Anti-Spam SMTP Proxy Server Wiki

Anti-Spam SMTP Proxy Server implements multiple spam filters

Brought to you by: pdreissen, thockar

ASSP_2.x_configuration_settings

enableCFGShare: Enable Configuration Sharing
-- Read all positions in this section carefully (multiple times is recommended!!!)! A wrong configuration sequence or wrong configuration values can lead in to a destroyed ASSP configuration!
If set, the configuration value and option files synchronization will be enabled. This synchronization belong to the configuration values, to the file that is possibly defined in a value and to the include files that are possibly defined in the configured file. If you don't want a specific configuration file or include file to be synchronized (send and receive), write
# assp-no-sync
as a comment anywhere in the file. A possible reason could be for example 'localDomains' - if ASSP1 is hosting DOMAIN1 and DOMAIN2 but ASSP2 is hosting only DOMAIN2 - so the entry for DOMAIN2 could be put in a not synchronized include file on ASSP1 and the synchronized main config file contains the entry for DOMAIN1.
If the configuration of all values in this section is valid, the synchronization status will be shown in the GUI for each config value that is, or could be shared. There are several configuration values, that could not be shared. The list of all shareable values could be found in the distributed file assp_sync.cfg

For an initial synchronization setup set the following config values in this order: setup syncServer, syncConfigFile, syncTestMode and as last syncCFGPass (leave isShareSlave and isShareMaster off). Use the default (distributed syncConfigFile assp_sync.cfg) file and configure all values to your needs - do this on all peers by removing lines or setting the general sync flag to 0 or 1 (see the description of syncConfigFile ).
If you have finished this initial setup, enable isShareMaster or isShareSlave - now assp will setup all entries in the configuration file for all sync peers to the configured default values (to 1 if isShareMaster or to 3 if isShareSlave is selected). Do this on all peers. Now you can configure the synchronization behavior for each single configuration value for each peer, if it should differ from the default setup.
For the initial synchronization, configure only one ASSP installation as master (all others as slave). If the initial synchronization has finished, which will take up to one hour, you can configure all or some assp as master and slave. On the initial master simply switch on isShareSlave. On the inital slaves, switch on isShareMaster and change all values in the sync config file that should be bidirectional shared from 3 to 1. As last action enable enableCFGShare on the SyncSlaves first and then on the SyncMaster.
After such an initial setup, any changes of the peers (syncServer) will have no effect to the configuration file (syncConfigFile)! To add or remove a sync peer after an initial setup, you have to configure syncServer and you have to edit the sync config file manually.

This option can only be enabled, if isShareMaster and/or isShareSlave and syncServer and syncConfigFile and syncCFGPass are configured!
Because the synchronization is done using a special SMTP protocol (without "mail from" and "rcpt to"), this option requires an installed Net::SMTP module in PERL. If you want the sync feature to use a secured connection (using STARTTLS) , DoTLS has to be set to "do TLS". This special SMTP protocol is not usable to for any MTA for security reasons, so the "sync mails" could not be forwarded via any MTA.
For this reason all sync peers must have a direct or routed TCP connection to each other peer.

If you build a sync topology with more than two ASSP, please notice, that it is not allowed to build any ring-synchronization. Only a chain-, tree- or star- topology is supported. It is also not allowed to build a sync ring inside any of the three allowed topologies!
default:

isShareMaster: This is a Share Master
-- If selected, ASSP will send configured configuration changes to sync peers. default:

isShareSlave: This is a Share Slave
-- If selected, ASSP will receive configured configuration changes from sync peers. To accept a sync request, every sending peer has to be defined in syncServer - even if there are manually made entries in the sync config file for a peer. default:

syncServer: Default Sync Peers
-- Define all configuration sync peers here (to send changes to or to receive changes from). Separate multiple values by "|". Any value must be a pair of hostname or ip-address and :port, like 10.10.10.10:25 or mypeerhost:125 or mypeerhost.mydomain.com:225. The :port must be defined!
The target port can be the listenPort , listenPort2 , relayPort or if syncUsesSSL is enabled, it has to be the listenPortSSL of the peer. default:

