[Assp-user] 1.3.5

[Fritz B. <fb...@iw...>]

1.3.5 is stable and ready to be published. Please run the public beta
if possible.

http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05F324B2?WasRead=1

[ fcp://@fc.magicvillage.de,%231000789/HomePage-ASSP/ASSP-Admin-GUI
]ASSP-Admin-GUI 

Moduls to install:
Net::SenderBase
Net::IP::Match::Regexp
Net::CIDR::Lite
LWP::Simple

Karmasphere was added to the black and white dnsbl.
If you want to use it you must establish an account there:
www.karmasphere.com
and give them your IP numbers for the queries.



new  ipnp.txt file 2007-10-27 - > files folder
new  whitedomains.txt file 2007-10-22 - > files folder
new  blackdomains.txt file 2007-10-22 - > files folder
new  deny.txt (denySMTPConnectionsFrom) file 2007-10-17 - > files
folder
new  denyalways.txt (denySMTPConnectionsFromAlways) file 2007-10-20 -
> files folder
new (lighter) bombre  2007-10-25 -> files folder
new  invalidptr.txt file 2007-09-05 - > files folder
new editor.css 2007-10-25 -> images folder
new assp.css 2007-10-25 -> images folder
new shutdown.css 2007-10-25 -> images folder
new rebuildspamdb (1.3.5)  2007-10-17
cleaning of whitelist expanded 
- all items with lenght > MaxWhitelistLength  will be deleted
- Rebuildrun frequency for  cleaning Whitelist
1 = every run, 0 = never, 0.5 = roughly every second run
- redlist / redre matching mails will be deleted if DoNotCollectRed is
set.

added in PB section
Do Export Penalty BlackBox Extreme (DoExtremeExport)
Exported BlackBox Extreme File (exportExtremeBlack)
IP's in Penalty BlackBox which surpassed the extreme level will be
regularly stored into this file.
Use Exported Penalty BlackBox Extreme for SMTP Denying
(exportExtremeFileDeny)
Deny SMTP connections from IP's in Exported Penalty Black Box Extreme
File in a very early stage. This reduces the load on your MTA.
Exported Penalty BlackBox Interval (exportInterval)
Exported Penalty Black Box Extreme File every this hours.
Defaults to 6 hours.

added in PB section
Suspicious HELO: IP in HELO (fiphValencePB)
Suspicious HELO: IP in HELO mismatch (fiphmValencePB)
Suspicious Country Code (sbsccValencePB)
Foreign Country Code (sbfccValencePB)

added in section Sender Validation
Suspicious Country Codes* (CountryCodeRe)
Messages from IP's based in these countries will increase the
MessageScore. This requires an installed [
http://search.cpan.org/search?query=Net::SenderBase ]Net::SenderBase
module in PERL.
For example: CN|KR|RU|JP 
Home Country Codes* (MyCountryCodeRe)
Put here your own country code(s) (for example: US). Messages from
IP's based in other countries will increase the MessageScore. This
requires an installed [
http://search.cpan.org/search?query=Net::SenderBase ]Net::SenderBase
module in Perl.

address-lists and wildcards
They accept  specific addresses (us...@do...), user parts (user)
or entire local domains (@domain.com). Wildcards are supported
(fribo*@domain.com).

added in Mail Analyzer
You may put here helo=aaa.bbb.helo or ip=123.123.123.123 to look up
the helo/ip information. Putting a textstring only in will start a
lookup in the regular expression files for the matching regex.

added in Sender Validation section
SenderBase IP Country Codes*
Messages from IP's based in these countries will increase the
MessageScore. This requires an installed Net::SenderBase module in
PERL.
For example: CN|KR|RU|JP
Internal Name: CountryCodeRe
SenderBase IP HomeCountry Codes*
Put here your own country code e.g. US. Messages from IP's based in
other countries will increase the MessageScore.
Internal Name: MyCountryCodeRe
SenderBase Cache Refresh Interval
IP's in cache will be removed after this interval in days.
Internal Name: SBCacheInterval

in Logging Section
Enable SenderBase Logging
Enables logging of Organisation and Country Code queried from
SenderBase.
0 = no log, 1 = standard, 2 = verbose
Internal Name: SenderBaseLog

in PB section
SenderBase Country Code Check
* Message scoring
Internal Name: sbccValencePB

added in SPF section
Override Domains*
Set override to define SPF records for domains that do publish but
which you want to override anyway. Wildcards are supported. For
example: abc.com|*.def.com
Internal Name: SPFoverride
Fallback Domains*
Set fallback to define "pretend" SPF records for domains that don't
publish them yet. Wildcards are supported. For example:
abc.com|*.def.com
Internal Name: SPFfallback
Local SPF Record
Used in Fallback/Override Domains
The default is v=spf1 a/24 mx/24 ptr -all
Internal Name: SPFlocalRecord


added wildcard character "*"  to all address related Regular
Expressions (spamlover address  type)



