From: Novak A. <an...@no...> - 2014-04-07 17:17:02
|
Hi everyone Our users using smtp authentication to send mail. At times, passwords are released due to infected machines to the Internet. These passwords from external networks to send spam server through. How to configure the following: Allow authentication to send mail only internal network. External networks can not be sent, even if you write the correct authentication. Sorry for my bad english. Thanks, Attila |
From: John H. <jh...@cp...> - 2004-06-14 16:43:53
|
Ced, it's only true if the ratio of spam to notspam from that helo is greater than 50 : 1. Otherwise I suppose you could change this line: } elsif($HeloBlackObject && $HeloBlack{$this->{helo}}) { to be something like this: } elsif($this->{helo}~!/this\.domain\.ok/i && $HeloBlackObject && $HeloBlack{$this->{helo}}) { Where this.domain.ok is the helo you don't want to block. John ----- Original Message ----- From: "Ced Paine" <cp...@fe...> To: <ass...@li...> Cc: <ass...@li...> Sent: Sunday, June 13, 2004 6:26 AM Subject: Re: [Assp-user] helo blacklist > I have to admit that I haven't yet upgraded to 1.0.10d, but after looking > over the documentation, I'm pretty sure that I won't be able to use the > helo blacklist feature. The reason is that it's almost certain to start > blocking mail that comes in via our secondary MX. Under normal conditions, > almost all the mail that arrives this way is spam, but I need to always > allow this mail for those rare situations when our primary MX goes offline > or one of our users addresses another local user using an Internet address. > > A useful feature would be a "helo whitelist" that would keep addresses > such as this one off the helo blacklist without automatically classifying > the mail as notspam. > > Ced |
From: Ced P. <cp...@fe...> - 2004-06-15 10:33:20
|
Thanks John! That's exactly what I needed. Ced ass...@li... writes: >Ced, it's only true if the ratio of spam to notspam from that helo is >greater than 50 : 1. Otherwise I suppose you could change this line: > > } elsif($HeloBlackObject && $HeloBlack{$this->{helo}}) { > >to be something like this: > > } elsif($this->{helo}~!/this\.domain\.ok/i && $HeloBlackObject && >$HeloBlack{$this->{helo}}) { > >Where this.domain.ok is the helo you don't want to block. > >John > > >----- Original Message ----- >From: "Ced Paine" <cp...@fe...> >To: <ass...@li...> >Cc: <ass...@li...> >Sent: Sunday, June 13, 2004 6:26 AM >Subject: Re: [Assp-user] helo blacklist > > >> I have to admit that I haven't yet upgraded to 1.0.10d, but after >looking >> over the documentation, I'm pretty sure that I won't be able to use the >> helo blacklist feature. The reason is that it's almost certain to start >> blocking mail that comes in via our secondary MX. Under normal >conditions, >> almost all the mail that arrives this way is spam, but I need to always >> allow this mail for those rare situations when our primary MX goes >offline >> or one of our users addresses another local user using an Internet >address. >> >> A useful feature would be a "helo whitelist" that would keep addresses >> such as this one off the helo blacklist without automatically >classifying >> the mail as notspam. >> >> Ced > > > >------------------------------------------------------- >This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the >one installation-authoring solution that does it all. Learn more and >evaluate today! http://www.installshield.com/Dev2Dev/0504 >_______________________________________________ >Assp-user mailing list >Ass...@li... >https://lists.sourceforge.net/lists/listinfo/assp-user |
From: Ced P. <cp...@fe...> - 2004-06-15 22:00:40
|
Oops! I spoke too soon. I set up 1.0.10d today. It ran fine until I tried to implement this hack, which caused it to shut down on startup. Editing out the added conditional fixed the problem. I don't know anything about Perl so I can't troubleshoot it. Any help would be appreciated. Ced Ced Paine writes: >Thanks John! That's exactly what I needed. > >Ced > >ass...@li... writes: >Ced, it's only true if the ratio of spam to notspam from that helo is >greater than 50 : 1. Otherwise I suppose you could change this line: > > } elsif($HeloBlackObject && $HeloBlack{$this->{helo}}) { > >to be something like this: > > } elsif($this->{helo}~!