syncUsesSSL: SSL is used for the Sync SMTP Transport
-- If selected, SSL will be used for the transport of the synchronization requests. In this case the target ip:port of all peers must be its listenPortSSL ! The Perl modules Net::SMTP::SSL and IO::Socket::SSL must be installed and enabled if this option is selected, otherwise all synchronization requests will fail! default:

syncTestMode: Test Mode for Config Sync
-- If selected, a master (isShareMaster) will process all steps to send configuration changes, but will not realy send the request to the peers. A slave (isShareSlave) will receive all sync requests, but it will not change the configuration values and possibly sent configuration files will be stored at the original location and will get an extension of ".synctest". default:

syncConfigFile: Configuration File for Config Sync*
-- Define the synchronization configuration file here (default is file:assp_sync.cfg).
This file holds the configuration and the current status of all synchronized assp configuration values.
The format of an initial value is: "varname:=syncflag" - where syncflag could be 0 -not shared and 1 -is shared - for example: HeaderMaxLength:=1 . The syncflag is a general sign, which means, a value of 0 disables the synchronization of the config value for all peers. A value of 1, enables the peer configuration that possibly follows.
The format after an initial setup is: "varname:=syncflag,syncServer1=status,syncServer2=status,......". The "status" could be one of the following:

0 - no sync - changes of this value will not be sent to this syncServer - I will ignore all change requests for this value from there
1 - I am a SyncMaster, the value is still out of sync to this peer and should be synchronized as soon as possible
2 - I am a SyncMaster, the value is still in sync to this peer - I am also a SyncSlave to this peer (bidirectional sync) if isShareSlave is enabled
3 - I am not a SyncMaster but a SyncSlave - only this SyncMaster (peer) knows the current sync status to me
4 - I am a SyncMaster and a SyncSlave (bidirectional sync) - a change of this value was still received from this syncServer (peer) and should not be sent back to this syncServer - this flag will be automatically set back to 2 at the next synchronization check

default: file:assp_sync.cfg

syncCFGPass: Config Sync Password
-- The password that is used and required (additionally to the sending IP address) to identify a valid sync request. This password has to be set equal in all ASSP installations, from where and/or to where the configuration should be synchronized.
The password must be at least six characters long.
If you want or need to change this password, first disable enableCFGShare here and on all peers, change the password on all peers, enable enableCFGShare on SyncSlaves then enable enableCFGShare on SyncMasters. default:

syncShowGUIDetails: Show Detail Sync Information in GUI
-- If selected, the detail synchronization status is shown at the top of each configuration parameter like:

nothing shown - there is no entry defined for this parameter in the syncConfigFile or it is an unsharable parameter
"(shareable)" - the parameter is shareable but the general sync sign in the syncConfigFile is zero
"(shared: ...)" - the detail sync status for each sync peer

If not selected, only different colored bulls are shown at the top of each configuration parameter like:

nothing shown - no entry in the syncConfigFile or it is an unsharable parameter
"black bull •" - the parameter is shareable but the general sync sign in the syncConfigFile is zero
"green bull •" - the parameter is shared and in sync to each peer
"red bull •" - the parameter is shared but it is currently out of sync to at least one peer

If you move the mouse over the bull, a hint box will show the detail synchronization status. A click on the bull or link will open a sync config dialog box for the single configuration parameter.
Notes Config Sync
default:

Network Setup

DisableSMTPNetworking: Disable all new SMTP and Proxy Network Connections
-- If selected, ASSP will not answer to new SMTP and Proxy connections on 'listenPort , listenPort2 , listenPortSSL , relayPort and ProxyConf'. Currently existing SMTP and Proxy connections are not affected! Web and Stat connection are also not affected. default: 0