added in ccmail section
Do Not Copy Spam Regex*
Never Copy Spam regardless of collection mode. Put anything here to
identify messages which should not be copied.
Internal Name: ccSpamNeverRe

added in collection section - needs the new rebuildspamdb 1.3.5
Do Norm Optimizing
The relation between collected Spam and Ham wordpairs is called the
'Norm'(Normality). Ideally you want to keep the Norm as close to '1,0'
as possible - which means an equal number of ham to spam wordpairs -
but anything between '0.5'(more ham) and '1.5'(more spam) is
considered healthy. The main thing to understand is the relationship:
the lower the Norm, the greater the chance a message will be
determined to be spam, or, the higher the Norm, the less chance a
message will be determined to be spam. If this option is set, ASSP
will automatically manage the number of collected ham or spam messages
in an effort to keep the Norm in balance.

added in Greylisting/Delaying section:
Use MD5 for DelayDB
Message-Digest algorithm 5 is a cryptographic hash function and adds
some level of security to the delay database. Must be set to off if
you want to list the database with DelayShowDB/DelayShowDBwhite.
Internal Name: DelayMD5
 
Show Delay/Greylisting Database
The directory/file with the delay database file. If you change the
filename in section Filepath you must change it here too.
Internal Name: DelayShowDB
 
Show Delay/Greylisting Safe Database
The directory/file with the safe delay database file. If you change
the filename in section Filepath you must change it here too.
Internal Name: DelayShowDBwhite

added in PenaltyBox section:
Force Extreme Denying for Mode 2
PBextreme will deny connections from IP's whose score meet or exceed
the extreme level/extreme counter - even if PB is only monitoring
(mode 2)
Extreme Bad IP History
* Message scoring only,
Internal Name: pbeValencePB 
Bad IP History
* Message scoring only
Internal Name: pbValencePB
Extreme Counter Threshold
If set PBextreme will deny connections from IP's whose 'MessageLimit
Reached' counter meet or exceed this level. Everytime a message is
blocked because of 'Messagelimit reached' this counter is increased
for the IP. For example: 5
Internal Name: PenaltyExtremeCounter

added in CC Mail section:
 Do Not Copy Messages Above This MessageTotal
Messages whose score exceeds this threshold will not be copied. For
example: 75

CIDR and Hyphenated IP Range are active in 

"denysmtpfrom"
"denysmtpfromAlways"
"AllowAdminFrom"
"noLog"
"ispip"
"AcceptAllFrom"
"noDelay"
"noDelay"
"noRBL"
"noSRS"
"whiteListedIPs"
"noProcessingIPs"

(In Hyphenated IP Range you may replace the hyphen with a space,
 123.123.123.123 123.123.123.123 is also valid.)
You can freely mix all notations:
123.123.
123.123.0.0/17
123.123.123.123 123.123.123.123
123.123.123.123-123.123.123.123

You can add comments to be seen when matching is logged:

123.123. comment1
123.123.0.0/17 comment2
123.123.123.123 123.123.123.123 comment3
123.123.123.123-123.123.123.123 comment4

This comments are *not* the comments usually used in lists, they can
be used additionally:

123.123. comment1 # a line with a comment1
123.123.0.0/17 comment2

CIDR and Hyphenated IP Range Notation added for
           'allowAdminConnectionsFrom'
           'acceptAllMail'
	'ispip'
           'noLog'
           'noDelay'
           'noSRS'
           'noRBL'
           'noRWL'
           'noPB'
           'whiteListedIPs'
	'noProcessingIPs'
           'denySMTPConnectionsFrom'
           'denySMTPConnectionsFromA'

added option ipmatchLogging,'IP Matches Logging'
  'Enables logging of IP addresses matches in the maillog. Enables
logging of IP addresses matches in the maillog. Will show a comment
instead of the range if there is text after the IP ranges (and before
any numbersign)  eg. 182.82.10.0/24 AOL'


-option in ccspam to have the header in body (reporting to SpamCop)

added caching for:
-SPF
-MXA
-PTR
-RWL

added in folder notes:
Config History (confighistory.txt)  
Admin Info (admininfo.txt)
-configdefaults.txt
-config.txt 

Added Options:
-Do Bomb/Script Regular Expressions Checks for ISP/Secondary
-Do URI Blocklist Validation for ISP/Secondary

Added:
All Spam-Haters*
All Emails to Spam-Haters found to be spam are blocked by ASSP rather
than processed in testmode/spamlover. When a Spam-Hater is not the
sole recipient of a message, the message will only be blocked if all
recipients are Spam-Haters. Overwrites Spam-Lover addresses/domains.
Accepts specific addresses (us...@do...), addresses at local
domains (user), or entire local domains (@domain.com). Separate
entries with pipes: |. 
For example: jf...@th...|fribo|@sillyguys.org
Internal Name: spamHaters
Bayesian Spam-Hater*
DNSBL Spam-Hater*