket to..." messages written to the log. However I used to see those error messages last week because our server was running out of available sockets, so I adjusted the TCP/IP registry settings to allow more sockets, following the recommendation of a few sites I found... http://www.stalker.com/CommuniGatePro/Scalability.html#TimeWait http://www.macromedia.com/support/coldfusion/ts/documents/tn17277.htm Could these tweaks be causing ASSP to crash? I wouldn't think so, but its worth asking. Also, would adding some sort of exception handling to the script help prevent the crashing or help us to debug it? Thanks, Bill -----Original Message----- From: "Bill B." Sent: Mon, 25 Aug 2003 14:18:10 EDT Subject: Re: [Assp-user] crash Yes, its a fresh install of ActiveState 5.8.0. The install filename was: ActivePerl-5.8.0.806-MSWin32-x86.msi Bill -----Original Message----- From: "John Hanna" Sent: Mon, 25 Aug 2003 12:10:14 -0600 Subject: Re: [Assp-user] crash Hmmm... Very interesting... Are you running ActiveState? What version? John ----- Original Message ----- From: "Bill B." <bi...@we...> To: <ass...@li...> Sent: Monday, August 25, 2003 8:04 AM Subject: [Assp-user] crash > John, > > I've had ASSP 1.0.1 crash on me twice since we started using it this weekend. We're running it as a Windows Service. The ASSP log shows nothing out of the ordinary. Attached is the DrWatson file and below is what was show in Event Viewer for both cra > shes: > > > The application, , generated an application error The error occurred on 08/25/2003 @ 09:21:53.309 The exception generated was c0000005 at address 28090A31 (win32_select) > > The application, , generated an application error The error occurred on 08/24/2003 @ 20:32:18.086 The exception generated was c0000005 at address 28090A31 (win32_select) > > > > > ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Assp-user mailing list Ass...@li... https://lists.sourceforge.net/lists/listinfo/assp-user ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Assp-user mailing list Ass...@li... https://lists.sourceforge.net/lists/listinfo/assp-user ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Assp-user mailing list Ass...@li... https://lists.sourceforge.net/lists/listinfo/assp-user |
From: Robert <ro...@dr...> - 2003-09-29 14:49:48
|
---- Original Message ---- From: Mail Delivery Subsystem Date: Fri 9/26/03 20:55 To: do...@lc... Subject: Warning: could not send message for past 4 hours ********************************************** ** THIS IS A WARNING MESSAGE ONLY ** ** YOU DO NOT NEED TO RESEND YOUR MESSAGE ** ********************************************** The original message was received at Fri, 26 Sep 2003 15:59:11 -0400 from www@localhost ----- The following addresses had transient non-fatal errors ----- ass...@li... ----- Transcript of session follows ----- ... while talking to mail.sourceforge.net.: >>> RCPT To:<ass...@li...> <<< 451-host lookup did not complete <<< 451 Could not complete sender verify ass...@li...... Deferred: 451-host lookup did not complete Warning: message still undelivered after 4 hours Will keep trying until message is 5 days old |
From: Nathan C. <ch...@xs...> - 2003-09-29 03:17:20
|
G'Day All, I have just moved to 1.0.3 because we were having a problem where the spamlovers list was being ignored for some reason. Upon moving to 1.0.3, i am now seeing the following print onto my screen quite often : [root@fw assp]# ba=content-\w+: .*\s+.*name\s*=\s*".*\.(exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|c md|com|ht[ab])"|content-\w+: .*\s+.*name\s*=\s*.*\.(exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|c md|com|ht[ab])\s be=1 ok ????? Thanks Nathan |
From: G. A. V. H. <va...@wh...> - 2003-09-28 20:37:00
|
Greetings, I liked the sound of a couple of things in 1.0.2 and 1.0.3, so I decided to rev my 1.0.1a system this morning. First, unzip, gunzip, and bunzip all failed to find anything useful in the downloaded ZIP file. Would it be possible to save future versions as .tgz, or perhaps post a note on the download page with hints on how to extract the contents? I ended up downloading the file to a Samba server so I could use WinZip from my desktop to extract it, then FTP the contents to the actual server. Restart failed silently because the two files were not executable. I followed the 1.0.2 instructions and copied just assp.pl and rebuildspamdb.pl to /usr/local/assp. The Configuration page now reports that I am running 1.0.3, but I see no trace of the new "Forward all spams" feature. I think this feature will be crucial to my ability to get ASSP out of test mode. Incidentally, I have my system running happily at the moment. I set it up on RedHat 9.0, using ASSP, Sendmail, MailScanner, SpamAssassin, and two virus scanners. I'm using f-prot and ClamAV at the moment, I plan to add ETrust as soon as I get a little time. Users can pick up their mail using POP3 of course, but I also have SquirrelMail for web access. I don't expect this to be a blockbuster service, but I've got about 50 users and several more have signed up for a trial in the last few days. http://www/bogachiel.net I did sent a small donation, I hope more of the other 195 installations do the same! Van -- ---------------------------------------------------------- Sign up now for Quotes of the Day, a handful of quotations on a theme delivered every morning. Enlightenment! Daily, for free! mailto:tw...@wh...?subject=Subscribe_QOTD For web hosting and maintenance, visit Van's home page: http://www.domainvanhorn.com/van/ ---------------------------------------------------------- |
From: G. A. V. H. <va...@wh...> - 2003-09-28 20:22:21
|