enableINET6: Enable IPv6 support
-- For IPv6 network support to be enabled, check this box. Default is disabled. IO::Socket::INET6 is able to handle both IPv4 and IPv6. NOTE: This option requires an installed IO::Socket::INET6 module in PERL and your system should support IPv6 sockets to give enabling this option a sense!
It is recommended to leave this option OFF as long as you don't want to use IPv6 addresses for a listener or a destination (SMTP,DNS-server,LDAP-server etc.).
Before you enable or disable IPv6, please check every IP listener and destination definition in assp and correct the settings. After changing this option a restart of assp is recommended. IPv4 addresses are defined for example 192.168.0.1 or 192.168.0.1:25 - IPv6 addresses are defined like [FE80:1:0:0:0:0:0:1]:25 or [FE80:1::1]:25 ! If an IPv4 address is defined for a listener, assp will listen only on the IPv4 socket. If an IPv6 address is defined for a listener, assp will listen only on the IPv6 socket. If only a port is defined for a listener, assp will listen on both IPv4 and IPv6 sockets.
For the definition of destination IP's applies the same. You are free to define hostnames instead of IP addresses like myhost.mydomain.com:25 - how ever, because of the needed IP address resolving, this will possibly slow down assp. default:

listenPort: SMTP Listen Port
-- The port number on which ASSP will listen for incoming SMTP connections (normally 25). You can specify both an IP address and port number to limit connections to a specific interface. Separate multiple entries by "|".Examples: 25, 127.0.0.1:25, 127.0.0.1:25|127.0.0.2:25|[FE80:1::1]:25 default: 25

smtpDestination: SMTP Destination
-- The IP number! and port number of your primary SMTP mail transfer agent (MTA). If multiple servers are listed and the first listed MTA does not respond, each additional MTA will be tried. If only a port number is entered, or the dynamic keyword INBOUND is used with a port number, then the connection will be established to the local IP address on which the connection was received. This is useful when you have several IP addresses with different domains or profiles in your MTA. If INBOUND:PORT is used, ReportingReplies (Analyze,Help,etc and CopyMail will go to 127.0.0.1:PORT or [::1]:PORT. If your needs are different, use smtpReportServer (SMTP Reporting Destination) and sendAllDestination (Copy Spam SMTP Destination). Separate multiple entries by "|"
.
If you need to connect to the SMTP destination host using native SSL, write 'SSL:' in front of the IP/host definition. In this case the Perl module IO::Socket::SSL must be installed and enabled ( useIOSocketSSL ).

Examples: 125, 127.0.0.1:125, 127.0.0.1:125|127.0.0.5:125|SSL:127.0.0.1:465, INBOUND:125 default: 125

smtpDestinationRT: SMTP Destination Routing Table*
-- If INBOUND is used in the SMTP Destination field, the rules specified here are used to route the inbound IP address to a different outbound IP address. You must specify a port number with the outbound IP address. Example:141.120.110.1=>141.120.110.129:25|141.120.110.2=>141.120.110.130:125|141.120.110.3=>SSL:141.120.110.130:125 default:

smtpLocalIPAddress: SMTP - Destination to Local IP-address Mapping
-- You need to use the "file: ..." option for this parameter!
On windows systems at least Vista/2008 is required!
On multihomed systems with multiple default gateways, it could be required to define the local IP address (source) used for outgoing SMTP connections.
This parameter allows to define local IP addresses used for specific targets (IP's or hosts) - based on the local address, the system will use the right gateway/interface.
Define one entry per line, comments (#) are allowed. The syntax for an entry is 'target=>local-IP'.
target could be any of: IP(4/6) network, IP(4/6) address, hostname, domain-name with wildcard ().

for example:
22. => 192.168.1.1 # IP4 Network
2222:333: => FE81::1 # IP6 Network
22.23.24.25 => 10.1.1.1, # host IP4
1:2:3:4:5:6:7:8 => FE94::5 # host IP6
*.domain.com => 10.1.1.1 # domain
host.domain.com => 192.168.1.1 # host
* => 172.16.1.1 # default - if not defined, the system default is used