/this\.domain\.ok/i && $HeloBlackObject && >$HeloBlack{$this->{helo}}) { > >Where this.domain.ok is the helo you don't want to block. > >John > > >----- Original Message ----- >From: "Ced Paine" <cp...@fe...> >To: <ass...@li...> >Cc: <ass...@li...> >Sent: Sunday, June 13, 2004 6:26 AM >Subject: Re: [Assp-user] helo blacklist > > >> I have to admit that I haven't yet upgraded to 1.0.10d, but after >looking >> over the documentation, I'm pretty sure that I won't be able to use the >> helo blacklist feature. The reason is that it's almost certain to start >> blocking mail that comes in via our secondary MX. Under normal >conditions, >> almost all the mail that arrives this way is spam, but I need to always >> allow this mail for those rare situations when our primary MX goes >offline >> or one of our users addresses another local user using an Internet >address. >> >> A useful feature would be a "helo whitelist" that would keep addresses >> such as this one off the helo blacklist without automatically >classifying >> the mail as notspam. >> >> Ced > > > >------------------------------------------------------- >This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the >one installation-authoring solution that does it all. Learn more and >evaluate today! http://www.installshield.com/Dev2Dev/0504 >_______________________________________________ >Assp-user mailing list >Ass...@li... >https://lists.sourceforge.net/lists/listinfo/assp-user > |
From: John H. <jh...@cp...> - 2004-06-16 17:33:43
|
My typo... sorry: elsif($this->{helo}~!/this\.domain\.ok/i && $HeloBlackObject && $HeloBlack{$this->{helo}}) { should be this: elsif($this->{helo}!~/this\.domain\.ok/i && $HeloBlackObject && $HeloBlack{$this->{helo}}) { which is to say that the ~ and ! need to be switched. j ----- Original Message ----- From: "Ced Paine" <cp...@fe...> To: <ass...@li...> Sent: Tuesday, June 15, 2004 3:59 PM Subject: Re: [Assp-user] helo blacklist > Oops! I spoke too soon. I set up 1.0.10d today. It ran fine until I tried > to implement this hack, which caused it to shut down on startup. Editing > out the added conditional fixed the problem. I don't know anything about > Perl so I can't troubleshoot it. Any help would be appreciated. > > Ced > > Ced Paine writes: > >Thanks John! That's exactly what I needed. > > > >Ced > > > >ass...@li... writes: > >Ced, it's only true if the ratio of spam to notspam from that helo is > >greater than 50 : 1. Otherwise I suppose you could change this line: > > > > } elsif($HeloBlackObject && $HeloBlack{$this->{helo}}) { > > > >to be something like this: > > > > } elsif($this->{helo}~!/this\.domain\.ok/i && $HeloBlackObject && > >$HeloBlack{$this->{helo}}) { > > > >Where this.domain.ok is the helo you don't want to block. > > > >John > > > > > >----- Original Message ----- > >From: "Ced Paine" <cp...@fe...> > >To: <ass...@li...> > >Cc: <ass...@li...> > >Sent: Sunday, June 13, 2004 6:26 AM > >Subject: Re: [Assp-user] helo blacklist > > > > > >> I have to admit that I haven't yet upgraded to 1.0.10d, but after > >looking > >> over the documentation, I'm pretty sure that I won't be able to use the > >> helo blacklist feature. The reason is that it's almost certain to start > >> blocking mail that comes in via our secondary MX. Under normal > >conditions, > >> almost all the mail that arrives this way is spam, but I need to always > >> allow this mail for those rare situations when our primary MX goes > >offline > >> or one of our users addresses another local user using an Internet > >address. > >> > >> A useful feature would be a "helo whitelist" that would keep addresses > >> such as this one off the helo blacklist without automatically > >classifying > >> the mail as notspam. > >> > >> Ced > > > > > > > >------------------------------------------------------- > >This SF.Net email is sponsored by the new InstallShield X. > >From Windows to Linux, servers to mobile, InstallShield X is the > >one installation-authoring solution that does it all. Learn more and > >evaluate today! http://www.installshield.com/Dev2Dev/0504 > >_______________________________________________ > >Assp-user mailing list > >Ass...@li... > >https://lists.sourceforge.net/lists/listinfo/assp-user > > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference > Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer > Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA > REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND > _______________________________________________ > Assp-user mailing list > Ass...@li... > https://lists.sourceforge.net/lists/listinfo/assp-user |