Further on spamlover list: I'd like this to be a file rather than line on the config page. It looks to me like I want to add every new user as a spamlover for the first thirty days so they can identify which senders are being blocked and get them in the whitelist. I would set it up like this: linds*.com # 22 Sept jg # 27 Sept jcp # 28 Sept Then I could review it every few days and delete the oldest lines so those users and domains would switch to normal processing. John, I don't know if you're familiar with MailScanner, but almost everything in the (long) configuration file can either be a rule or a file with rules in it. Very, very handy for the administrator. Van David Hooton wrote: > Count me as one :) > > The way we collect spam it's much tidier if it's blackholed silently and > added to the database. > > It would also be good if spamlovers could be a us...@do... entry > rather than just the user bit. We run quite a few domains, this is a BIG > limitation for us :) > -- > Regards, > > David Hooton > Senior Partner > Platform Hosting > www.platformhosting.com > > > find two others who want this feature and I'll talk about adding it as an > > option. > > > > j > > ----- Original Message ----- > > From: "dave" <bo...@ev...> > > To: <ass...@li...> > > Sent: Thursday, September 04, 2003 3:18 PM > > Subject: RE: [Assp-user] Spam Addresses not using domains? > > > > > >> I would like if the spambucket never got any error, since I forward all > >> my ISP accounts into the bucket. > >> > >> >-----Original Message----- > >> >From: ass...@li... > >> >[mailto:ass...@li...] On Behalf Of John Hanna > >> >Sent: Tuesday, September 02, 2003 3:17 PM > >> >To: ass...@li... > >> >Subject: Re: [Assp-user] Spam Addresses not using domains? > >> > > >> > > >> >Yes and yes. the spambucket addresses get the same 500 error > >> >as all the rest of the spam you receive, but they also > >> >contribute to the spam database. Yes it's possible that a > >> >spammer might remove the address from the list of good > >> >addresses, but then again... I don't think most spammers ever do that. > >> > > >> >john > >> >----- Original Message ----- > >> >From: "David Hooton" <da...@pl...> > >> >To: <ass...@li...> > >> >Sent: Saturday, August 30, 2003 9:35 PM > >> >Subject: Re: [Assp-user] Spam Addresses not using domains? > >> > > >> > > >> >> One further question.. > >> >> > >> >> Do spam addresses help build the spam database? I had > >> >envisaged them > >> >> as a "honeypot" which would build the database, but they > >> >just seem to > >> >> 500 error all mail to them. > >> >> > >> >> -- > >> >> Regards, > >> >> > >> >> David Hooton > >> >> Senior Partner > >> >> Platform Hosting > >> >> 1300 85 HOST > >> >> www.platformhosting.com > >> >> > >> >> > >> >> > >> >=============================================================== > >> >========= > >> >> This message has been scanned for viruses and unsafe content by > >> >> Platform MailScanner > >> >> > >> >> To report SPAM forward the message to: sp...@pl... > >> >> To report incorrectly tagged messages: no...@pl... > >> >> > >> >> Platform MailScanner - http://mailscanner.platformhosting.com/ > >> >> Platform Hosting - http://www.platformhosting.com/ > >> >> > >> >> > >> >====================================================================== > >> >> == > >> >> > >> >> > >> >> > >> >> ------------------------------------------------------- > >> >> This sf.net email is sponsored by:ThinkGeek > >> >> Welcome to geek heaven. > >> >> http://thinkgeek.com/sf > >> >> _______________________________________________ > >> >> Assp-user mailing list > >> >> Ass...@li... > >> >> https://lists.sourceforge.net/lists/listinfo/assp-user > >> > > >> > > >> > > >> >------------------------------------------------------- > >> >This sf.net email is sponsored by:ThinkGeek > >> >Welcome to geek heaven. > >> >http://thinkgeek.com/sf _______________________________________________ > >> >Assp-user mailing list > >> >Ass...@li... > >> >https://lists.sourceforge.net/lists/listinfo/as>sp-user > >> > > >> > >> > >> > >> ------------------------------------------------------- > >> This sf.net email is sponsored by:ThinkGeek > >> Welcome to geek heaven. > >> http://thinkgeek.com/sf > >> _______________________________________________ > >> Assp-user mailing list > >> Ass...@li... > >> https://lists.sourceforge.net/lists/listinfo/assp-user > > > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > Assp-user mailing list > > Ass...@li... > > https://lists.sourceforge.net/lists/listinfo/assp-user > > > > ======================================================================== > > This message has been scanned for spam & viruses by Mail Security. > > To report SPAM forward the message to: sp...@ma... > > Mail Security www.mailsecurity.net.au > > ======================================================================== > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Assp-user mailing list > Ass...@li... > https://lists.sourceforge.net/lists/listinfo/assp-user -- ---------------------------------------------------------- Sign up now for Quotes of the Day, a handful of quotations on a theme delivered every morning. Enlightenment! Daily, for free! mailto:tw...@wh...?subject=Subscribe_QOTD For web hosting and maintenance, visit Van's home page: http://www.domainvanhorn.com/van/ ---------------------------------------------------------- |
From: Manuel M. <li...@ma...> - 2003-09-28 18:52:57
|
Hello, I've upgraded my customized build of ASSP to 1.0.3 and added some new options. I can be obtained at http://www.martinnet.de/assp-mmb42b.zip. I'm still looking for more testers and much more feedback. An overview follows: * denotes a generally useful feature (I think), # an addition for my personal use, - a fix # Password hidden (for my personal use, was kindly prepared by John Hanna) * X-Assp-Report: YES for messages generated by the Mail-Interface (easy filtering) - Modified regular expression for mail-address ($mailregex) which is used throughout the programm now. I added [,],: in some places, because I experienced that some addresses were whitelisted but not recognized afterwards because different expressions were used (I think). Also, I added the necessity to include a dot in the domain part (which is arguably good or bad). Change as you wish. * made DNSBL usable with dialups with the inclusion of a regular expression to extract the sender's ip from a (trusted) external host (e. g. your externally hosted mail server or proxy). Received: -lines are read one by one top down and compared seperately to $dnsblre until a matching line is found. Additionally, expressions can be evaluated per line, so that different servers can be used simultaniously. - X-Assp-Spam-Prob: is added only once (could happen twice if mail is directly forwarded after delivery * Redlist-Extension: optionally treat mail as redlisted if all envelope recipients are redlisted (usefull for users with automatic forwarding to external addresses, like road-warriors * Internal-Whitelist-Addition: optionally add only addresses supplied by "relayable" hosts * Non-Greedy-Whitelist-Addition: optionally do not collect all header-supplied adresses for inclusion in whitelist, use only envelope recipients * DNSBLRE is used for the Goodhost-Feature, too: Added a property to the $Con-hash. ->{proxy} is the same as ->{ip}, unless we get to know otherwise. {proxy} contains the "real" delivering agent's ip in a scenario where ASSP is not the only proxy used to receive mail. After the header is read completely, the Received:-lines are parsed