NOTICE: assp will NOT check, that the local IP address is available and bound to a local interface! It will also NOT check the system routing table! YOU SHOULD KNOW WHAT YOU DO! default:

listenPortSSL: SMTP Secure Listen Port
-- The port number on which ASSP will listen for incoming secure SMTP connections (normally 465). You can specify both an IP address and port number to limit connections to a specific interface. Separate multiple entries by "|".Examples: 465, 127.0.0.1:465, 127.0.0.1:465|127.0.0.2:465 . More configuration options are smtpSSLRequireClientCert, SSLSMTPCertVerifyCB and SSLSMTPConfigure . default:

smtpDestinationSSL: SSL Destination
-- The IP address! and port number to connect to when mail is received on the SSL listen port. If the field is blank, the primary SMTP destination will be used.
If you need to connect to the SSL destination host using native SSL, write 'SSL:' in front of the IP/host definition. In this case the Perl module IO::Socket::SSL must be installed and enabled ( useIOSocketSSL ).
Examples:127.0.0.1:565, 565 default:

listenPort2: Second SMTP Listen Port
-- A secondary port number on which ASSP can accept SMTP connections. This is useful as a dedicated port for VPN clients or for those who cannot directly send mail to a mail server outside of their ISP's network because the ISP is blocking port 25. You may also specify an IP address to limit connections to a specific interface. Separate multiple entries by "|".Examples: 2525, 127.0.0.1:2525, 192.168.0.100:25000 default:

smtpAuthServer: Second SMTP Destination
-- The IP address and port number to connect to when mail is received on the second SMTP listen port. If the field is blank, the primary SMTP destination will be used. The purpose of this setting is to allow remote users to make authenticated connections and transmit their email without encountering SPF failures.
If you need to connect to the second SMTP destination host using native SSL, write 'SSL:' in front of the IP/host definition. In this case the Perl module IO::Socket::SSL must be installed and enabled ( useIOSocketSSL ).
Examples: 587, 127.0.0.1:587, SSL:127.0.0.1:465 default:

NoAUTHlistenPorts: Disable AUTH support on listenPorts
-- This disables the SMTP AUTH command on the defined listenPorts independent from any other setting. This option works for listenPort , listenPort2 and listenPortSSL . The listener definition here has to be the same like in the port definitions. Separate multiple entries by "|".Examples: 25, 127.0.0.1:25, 127.0.0.1:25|127.0.0.2:25 default:

DisableExtAUTH: Disable SMTP AUTH for External Clients
-- If you do not want external clients (IP not in acceptAllMail or relayPort is not used) to use SMTP AUTH - for example to prevent address and password harvesting - check this option.
The "AUTH" offer in the EHLO and HELP reply will be stripped out, if set to on.
Notice: setting this option to ON could prevent roaming users (dynamic IP) from being able to authenticate! default:

AUTHrequireTLS: SMTP AUTH requires SSL/TLS
-- An SSL listener or STARTTLS is required before the SMTP AUTH command can be used.
This setting is ignored for all private IP addresses (localhost, RFC 1918, RFC 4193)!
In case of a mistake '538 5.7.11 encryption required for requested authentication mechanism' is replied to the client.
'NO' is the default setting, but 'ALL' is recommended! default: 0

EnforceAuth: Force SMTP AUTH on Second SMTP Listen Port
-- Force clients connecting to the second listen port to authenticate before transferring mail. To use this setting, both listenPort2 (Second SMTP Listen Port) and smtpAuthServer (Second SMTP Destination) must be configured.Notes On Network Setup default: 0

SMTP Session Limits

MaxErrors: Maximum Errors Per Session
-- The maximum number of SMTP session errors encountered before the connection is dropped. A value of zero disables this feature. PB: meValencePB default: 5

maxSMTPSessions: Maximum Sessions
-- The maximum number of simultaneous SMTP sessions. This can prevent server overloading and DoS attacks. 64 simultaneous sessions are typically enough. Zero means no limit. Connections on relayPort will be counted, but connections on relayPort will never be limited because of this value. If the value is reached, assp will wait until the number of simultaneous SMTP sessions is lower than (value - 20) or (value * 0.75). default: 64

noMaxSMTPSessions: No Maximum Sessions IP numbers*
-- Mail from any of these IP numbers will pass through without checking maximum number of simultaneous SMTP sessions. For example: 145.145.145.145 default:

maxSMTPipSessions: Maximum Sessions Per IP Address
-- The maximum number of SMTP sessions allowed per IP address. Use this setting to prevent server overloading and DoS attacks. 5 sessions are typically enough. If set to 0 there is no limit imposed by ASSP. ispip (ISP/Secondary MX Servers) and acceptAllMail (Accept All Mail) matches are excluded from SMTP session limiting. PB: iplValencePB default: 5