From: Cameron B. <cam...@ya...> - 2006-03-03 01:31:30
|
Dear All I just upgraded from 1.1.1 to 1.1.2b1 by getting the upgrade package , stopping the assp service, copying over the files into my assp directory and then starting the service again. Now I can't access the web admin at all - I just get 'done' at the bottom of Firefox and an empty page, no password request. I have tried restarting firefox in case it was a cacheing/cookie issue and the maillog.txt says assp is listening on port 55555 I just can't see anything? Does anyone have any ideas what's gone wrong (and no I didn't overwrite the cfg file - that's still the original version) -- Regards Cameron Biggart IT Manager Yaffa Publishing (02) 9281 2333 cam...@ya... |
From: Cameron B. <cam...@ya...> - 2006-03-03 02:12:09
|
Cameron Biggart wrote: > Dear All > > I just upgraded from 1.1.1 to 1.1.2b1 by getting the upgrade package , > stopping the assp service, copying over the files into my assp > directory and then starting the service again. > Now I can't access the web admin at all - I just get 'done' at the > bottom of Firefox and an empty page, no password request. I have tried > restarting firefox in case it was a cacheing/cookie issue and the > maillog.txt says assp is listening on port 55555 I just can't see > anything? Does anyone have any ideas what's gone wrong (and no I > didn't overwrite the cfg file - that's still the original version) > Ok as a follow-up... I tried copying the files from a full install into the directory, same result. I also noticed that suddenly all bayesian spam is being delivered, the upgrade had set all the test modes to 1 in the config file. The log file was reporting the web connection Mar-3-06 12:51:57 Admin connection from xxx.x.x.xx:4551; page:/ Mar-3-06 12:52:04 Admin connection from xxx.x.x.xx:4552; page:/maillog but not actually serving any pages. I've dropped back to 1.1.1 final for now but I'd love to sort this out if anyone has any ideas. -- Regards Cameron Biggart IT Manager Yaffa Publishing (02) 9281 2333 cam...@ya... |
From: Fritz B. <fb...@iw...> - 2006-03-03 07:42:18
|
>I just upgraded from 1.1.1 to 1.1.2b1 by getting the upgrade package >, >stopping the assp service, copying over the files into my assp >directory >and then starting the service again. There is s new directory inside ASSP 1.1.2 called "Images". It is part of the upgrade-package. Make sure this directory and its content is now in your ASSP directory and is accessable. http://www.magicvillage.de/~Fritz_Borgstedt/assp/S055F4C3F?WasRead=1 |
From: Cameron B. <cam...@ya...> - 2006-03-03 14:10:11
|
----- Original Message ----- From: "Fritz Borgstedt" <fb...@iw...> To: <ass...@li...> Sent: Friday, March 03, 2006 6:43 PM Subject: Re: [Assp-user] Web interface stopped responding? >I just upgraded from 1.1.1 to 1.1.2b1 by getting the upgrade package >, >stopping the assp service, copying over the files into my assp >directory >and then starting the service again. There is s new directory inside ASSP 1.1.2 called "Images". It is part of the upgrade-package. Make sure this directory and its content is now in your ASSP directory and is accessable. http://www.magicvillage.de/~Fritz_Borgstedt/assp/S055F4C3F?WasRead=1 Yes, I had already installed that folder as part of the upgrade files, but just to be sure I re-downloaded it separately from your link and made sure it was everyone-full control. Still no luck. The server accepts the connection on port 55555 but never asks me for a username/password and then if I switch back to the 1.1.1 version I can see the log entry saying it loaded an admin connection to the maillog page - but never displayed anything.. That is in Firefox, if I switch to IE and try again I get "the page cannot be displayed" page. Here's the log file snippet from startup for 1.1.2 that doesn't work: Mar-4-06 01:03:55 Starting as a service Mar-4-06 01:03:56 ASSP version 1.1.2 beta 1 (Perl 5.006001) initializing Mar-4-06 01:03:56 Net::LDAP module not installed Mar-4-06 01:03:56 Net::DNS module not installed Mar-4-06 01:03:56 Email::Valid module not installed Mar-4-06 01:03:56 Mail::SPF::Query module not installed Mar-4-06 01:03:56 Mail::SRS module not installed - Sender Rewriting Scheme disabled Mar-4-06 01:03:56 Compress::Zlib module