with a user-supplied regex for a suitable ip. This is afterwards used for dnsbl-matching and the goodhosts database. If no ip can be found in the header, {proxy} stays equal to {ip}, and can be used for all non-connection-related stuff afterwards. Thanks to John Hanna for his clean code and good documentation of it. Otherwise, I wouldn't have been able to implement this. * / - Added an option to broaden the DNSBL-search for CLASS B (-style) subnets. Some mayor ISPs use entire /16-ranges for dialups, and it is unlikely that a dialup-user doesn't deliver mail via a smarthost (like he should) for something besides spamming, so it's common that such dialin-subnets are included in blacklists. Formerly only exact matches or CLASS C were looked up. * Added an option to scan all Received:-lines for DNSBL-listed ips. My theory is that a spammer will always try to relay through a non-blacklisted host, but this host will often record the sender's ip. If we find any blacklisted ip in the Received:-lines, there's a good chance that this is SPAM. If we don't, we don't know if it's HAM or if the spammer disguised himself too well (which is the point where we started). The ips found can therefore be only used for blacklisting, not for good/whitelisting. To prevent that all dialups become blacklisted by error, only exact matches are used. * Added an option to change $OutgoingBufSize via the interface (requested by Enrico) Bye, MM -- Latest personal build of ASSP is 3.1 Get it here: http://www.martinnet.de/assp-mmb42b.zip Please read the instructions in the config-options carefully. |
From: John H. <jh...@cp...> - 2003-09-26 22:58:07
|
I'm sorry for releasing twice in two days, but that's life. Today's release fixes a bug that Thilo Klien helped identify with the "forward all spam to an address" feature. It also includes two often requested new features: blocked file extensions are listed in the config file and there's a new "block a spam bomb" feature for those of us unfortunate enough to be used by a spammer as their "from" address. It might also be useful for blocking email viruses which show up after the 10k mark in the file. It also should prevent some of the TLS problems people have been having. Please download and enjoy! Also, I've decided to use paypal donations to help fund the replacement of my three-year-old pocket pc, so keep those donations coming. And thanks again to those loyal few who have made my day by saying thanks with more than words. :-) I'll be out of the office for a week, so expect whatever replies to be delayed. (Gee, a new h2210 might make it easier to answer ASSP support requests while I travel... Hmmm... maybe my motives aren't entirely selfish.) John |
From: John H. <jh...@cp...> - 2003-09-26 20:11:15
|
The decision hinges on weather they should go in the notspam collection = -- I'd think that mail sent from local users to a mail list would = probably be considered appropriate for the notspam collection. In this = case the redRe would probably be better.=20 john ----- Original Message -----=20 From: Ged West=20 To: 'ass...@li...'=20 Sent: Friday, September 26, 2003 12:48 PM Subject: RE: [Assp-user] RE: A dumb question I am sure. I am sorry I am showing my ignorance. But would there be a benefit to = not-processing these types of emails or should just redlisting them be = enough? ___________________________________________ Ged West, CCNA, MCSE, CNA, A+, N+ IS Specialist Grays Harbor PUD gw...@gh... Office: 360-538-6268 Cell: 360-580-4079 Fax: 360-538-6340 http://www.ghpud.org _________________________________________ -----Original Message----- From: John Hanna [mailto:jh...@cp...] Sent: Friday, September 26, 2003 10:51 AM To: ass...@li... Subject: Re: [Assp-user] RE: A dumb question I am sure. Yes, with any version you can identify a string in the header for = "expression to identify redlisted mail" and starting with 1.0.2 you can = use something in the header to identify mail for no-processing. Based on these examples you could use yph.*boing\.topica john ----- Original Message -----=20 From: Ged West=20 To: 'ass...@li...'=20 Sent: Thursday, September 25, 2003 4:35 PM Subject: [Assp-user] RE: A dumb question I am sure. I am sure this has been answered somewhere before. but here goes. Is there a way to stop emails that local users send out from = adding to the whitelist?=20 Here is an example: yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo... I have several users that get email from lists, when they reply to = the list it gets added to the whitelist. Can I use a regular expression = to essentially redlist mail goling to these types of lists? I don't = really see it as a problem, it doesn't effect the way assp works it just = clutters up my whitelist (and I am neat freak) :-0 I am just curious if it can be done that is all. I am not asking = for a new feature to be added or anything like that. =20 I just want a check box at the bottom of the config page, that = says "check this box to have ASSP make your dinner, wash your car, and = do your laundry". I'm not asking for much. :-) Thanks Ged --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail = Essentials. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. |
From: Ged W. <gw...@gh...> - 2003-09-26 18:47:42
|
I am sorry I am showing my ignorance. But would there be a benefit to not-processing these types of emails or should just redlisting them be enough? ___________________________________________ Ged West, CCNA, MCSE, CNA, A+, N+ IS Specialist Grays Harbor PUD gw...@gh... Office: 360-538-6268 Cell: 360-580-4079 Fax: 360-538-6340 HYPERLINK "http://www.ghpud.org/" \nhttp://www.ghpud.org _________________________________________ -----Original Message----- From: John Hanna [mailto:jh...@cp...] Sent: Friday, September 26, 2003 10:51 AM To: ass...@li... Subject: Re: [Assp-user] RE: A dumb question I am sure. Yes, with any version you can identify a string in the header for "expression to identify redlisted mail" and starting with 1.0.2 you can us= e something in the header to identify mail for no-processing. Based on these examples you could use yph.*boing\.topica john ----- Original Message ----- From: HYPERLINK "mailto:gw...@gh..."Ged West To: HYPERLINK "mailto:'ass...@li...'"'ass...@li...'= Sent: Thursday, September 25, 2003 4:35 PM Subject: [Assp-user] RE: A dumb question I am sure. I am sure this has been answered somewhere before. but here goes. Is there a way to stop emails that local users send out from adding to the whitelist? Here is an example: HYPERLINK "mailto:yph...@bo..."yphgaqejawyxdosabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxdveabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxmf8abwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxmpmabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxpawabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxqn8abwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxtncabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxupgabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyzuvoabwa= a aaa...@bo... I have several users that get email from lists, when they reply to the list= it gets added to the whitelist. Can I use a regular expression to essentially redlist mail goling to these types of lists? I don't really se= e it as a problem, it doesn't effect the way assp works it just clutters up m= y whitelist (and I am neat freak) :-0 I am just curious if it can be done that is all. I am not asking for a new= feature to be added or anything like that. I just want a check box at the bottom of the config page, that says "check this box to have ASSP make your dinner, wash your car, and do your laundry"= . I'm not asking for much. :-) Thanks Ged --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. |
From: John H. <jh...@cp...> - 2003-09-26 18:24:32
|
Yes, with any version you can identify a string in the header for = "expression to identify redlisted mail" and starting with 1.0.2 you can = use something in the header to identify mail for no-processing. Based on these examples you could use yph.*boing\.topica john ----- Original Message -----=20 From: Ged West=20 To: 'ass...@li...'=20 Sent: Thursday, September 25, 2003 4:35 PM Subject: [Assp-user] RE: A dumb question I am sure. I am sure this has been answered somewhere before. but here goes. Is there a way to stop emails that local users send out from adding to = the whitelist?=20 Here is an example: yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo...=20 yph...@bo... I have several users that get email from lists, when they reply to the = list it gets added to the whitelist. Can I use a regular expression to = essentially redlist mail goling to these types of lists? I don't really = see it as a problem, it doesn't effect the way assp works it just = clutters up my whitelist (and I am neat freak) :-0 I am just curious if it can be done that is all. I am not asking for = a new feature to be added or anything like that. =20 I just want a check box at the bottom of the config page, that says = "check this box to have ASSP make your dinner, wash your car, and do = your laundry". I'm not asking for much. :-) Thanks Ged --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. |
From: Guy L. <lo...@co...> - 2003-09-26 10:04:35
|
Hi Robert, >Actually, now having spent a very few minutes reviewing Vpopmail and >Qmail... You really only have a couple of options here, and the >open.smtp file does appear to be one of them.. As I understand it from >the documentation, the open-smtp file is definitely the log that is used >to record the actual IP addresses that are captured with the >--enable-roaming-users=y option. That's all fine and good.. Yes, it's that. >The problem is the 'clearopensmtp' daemon that you have to run every >hour.. It clears / updates this logfile from any entries that are older >than your specified time delay. This is easy to implement. Just put a CRONTAB. The recommended value is 9-59,10 * * * * /.../clearopensmtp... >Poprelayd would work fine with a >simple mod to the scanaddr routine otherwise, as the two key bits of >information are in the file (IP address and timestamp). However, >poprelay is setup to scan forward from the last EOF in a normal >accumulative logfile. This would also have to be turned off to rescan >your open-smtp file from the beginning each time. Yes, I understand. >One other question that comes to mind is that it seems that the apparent >default length of time to allow an authenticated POP3 user as a valid >relay seems abnormally long to me (somewhere along the lines of 3 >days??? or 3 hours?? In any case, it's definitely not minutes... ). >Would you change the Vpopmail cleaning routines to tighten that up? The --enable-relay-clear-minutes=N of the VpopMail configure can be changed to what you want. The default is 180 minutes but I have put 60. >That being said, poprelayd wouldn't need a huge mod to work with it... >Simply scan the logfile every few minutes, and rebuild as you go for >ASSP to allow it. You can even script the running of the >'clearopensmtp' program to be followed with the poprelayd daemon so >that the popip database is rebuilt at each cleanup... I don't know if >my skills to Perl are quite up to snuff in making the mod for Vpopmail >logs, but I'll give it a go and see if you can get it working in >poprelayd. My Perl skill is also minimal. >There is an alternative as well... But that will definitely go beyond my >skills to implement. The resultant compiled database 'open-smtp.cdb' >contains the current list of ALL valid IP's that can relay after updates >from 'clearopensmtp'. I have NO idea what the compiled format looks >like inside with regards to information available, field positioning, >etc, nor do I know how to implement CDB Dbase support inside of Perl. >But ultimately, if you only wanted to modify the PopB4SMTP routine >inside of ASSP customized to VpopMail, then THIS is the database you >will need to search&scan for authorization.. NOT the logfile. But like >I said, I don't know the structure of that compiled database (doesn't >seem to be very well documented at a glance), nor how to get CDB Dbase >support working in Perl... But if you can figure that part out, then >perhaps there is something you could do with ASSP directly as well. Yes, but why not use the "open-smtp file" text format in a loop in the PopB4SMTP routine? For normal installations, it will not be resource-eating. I have two other solutions but I will be unhappy with them: - Say to ASSP that it must allow all connexions (if it's technicallay possible); because QMAIL is never an open-relay this will work, but what a waste of resources... - don't use ASSP anymore (I currently used it since 3 months on my actual Netscape 4 MTA on Windows NT) and use SpamAssassin and Qmail on my new G5 machine. Thus, my technical preference is to find a Perl-guru which modifies the PopB4SMTP subroutine to scan the text file produced by vpopmail. I recall the syntax: 217.136.25.107:allow,RELAYCLIENT="",RBLSMTP="" 10642239803 If I had time, I would learn Perl... Guy |
From: Ged W. <gw...@gh...> - 2003-09-25 22:33:32
|