version 1.22 installed - HTTP compression available Mar-4-06 01:03:56 Digest::MD5 module version 2.33 installed - delaying will use MD5 keys for hashes Mar-4-06 01:03:56 File::ReadBackwards module not installed - searching of log files disabled Mar-4-06 01:03:56 Time::HiRes module not installed - CPU usage statistics disabled Mar-4-06 01:03:56 Listening for mail connections at 25 and admin connections at 55555 Mar-4-06 01:03:56 Loading virus definitions ... Mar-4-06 01:03:56 Virus definitions loaded; count=424 Mar-4-06 01:03:56 Starting and 1.1.1 that does: Mar-4-06 01:07:16 Starting as a Service Mar-4-06 01:07:17 ASSP version 1.1.1Final initializing Mar-4-06 01:07:17 LDAP module not installed. Mar-4-06 01:07:17 Net DNS module not installed. Mar-4-06 01:07:17 Email address valid module not installed. Mar-4-06 01:07:17 SPF query module not installed. Mar-4-06 01:07:17 Listening for mail connections at 25 and admin connections at 55555 Mar-4-06 01:07:17 Loading Virus definitions ... Mar-4-06 01:07:17 Virus definitions loaded; count=424 Mar-4-06 01:07:17 Starting Could one of the modules not being loaded be the problem? If so which one do I need to install? Cameron |
From: Marrco <as...@mi...> - 2006-03-16 14:03:02
|
i simply don't use bayes. Too many problems, and no real benefits over a = well configured antispam system graylisting + rbf + helo filtering + Blacklisted Domains is enough for = me, with near to 0% false positives=20 (this is my raccomanded dnsbl setting, really safe, so 'maximum hits' is = set to 1) sbl-xbl.spamhaus.org dul.dnsbl.sorbs.net list.dsbl.org combined.njabl.org ----- Original Message -----=20 From: Dickson, Paul=20 To: ass...@li...=20 Sent: Thursday, March 16, 2006 2:13 PM Subject: [Assp-user] newsletters idenified as spam.. 1.1.2b6 How does the rest of the community handle this? I've been monitoring = the mailbox that forwards to both "This is not spam" and "Whitelist", = and see that most of what people forward as falsely tagged HAM are = newsletters. =20 =20 We are currently in Bayesian testing mode, with the rest of the = features in full effect. Once we go out of testing mode, if we ever do, = I'm not sure how we will handle newsletters where there is no one on the = sending side to receive the "500 error" message and do the appropriate = action to get whitelisted.=20 =20 =20 How is the rest of the community dealing with this? =20 =20 Thanks! Paul |
From: Fritz B. <fb...@iw...> - 2006-03-16 14:17:35
|
ass...@li... schreibt: >(this is my raccomanded dnsbl setting, really safe, so 'maximum hits' >is set to 1) > >sbl-xbl.spamhaus.org >dul.dnsbl.sorbs.net >list.dsbl.org >combined.njabl.org It is not safe. I made some statistics for me. I run sbl-xbl.spamhaus.org|bl.spamcop.net|combined.njabl.org|dnsbl.sorbs.net|unconfirmed.dsbl.org|dnsbl-2.uceprotect.net|cbl.abuseat.org|blackholes.five-ten-sg.com|hil.habeas.com|relays.ordb.org with maxhits = 2 |
From: Marrco <as...@mi...> - 2006-03-24 12:37:23
|
one small cosmetic issue: in SPAM Lover Options / Spam-Lover Addresses* i suggest defaulting to abuse|postmaster (i just keep abuse @ my primarydomain), but it should be at least the address listed in SPAM Control / Spam Error message send error reports to... |
From: Fritz B. <fb...@iw...> - 2006-03-24 14:19:42
|
ass...@li... schreibt: >but it should be at least the address listed in SPAM Control >/ Spam Error message send error reports to... why that? These adresses should be not known to the outside. They should be only reachable via authenticated mail or internal. |
From: Marrco <as...@mi...> - 2006-03-24 14:51:26
|
>> ass...@li... schreibt: >> but it should be at least the address listed in SPAM Control >> / Spam Error message send error reports to... > why that? These adresses should be not known to the outside. They > should be only reachable via authenticated mail or internal. per RFC (2821 section 4.5.1) postmaster@domain must always be reachable from any other system in the internet on a well managed server abuse@domain is always reachable filtering errors can happen, and it's a good choice to have abuse desk always reachable. My personal setting is to have only abuse@main-domain in spamlover list, spammers are not often so stupid to spam abuse desks. what i mean is that ASSP should suggest as a default for "Spam-Lover Addresses" abuse|postmaster with a note that the address listed in "SPAM Control/Spam Error" should be written here too. |