I am sure this has been answered somewhere before. but here goes. Is there a way to stop emails that local users send out from adding to the whitelist? Here is an example: HYPERLINK "mailto:yph...@bo..."yphgaqejawyxdosabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxdveabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxmf8abwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxmpmabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxpawabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxqn8abwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxtncabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyxupgabwa= a aaa...@bo... HYPERLINK "mailto:yph...@bo..."yphgaqejawyzuvoabwa= a aaa...@bo... I have several users that get email from lists, when they reply to the list= it gets added to the whitelist. Can I use a regular expression to essentially redlist mail goling to these types of lists? I don't really se= e it as a problem, it doesn't effect the way assp works it just clutters up m= y whitelist (and I am neat freak) :-0 I am just curious if it can be done that is all. I am not asking for a new= feature to be added or anything like that. I just want a check box at the bottom of the config page, that says "check this box to have ASSP make your dinner, wash your car, and do your laundry"= . I'm not asking for much. :-) Thanks Ged --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. |
From: Robert <ro...@dr...> - 2003-09-24 19:06:23
|
Hello Guy, Actually, now having spent a very few minutes reviewing Vpopmail and Qmail... You really only have a couple of options here, and the open.smtp file does appear to be one of them.. As I understand it from the documentation, the open-smtp file is definitely the log that is used to record the actual IP addresses that are captured with the --enable-roaming-users=y option. That's all fine and good.. The problem is the 'clearopensmtp' daemon that you have to run every hour.. It clears / updates this logfile from any entries that are older than your specified time delay. Poprelayd would work fine with a simple mod to the scanaddr routine otherwise, as the two key bits of information are in the file (IP address and timestamp). However, poprelay is setup to scan forward from the last EOF in a normal accumulative logfile. This would also have to be turned off to rescan your open-smtp file from the beginning each time. One other question that comes to mind is that it seems that the apparent default length of time to allow an authenticated POP3 user as a valid relay seems abnormally long to me (somewhere along the lines of 3 days??? or 3 hours?? In any case, it's definitely not minutes... ). Would you change the Vpopmail cleaning routines to tighten that up? That being said, poprelayd wouldn't need a huge mod to work with it... Simply scan the logfile every few minutes, and rebuild as you go for ASSP to allow it. YOu can even script the running of the 'clearopensmtp' program to be followed with the poprelayd daemon so that the popip database is rebuilt at each cleanup... I don't know if my skills to Perl are quite up to snuff in making the mod for Vpopmail logs, but I'll give it a go and see if you can get it working in poprelayd. There is an alternative as well... But that will definitely go beyond my skills to implement. The resultant compiled database 'open-smtp.cdb' contains the current list of ALL valid IP's that can relay after updates from 'clearopensmtp'. I have NO idea what the compiled format looks like inside with regards to information available, field positioning, etc, nor do I know how to implement CDB Dbase support inside of Perl. But ultimately, if you only wanted to modify the PopB4SMTP routine inside of ASSP customized to VpopMail, then THIS is the database you will need to search&scan for authorization.. NOT the logfile. But like I said, I don't know the structure of that compiled database (doesn't seem to be very well documented at a glance), nor how to get CDB Dbase support working in Perl... But if you can figure that part out, then perhaps there is something you could do with ASSP directly as well. All this being said, you need to choose which way you'd like to go with this. I can try to help depending on your preferences, and I would also tell you one additional point to consider: If you do go for the ASSP-modification to CDB, you are on your own to keep porting that code forward thru all upgrades... As John said, it's a user-supported option, with the default Berkely-DB format being the basic support he's offered. If you can live with that, then by all means go for it. However, if you'd like to avoid always forward-porting your custom mods, then I'd recommend making the changes to the poprelayd daemon instead, which can be included in the poprelayd distro on SourceForge for everyone else to use later on.. That will take away any mods to ASSP, and keep your future upgrades simple... And this mod to poprelayd is also a one-time mod to include Vpopmail that will keep on working until the format of Vpopmail logs change down the road as well. All around, it just makes life simple to maintain I think. Robert > -----Original Message----- > From: ass...@li... > [mailto:ass...@li...] On Behalf Of Guy LOUIS > Sent: September 24, 2003 12:22 PM > To: ass...@li... > Subject: RE: [Assp-user] Is VPopMail PopBeforeSmtp compatible > with ASSP? > > > Hi Robert, > > I carefully red your explanations about PopB4SMTP. But I think > poprelay is incompatible with Qmail/VPopmail. > > 1) The file VPopmail updates for each pop3 connexion resembles a log > file but is not compatible with the heart on the poprelayd Perl > script which expects a "standard?" pop3 logfile. I recall you a line > of the /home/vpopmail/etc/open-smtp file: > > 217.136.25.107:allow,RELAYCLIENT="",RBLSMTP="" 10642239803 > > > 2) The poprelayd perl script is not able to analyse the POP3 log > created by qmail's POP3 daemon. Here is the tail of this log (with > 130.104.59.6 and 217.136.47.47 being the pop3 connexions): > > @400000003f7006541ef06edc tcpserver: status: 0/40 > @400000003f701357141f6bac tcpserver: status: 1/40 > @400000003f7013571489aecc tcpserver: pid 741 from 130.104.59.6 @400000003f7013571489ba84 tcpserver: ok 741 0:130.104.59.23:110:130.104.59.6::36778 > @400000003f7013572b9bb434 tcpserver: end 741 status 256 > @400000003f7013572b9bc3d4 tcpserver: status: 0/40 > @400000003f7019f3007466d4 tcpserver: status: 0/40 > @400000003f70c4ae3816f494 tcpserver: status: 1/40 > @400000003f70c4ae382d4f3c tcpserver: pid 3566 from 217.136.47.47 @400000003f70c4ae382d5af4 tcpserver: ok 3566 0:130.104.59.23:110:217.136.47.47::33487 > @400000003f70c4af1371ca74 tcpserver: end 3566 status 256 > @400000003f70c4af1371d62c tcpserver: status: 0/40 > > Do you see a solution to my initial problem? I think the best is to > modify the PopB4SMTP subroutine of assp.pl to scan the > /home/vpopmail/etc/open-smtp file. But I am not a Perl-Guru... > > Best, Guy > > >Just to clarify the PopB4SMTP option: > > > >It is currently 100% compatible with the 'poprelayd' daemon & add-on > >rules for sendmail > (http://sourceforge.net/projects/poprelay ).., and > >the current daemon maillog entries for QPOPPER, most stock POP3 > >daemons, and a few others... > > > >Poprelayd parses the specified maillog file for any POP3 login > >authentication information, extracts what it needs, and > throws it into > >it's own popip.db format, using the BERKELY DB_HASH (pretty > much the > >default method) datafile support... > > > >It would (or should) work just as well for Qmail as well... > You don't > >need the ruleset add-ons, but the poprelayd daemon (which > is another > >simple PERL script) can easily transform your 'DB file' from > VpopMail > >(really, it looks more like a maillog file) into the needed > format for > >ASSP's PopB4SMTP format... > > > >I'd highly recommend avoid re-writing the book on ASSP's PopB4SMTP > >routine, and suggest the use of the 'poprelayd' daemon instead to > >convert any POP3 logs into the right format... That's what it was > >designed to do, with the added feature of also having rulesets > >available to add into 'sendmail' if you wanted to incorporate the > >functionality as it doesn't have it by default. > > > >Just for FYI: The daemon will create the DB file as > /etc/mail/popip.db > >by default, which is the only thing you'll need to specify > in the ASSP > >PopB4SMTP routine variable $filename... This should also work just > >nicely in both Linux and Windows, if you can get the poprelayd > >installed as another service like assp is. However, your > filenames and > >directories will need to be corrected. I've not tested it > in a Windows > >environment, you will have to experiment a bit... > > > >I believe the current routine should look like this: > > > > # If you want to allow pop before smtp uncomment this line and > >implement the PopB4SMTP sub below > > return 1 if PopB4SMTP($ip); > > > > # failed all tests -- return 0 > > 0; > >} > > > ># if you want to allow pop before smtp authentication then umcomment > >the line above # where this sub is called and edit this sub to be > >appropriate for your implementation > ># This one works with the default poprelay sendmail hack from > >Sourceforge. > >sub PopB4SMTP { > > my $ip=shift; > > my $filename = "/etc/mail/popip.db" ; > > my $flags = O_READ; > > my $mode = "0444" ; > > use DB_File ; > > my %hash; > > tie %hash, 'DB_File', $filename, $flags, $mode, $DB_HASH ; > > if($hash{$ip} > 0) { > > untie %hash; > > return 1; > > } else { > > untie %hash; > > return 0; > > } > >} > > > >You may want to double-check it to make sure, I've seen reports of a > >missing parameter or two somehow, but this has been in place since > >V0.3.5 since I worked it out with John... > > > > > >Robert Toth > > > >> -----Original Message----- > >> From: ass...@li... > >> [mailto:ass...@li...] On Behalf Of Guy > >> LOUIS > >> Sent: September 22, 2003 10:22 AM > >> To: ASSP-UserList > >> Subject: [Assp-user] Is VPopMail PopBeforeSmtp compatible > with ASSP? > >> > >> > >> Hi all, > >> > >> In the ASSP interface, you can specify a "POP Before SMTP > DB File". > >> In order to ASSP is aware of it, you must also uncomment the line > >> #return 1 if PopB4SMTP($IP). Fine. > >> > >> Under Qmail, you can configure VpopMail to use Pop before > SMTP, with > >> the --enable-roaming-users=y. > >> > > > The DB file for this feature is /home/vpopmail/etc/open-smtp > >> > >> Here is an example of a line of this file: > >> > > > 217.136.25.107:allow,RELAYCLIENT="",RBLSMTP="" 10642239803 > >> > >> Is this file compatible with the above ASSP feature? > >> > >> Thanks, Guy > >> > >> > >> ------------------------------------------------------- > >> This sf.net email is sponsored by:ThinkGeek > >> Welcome to geek heaven. > >> http://thinkgeek.com/sf > >> _______________________________________________ > >> Assp-user mailing list > >> Ass...@li... > >> https://lists.sourceforge.net/lists/listinfo/a> ssp-user > >> > >> > > > > > > > > > >------------------------------------------------------- > >This sf.net email is sponsored by:ThinkGeek > >Welcome to geek heaven. > >http://thinkgeek.com/sf > _______________________________________________ > >Assp-user mailing list > >Ass...@li... > >https://lists.sourceforge.net/lists/listinfo/assp-user > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Assp-user mailing list > Ass...@li... > https://lists.sourceforge.net/lists/listinfo/assp-user > |
From: Guy L. <lo...@co...> - 2003-09-24 16:22:32
|
Hi Robert, I carefully red your explanations about PopB4SMTP. But I think poprelay is incompatible with Qmail/VPopmail. 1) The file VPopmail updates for each pop3 connexion resembles a log file but is not compatible with the heart on the poprelayd Perl script which expects a "standard?" pop3 logfile. I recall you a line of the /home/vpopmail/etc/open-smtp file: 217.136.25.107:allow,RELAYCLIENT="",RBLSMTP="" 10642239803 2) The poprelayd perl script is not able to analyse the POP3 log created by qmail's POP3 daemon. Here is the tail of this log (with 130.104.59.6 and 217.136.47.47 being the pop3 connexions): @400000003f7006541ef06edc tcpserver: status: 0/40 @400000003f701357141f6bac tcpserver: status: 1/40 @400000003f7013571489aecc tcpserver: pid 741 from 130.104.59.6 @400000003f7013571489ba84 tcpserver: ok 741 0:130.104.59.23:110 :130.104.59.6::36778 @400000003f7013572b9bb434 tcpserver: end 741 status 256 @400000003f7013572b9bc3d4 tcpserver: status: 0/40 @400000003f7019f3007466d4 tcpserver: status: 0/40 @400000003f70c4ae3816f494 tcpserver: status: 1/40 @400000003f70c4ae382d4f3c tcpserver: pid 3566 from 217.136.47.47 @400000003f70c4ae382d5af4 tcpserver: ok 3566 0:130.104.59.23:110 :217.136.47.47::33487 @400000003f70c4af1371ca74 tcpserver: end 3566 status 256 @400000003f70c4af1371d62c tcpserver: status: 0/40 Do you see a solution to my initial problem? I think the best is to modify the PopB4SMTP subroutine of assp.pl to scan the /home/vpopmail/etc/open-smtp file. But I am not a Perl-Guru... Best, Guy >Just to clarify the PopB4SMTP option: > >It is currently 100% compatible with the 'poprelayd' daemon & add-on >rules for sendmail (http://sourceforge.net/projects/poprelay ).., and >the current daemon maillog entries for QPOPPER, most stock POP3 daemons, >and