From: Marrco <as...@mi...> - 2006-03-25 12:33:15
|
just downloaded and did a compare files with an older rc. Could find no differences (the 2 files also have the same size 270.162 bytes) is http://www.magicvillage.de/~Fritz_Borgstedt/assp/S0566AFC4.18/assp.pl the right link ? i downloaded starting from : http://www.magicvillage.de/~Fritz_Borgstedt/assp/S0566AFC4?WasRead=1 |
From: Fritz B. <fb...@iw...> - 2006-03-25 13:05:54
|
ass...@li... schreibt: >just downloaded and did a compare files with an older rc. Could find >no >differences (the 2 files also have the same size 270.162 bytes) Seems, that my server has sometimes to much cash arg... cache. It is better you go always to the folder: http://www.magicvillage.de/~Fritz_Borgstedt/assp/ and look there for the newest one. |
From: Marrco <as...@mi...> - 2006-03-25 16:48:21
|
Hi fritz, a feature i miss a lot (or at least i'm not able to find) is a blacklist that allows me block ip ranges. Not only /16 or /24 (easy match via regex), but also /22 etc. i found this perl module Net::IP::Match::Regexp - Efficiently match IP addresses against ranges and i think it could easily solve the problem what do you think ? |
From: Fritz B. <fb...@iw...> - 2006-03-25 17:05:13
|
ass...@li... schreibt: > >what do you think ? feature freeze. |
From: Marrco <as...@mi...> - 2006-03-27 07:25:55
|
once again, when i download from your server i keep getting an old beta version (the one you built saturday, i suppose) http://www.magicvillage.de/~Fritz_Borgstedt/assp/ and then click on http://www.magicvillage.de/~Fritz_Borgstedt/assp/S0569AB34?WasRead=1 to find the link to http://www.magicvillage.de/~Fritz_Borgstedt/assp/S0569AB34.18/assp.pl could pls check. tia marco |
From: Fritz B. <fb...@iw...> - 2006-03-27 12:04:27
|
ass...@li... schreibt: > >could pls check. Ok, something is wrong with the webserver-cache. anyway, please go to: http://www.iworld.de/homes/fb/ASSP/ |
From: Marrco <as...@mi...> - 2006-03-27 13:44:38
|
thx .. now i'm running # RLC8 27.03.2006 i'll report to you later. ----- Original Message ----- From: "Fritz Borgstedt" <fb...@iw...> To: <ass...@li...> Sent: Monday, March 27, 2006 2:06 PM Subject: Re: [Assp-user] 1.1.2 b 8 RLC7 not available ass...@li... schreibt: > >could pls check. Ok, something is wrong with the webserver-cache. anyway, please go to: http://www.iworld.de/homes/fb/ASSP/ ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ Assp-user mailing list Ass...@li... https://lists.sourceforge.net/lists/listinfo/assp-user |
From: Marrco <as...@mi...> - 2006-03-27 13:49:27
|
how comes rlc8 has a $modversion = beta 7 ? older version was $modversion beta8 (and no # rlcnumber) yep, i do a text compare before testing new versions... |
From: Fritz B. <fb...@iw...> - 2006-03-28 17:31:44
|
ass...@li... schreibt: >how comes rlc8 has a $modversion = beta 7 ? how comes? Believe it or not, I make mistakes. |
From: Micheal E. J. <mic...@gm...> - 2006-03-28 17:33:41
|
Say it isn't so! ;-) On 3/28/06, Fritz Borgstedt <fb...@iw...> wrote: > ass...@li... schreibt: > >how comes rlc8 has a $modversion =3D beta 7 ? > > how comes? > Believe it or not, I make mistakes. > > > > ------------------------------------------------------- > This SF.Net email is sponsored by xPML, a groundbreaking scripting langua= ge > that extends applications into web and mobile media. Attend the live webc= ast > and join the prime developer group breaking into this new coding territor= y! > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D110944&bid=3D241720&dat= =3D121642 > _______________________________________________ > Assp-user mailing list > Ass...@li... > https://lists.sourceforge.net/lists/listinfo/assp-user > -- ME2 |
From: Doug T. <dtr...@hf...> - 2006-03-27 17:00:58
|
> revert to a previos version, or modify the source. For what i can see, > there's no checkbox at the moment (b7 rlc8). I'd rather not lose the functionality of the previous versions. > but i'm really interested in what you call 'false positives'. Can you pls > give some examples ? The two examples are due to misconfigured automated systems that do fail MX lookup. One I can fix, the other is not under my control. I suppose I could add a couple of MX records to my local DNS server, but I would rather not do MX verification on the domains I choose, similar to the HELO blacklist exclusions. Thanks, Doug Traylor |