a few others... > >Poprelayd parses the specified maillog file for any POP3 login >authentication information, extracts what it needs, and throws it into >it's own popip.db format, using the BERKELY DB_HASH (pretty much the >default method) datafile support... > >It would (or should) work just as well for Qmail as well... You don't >need the ruleset add-ons, but the poprelayd daemon (which is another >simple PERL script) can easily transform your 'DB file' from VpopMail >(really, it looks more like a maillog file) into the needed format for >ASSP's PopB4SMTP format... > >I'd highly recommend avoid re-writing the book on ASSP's PopB4SMTP >routine, and suggest the use of the 'poprelayd' daemon instead to >convert any POP3 logs into the right format... That's what it was >designed to do, with the added feature of also having rulesets available >to add into 'sendmail' if you wanted to incorporate the functionality as >it doesn't have it by default. > >Just for FYI: The daemon will create the DB file as /etc/mail/popip.db >by default, which is the only thing you'll need to specify in the ASSP >PopB4SMTP routine variable $filename... This should also work just >nicely in both Linux and Windows, if you can get the poprelayd installed >as another service like assp is. However, your filenames and >directories will need to be corrected. I've not tested it in a Windows >environment, you will have to experiment a bit... > >I believe the current routine should look like this: > > # If you want to allow pop before smtp uncomment this line and >implement the PopB4SMTP sub below > return 1 if PopB4SMTP($ip); > > # failed all tests -- return 0 > 0; >} > ># if you want to allow pop before smtp authentication then umcomment the >line above ># where this sub is called and edit this sub to be appropriate for your >implementation ># This one works with the default poprelay sendmail hack from >Sourceforge. >sub PopB4SMTP { > my $ip=shift; > my $filename = "/etc/mail/popip.db" ; > my $flags = O_READ; > my $mode = "0444" ; > use DB_File ; > my %hash; > tie %hash, 'DB_File', $filename, $flags, $mode, $DB_HASH ; > if($hash{$ip} > 0) { > untie %hash; > return 1; > } else { > untie %hash; > return 0; > } >} > >You may want to double-check it to make sure, I've seen reports of a >missing parameter or two somehow, but this has been in place since >V0.3.5 since I worked it out with John... > > >Robert Toth > >> -----Original Message----- >> From: ass...@li... >> [mailto:ass...@li...] On Behalf Of Guy LOUIS >> Sent: September 22, 2003 10:22 AM >> To: ASSP-UserList >> Subject: [Assp-user] Is VPopMail PopBeforeSmtp compatible with ASSP? >> >> >> Hi all, >> >> In the ASSP interface, you can specify a "POP Before SMTP DB File". >> In order to ASSP is aware of it, you must also uncomment the line >> #return 1 if PopB4SMTP($IP). Fine. >> >> Under Qmail, you can configure VpopMail to use Pop before SMTP, with >> the --enable-roaming-users=y. >> > > The DB file for this feature is /home/vpopmail/etc/open-smtp >> >> Here is an example of a line of this file: >> > > 217.136.25.107:allow,RELAYCLIENT="",RBLSMTP="" 10642239803 >> >> Is this file compatible with the above ASSP feature? >> >> Thanks, Guy >> >> >> ------------------------------------------------------- >> This sf.net email is sponsored by:ThinkGeek >> Welcome to geek heaven. >> http://thinkgeek.com/sf >> _______________________________________________ >> Assp-user mailing list >> Ass...@li... >> https://lists.sourceforge.net/lists/listinfo/a> ssp-user >> >> > > > > >------------------------------------------------------- >This sf.net email is sponsored by:ThinkGeek >Welcome to geek heaven. >http://thinkgeek.com/sf >_______________________________________________ >Assp-user mailing list >Ass...@li... >https://lists.sourceforge.net/lists/listinfo/assp-user |
From: Ged W. <gw...@gh...> - 2003-09-24 15:35:32
|
Major props out to JH on 1.0.2! I don't no what you did, but it works excellent. My rebuildspamdb is running in less than half the time that it used to. Also the added extension for the spam and non-spam files has already saved me time. Thanks John, great job! Now let's talk about a couple of new features that I would love to see down= the road. :-) I think it would be great if the Whitelisted and Blacklisted domains lists could be accessed just like the whitelist and redlist. I don't know how difficult this would be to do, and maybe it is more work than it would be worth. If I am the only person that would want it I would just say forget it, I will just have to deal. However, I have a lot of both and it is sort= of a pain to find any particular one the way they are configured right now.= (can you hear the whining? Wait, I might even be able to produce some tears.) ;-) I don't want you to think I am complaining (what else could you think? It sure sounds like complaining to me), and if these features never happen... = I won't lose any sleep. I love ASSP, I personally think it is the most innovative and effective Anti-spam server solution out there, and believe m= e our company has tried most of the "industry standards". I am now a hero at my office, all thanks to John Hanna and a little idea called assp. :-) For two weeks now (as far as I can tell) we have had not one piece of spam make init to a users inbox, nor have we had a reported false positive. Now that is a thing of beauty. ___________________________________________ Ged West, CCNA, MCSE, CNA, A+, N+ IS Specialist Grays Harbor PUD gw...@gh... Office: 360-538-6268 Cell: 360-580-4079 Fax: 360-538-6340 HYPERLINK "http://www.ghpud.org/" \nhttp://www.ghpud.org _________________________________________ -----Original Message----- From: John Hanna [mailto:jh...@cp...] Sent: Tuesday, September 23, 2003 4:13 PM To: ass...@li... Subject: [Assp-user] Version 1.0.2 released Hi. Just wanted everyone to know that the 1.0.2 version is ready to be downloaded from the sourceforge server. This release offers a couple of new features, specificaly the ability to forward all spam to a designated email address and the ability to select mail for "no processing" with a regular expression. It also fixed an important bug which caused the program to hang with blank database files (specifically dnsbl). You can also select a file extension that is automatically appended to all mail put in the spam and notspam collections.= The "forward all email to an address" feature should still be considered in= beta and bugs might show up with it. To upgrade, just replace the assp.pl and rebuildspamdb.pl files and restart= ASSP. Use the configuration interface to enable the new features. Sorry, I forgot to get the blocked executable file types into the configuration interface. I'll do that next time, and hopefully I'll have a relpacement for the DNSBL by then too. Don't forget to make a donation if you like what you see. Enjoy, John --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003 This electronic correspondence has been reviewed by Mail Essentials. |
From: John H. <jh...@cp...> - 2003-09-23 23:14:28
|
Hi. Just wanted everyone to know that the 1.0.2 version is ready to be = downloaded from the sourceforge server. This release offers a couple of new features, specificaly the ability to = forward all spam to a designated email address and the ability to select = mail for "no processing" with a regular expression. It also fixed an = important bug which caused the program to hang with blank database files = (specifically dnsbl). You can also select a file extension that is = automatically appended to all mail put in the spam and notspam = collections. The "forward all email to an address" feature should still be considered = in beta and bugs might show up with it. To upgrade, just replace the assp.pl and rebuildspamdb.pl files and = restart ASSP. Use the configuration interface to enable the new = features. Sorry, I forgot to get the blocked executable file types into the = configuration interface. I'll do that next time, and hopefully I'll have = a relpacement for the DNSBL by then too. Don't forget to make a donation if you like what you see. Enjoy, John |
From: John H. <jh...@cp...> - 2003-09-23 20:07:48
|
Messagehttp://assp.sourceforge.net/fom/cache/23.html ----- Original Message -----=20 From: Donpro=20 To: ass...@li...=20 Sent: Tuesday, September 23, 2003 1:52 PM Subject: RE: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Hi John, I can't find this in the Problems & Solutions sections. Can you provide a URL? -----Original Message----- From: ass...@li... = [mailto:ass...@li...] On Behalf Of John Hanna Sent: Tuesday, September 23, 2003 3:36 PM To: ass...@li... Subject: Re: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Don, this is normal behavior. Spammers often send mail claiming to = be from the local domain. That is why local domains can't be = whitelisted. Please see the notes in the documentation under "how to = help traveling users." john ----- Original Message -----=20 From: Donpro=20 To: ASSP User List=20 Sent: Tuesday, September 23, 2003 1:15 PM Subject: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Using 0.35 Have a user who's email domain is listed in the "local domains" = configuration. I even whitelisted her by first removing the domain, = adding her to the whitelist and adding back the domain. When she sends email to me, it gets rejected. The log says: = bayesian spam Oddly enough, when I send her email, it says: local or whitelisted What the heck is going on??? Don --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 |
From: Donpro <do...@lc...> - 2003-09-23 20:06:20
|
This didn't happen in 0.32 so I can assume that is was put in 0.33, 0.34 = or 0.35? Which one was this check placed in; I can always downgrade to one below. -----Original Message----- From: ass...@li... [mailto:ass...@li...] On Behalf Of John Hanna Sent: Tuesday, September 23, 2003 3:36 PM To: ass...@li... Subject: Re: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Don, this is normal behavior. Spammers often send mail claiming to be = from the local domain. That is why local domains can't be whitelisted. Please = see the notes in the documentation under "how to help traveling users." =20 john ----- Original Message -----=20 From: HYPERLINK "mailto:do...@lc..."Donpro=20 To: HYPERLINK "mailto:ass...@li..."ASSP User List=20 Sent: Tuesday, September 23, 2003 1:15 PM Subject: [Assp-user] Strange problem - user email keeps getting rejected = as bayesian spam Using 0.35 =20 Have a user who's email domain is listed in the "local domains" configuration. I even whitelisted her by first removing the domain, = adding her to the whitelist and adding back the domain. =20 When she sends email to me, it gets rejected. The log says: bayesian = spam =20 Oddly enough, when I send her email, it says: local or whitelisted =20 What the heck is going on??? =20 Don --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 =20 |
From: Donpro <do...@lc...> - 2003-09-23 19:50:35
|
Hi John, =20 I can't find this in the Problems & Solutions sections. =20 Can you provide a URL? -----Original Message----- From: ass...@li... [mailto:ass...@li...] On Behalf Of John Hanna Sent: Tuesday, September 23, 2003 3:36 PM To: ass...@li... Subject: Re: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Don, this is normal behavior. Spammers often send mail claiming to be = from the local domain. That is why local domains can't be whitelisted. Please = see the notes in the documentation under "how to help traveling users." =20 john ----- Original Message -----=20 From: HYPERLINK "mailto:do...@lc..."Donpro=20 To: HYPERLINK "mailto:ass...@li..."ASSP User List=20 Sent: Tuesday, September 23, 2003 1:15 PM Subject: [Assp-user] Strange problem - user email keeps getting rejected = as bayesian spam Using 0.35 =20 Have a user who's email domain is listed in the "local domains" configuration. I even whitelisted her by first removing the domain, = adding her to the whitelist and adding back the domain. =20 When she sends email to me, it gets rejected. The log says: bayesian = spam =20 Oddly enough, when I send her email, it says: local or whitelisted =20 What the heck is going on??? =20 Don --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 =20 |
From: John H. <jh...@cp...> - 2003-09-23 19:37:08
|
MessageDon, this is normal behavior. Spammers often send mail claiming = to be from the local domain. That is why local domains can't be = whitelisted. Please see the notes in the documentation under "how to = help traveling users." john ----- Original Message -----=20 From: Donpro=20 To: ASSP User List=20 Sent: Tuesday, September 23, 2003 1:15 PM Subject: [Assp-user] Strange problem - user email keeps getting = rejected as bayesian spam Using 0.35 Have a user who's email domain is listed in the "local domains" = configuration. I even whitelisted her by first removing the domain, = adding her to the whitelist and adding back the domain. When she sends email to me, it gets rejected. The log says: bayesian = spam Oddly enough, when I send her email, it says: local or whitelisted What the heck is going on??? Don --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.520 / Virus Database: 318 - Release Date: 9/18/2003 |