HeaderMaxLength: Maximum Header Size
-- The maximum allowed header length, in bytes. At each mail hop header information is added by the mail server. A large mail header can indicate a mail loop. If the value is blank or 0 the header size will not be checked. default: 50000

detectMailLoop: Detect Possible Mailloop
-- If set to a value higher than 0, ASSP count it's own Received-header in the header of the mail. If this count exceeds the defined value, the transmission of the message will be canceled. default: 3

MaxEqualXHeader: Maximum Equal X-Header Lines
-- The maximum allowed equal X-header lines - eg. "X-SubscriberID". If the value is set to empty the header will not be checked for equal X-header lines. This check will be skipped for noprocessing, whitelisted and outgoing mails.
The default is "=>20", which means any X-header can occur 20 time maximum. You can define different values for different X-headers - wildcards like "" and "?" are allowed to be used.
For example:
=>20|X-Notes-Item=>100|X-Subscriber=>10|X-AnyTag=>0
A value of zero disables the check for the defined X-header. The check is also skipped if no default like "=>20" is defined and the X-header definition is not found. default: *=>20

maxRealSize: Max Real Size of Local Message
-- If the value of (number of [rcpt to] * [message size]) exceeds maxRealSize in bytes the transmission of the local message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the total transmit size. default:

MaxRealSizeAdr: Max Real Size of Local Message Addresses
-- Use this parameter to set individual maxRealSize values for email addresses, domains, user names and IP addresses. A file must be specified if used.
Accepts specific addresses (user@domain.com), user parts (user), entire domains (@domain.com) and IP addresses (CIDR notation like 123.1.101/32 is here not supported!) - group definitions could be used. Use one entry per line. Wildcards are supported (fribo@domain.co?). A second parameter separated by "=>" specifies the size limit.
For example:
fribo@thisdomain.co?=>1000000
jhanna=>0
@sillyguys.org=>500000
101.1.2.=>0
[admins]=>0
If multiple matches (values) are found in a mail for any IP address in the transport mail chain, any envelope recipient and the envelope sender, the highest value or 0 (no limit) will be used! If no match (value) is found in a mail, the definition in maxRealSize will take place. default: file:files/MaxRealSize.txt

maxRealSizeExternal: Max Real Size of External Message
-- If the value of (number of [rcpt to] * [message size]) exceeds maxRealSizeExternal in bytes the transmission of the external message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the total transmit size. default:

MaxRealSizeExternalAdr: Max Real Size of External Message Addresses
-- Use this parameter to set individual maxRealSizeExternal values for email addresses, domains, user names and IP addresses. A file must be specified if used.
Accepts specific addresses (user@domain.com), user parts (user), entire domains (@domain.com) and IP addresses (CIDR notation like 123.1.101/32 is here not supported!) - group definitions could be used. Use one entry per line. Wildcards are supported (fribo@domain.co?). A second parameter separated by "=>" specifies the size limit.
For example:
fribo@thisdomain.co?=>1000000
jhanna=>0
@sillyguys.org=>500000
101.1.2.=>0
[admins]=>0
If multiple matches (values) are found in a mail for any IP address in the transport mail chain, any envelope recipient and the envelope sender, the highest value or 0 (no limit) will be used! If no match (value) is found in a mail, the definition in maxRealSizeExternal will take place. default: file:files/MaxRealSizeExt.txt

maxRealSizeError: max real message size Error
-- SMTP error message to reject maxRealSize / maxRealSizeExternal exceeding mails. For example:552 message exceeds MAXREALSIZE byte (size * rcpt)! MAXREALSIZE will be replaced by the value of maxRealSize / maxRealSizeExternal. default: 552 message exceeds MAXREALSIZE byte (size * rcpt)

maxSize: Max Size of Local Message
-- If the value of ([message size]) exceeds maxSize in bytes the transmission of the local message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the transmit size. default:

MaxSizeAdr: Max Size of Local Message Addresses
-- Use this parameter to set individual maxSize values for email addresses, domains, user names and IP addresses. A file must be specified if used.
Accepts specific addresses (user@domain.com), user parts (user), entire domains (@domain.com) and IP addresses (CIDR notation like 123.1.101/32 is here not supported!) - group definitions could be used. Use one entry per line. Wildcards are supported (fribo@domain.co?). A second parameter separated by "=>" specifies the size limit.
For example:
fribo@thisdomain.co?=>1000000
jhanna=>0
@sillyguys.org=>500000
101.1.2.=>0
[admins]=>0
If multiple matches (values) are found in a mail for any IP address in the transport mail chain, any envelope recipient and the envelope sender, the highest value or 0 (no limit) will be used! If no match (value) is found in a mail, the definition in maxSize will take place. default: file:files/MaxSize.txt

maxSizeExternal: Max Size of External Message
-- If the value of ([message size]) exceeds maxSizeExternal in bytes the transmission of the external message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the transmit size. default:

MaxSizeExternalAdr: Max Size of External Message Addresses
-- Use this parameter to set individual maxSizeExternal values for email addresses, domains, user names and IP addresses. A file must be specified if used.
Accepts specific addresses (user@domain.com), user parts (user), entire domains (@domain.com) and IP addresses (CIDR notation like 123.1.101/32 is here not supported!) - group definitions could be used. Use one entry per line. Wildcards are supported (fribo@domain.co?). A second parameter separated by "=>" specifies the size limit.
For example:
fribo@thisdomain.co?=>1000000
jhanna=>0
@sillyguys.org=>500000
101.1.2.=>0
[admins]=>0
If multiple matches (values) are found in a mail for any IP address in the transport mail chain, any envelope recipient and the envelope sender, the highest value or 0 (no limit) will be used! If no match (value) is found in a mail, the definition in maxSizeExternal will take place. default: file:files/MaxSizeExt.txt

maxSizeError: max message size Error
-- SMTP error message to reject maxSize / maxSizeExternal exceeding mails. For example:552 message exceeds MAXSIZE byte (size)! MAXSIZE will be replaced by the value of maxSize / maxSizeExternal. default: 552 message exceeds MAXSIZE byte (size)

MaxAUTHErrors: Max Number of AUTHentication Errors
-- If an IP (/24 network is used for incoming mails) exceeds this number of authentication errors (535 or 530) the transmission of the current message will be canceled and any new connection from that IP will be blocked for 5-10 minutes.
Every 5 Minutes the 'AUTHError' -counter of the IP will be decreased by one. autValencePB is used for the penalty box.
No limit is imposed by ASSP, if the field is left blank or set to zero (zero cleans the related cache). This option allows admins to prevent external bruteforce or dictionary attacks via AUTH command. Whitelisted, noBlockingIPs , noMaxAUTHErrorIPs and NoProcessing IP's are ignored like any relayed connection. default:

noMaxAUTHErrorIPs: Do not check MaxAUTHErrors for these IP's*
-- List of IP's which should not be checked for MaxAUTHErrors . For example: 145.145.145.145|145.146. default:

DoSameSubject: Check Same Subjects
-- If activated, assp will check the mail subjects for equality using the config parameters below. Scoring is done with 'isValencePB'. default: 0

subjectFrequencyInt: Subject Frequency Interval
-- The time interval in seconds in which the number of equal subjects has not to exceed a specific number ( subjectFrequencyNumSubj ).
Use this in combination with subjectFrequencyNumSubj to limit the number of equal subjects in a given interval. A value of 0 (default) will disable this feature and clean the cache within five minutes.
default: 300

subjectFrequencyNumSubj: Subject Frequency Number of Subjects
-- The number of equal subjects that has not to exceed in a specific time interval ( subjectFrequencyInt ).
Use this in combination with subjectFrequencyInt to limit the number of equal subjects in a given interval. A value of 0 (default) will disable this feature and clean the cache within five minutes.
default: 5

subjectFrequencyOnly: Check Equal Subject Frequency for this Users only
-- A list of local addresses, for which the 'subject frequency check' should be done. Leave this field blank (default), to do the check for every address.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna|@sillyguys.org default:

NoSubjectFrequency: Check Equal Subject Frequency NOT for this Users
-- A list of local addresses, for which the 'subject frequency check' should not be done.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna|@sillyguys.org default:

NoSubjectFrequencyIP: Check Equal Subject Frequency NOT for this IP's*
-- Mail from any of these IP numbers will pass through without checking the equality of subjects. For example: 145.145.145.145 default:

smtpIdleTimeout: SMTP Idle Timeout
-- The number of seconds a session is allowed to be idle before being forcibly disconnected. The default is 180 seconds. No limit is imposed by ASSP if the field is left blank or set to 0. If you have not defined an IdleTimeout on your MTA, this value should not be set to 0, because then a connection will never be timed out! default: 180

NpWlTimeOut: SMTP Idle Timeout for Whitelisted and Noprocessing
-- The number of seconds a whitelisted or noprocessing session is allowed to be idle before being forcibly disconnected. The default is 1200 seconds. No limit is imposed by ASSP if the field is left blank or set to 0. If you have not defined an IdleTimeout on your MTA, this value should not be set to 0, because then a connection will never be timed out! default: 1200

smtpNOOPIdleTimeout: SMTP Idle Timeout after NOOP
-- The number of seconds a session is allowed to be idle after a "NOOP" command is received, before being forcibly disconnected. The default is 0 seconds. No limit is imposed by ASSP if the field is left blank or set to 0.
This should prevent hackers to hold and block connections by sending "NOOP" commands short before the "smtpIdleTimeout" is reached. default: 0

smtpNOOPIdleTimeoutCount: SMTP Idle Timeout after NOOP Count
-- The number of counts a session is allowed send "NOOP" commands following on each other, before being forcibly disconnected. The default is 0. No limit is imposed by ASSP if the field is left blank or set to 0.
This in cooperation with "smtpNOOPIdleTimeout" should prevent hackers to hold and block connections by sending repeatedly "NOOP" commands short before the "smtpNOOPIdleTimeout" is reached. If "smtpNOOPIdleTimeout" is not defined or 0, this value will be ignored!Notes On SMTP Session Limits default: 0

Group definition

Groups: Address and Domain Groups*

If you don't want to use group definitions, leave this field blank otherwise a file definition like 'file:files/groups.txt' is required.
Group definitions could be used in any other configuration value where multiple user names, email addresses or domain names or IP addresses could be defined.
Groups are defined and used using the same syntax [group-name] (including the brackets) in a single line. In the configuration parameters, the line [group-name] will be replaced by the content of the group definition, that is done here.
All group definitions are case sensitive. Group names can only contain the following characters: A-Z, a-z, 0-9, - , _ and @ !
The structure of this file has to be as follows:

[super_spamlovers]
myBoss
ldap:{host=>my_LDAP_server:389,base=>(sep)DC=domain,DC=tld(sep),user=>(sep)CN=admin,DC=domain(sep),password=>(sep)pass(sep),timeout=>2,scheme=>ldap,STARTTLS=>1,version=>3},{(CN=management)}{member},{(CN=%USERID%)}{mailaddress}
entry
exec:/usr/bin/list_postfix_users --domain mydomain --group postoffice
entry
...

[admins]
ldap:{host=>domino1.mydomain.com:389,base=>(sep)DC=domain,DC=tld(sep),user=>(sep)Administrator(sep),password=>(sep)pass(sep),timeout=>2,scheme=>ldap,STARTTLS=>1,version=>3},{(CN=LocalDomainAdmins)}{member},{(CN=%USERID%)}{mailaddress}
entry
entry
...

[specialIPList]
1.2.3.4
123.234.0.0/16
::1

Lines starting with a # OR ; are consider a comment. Empty lines will be ignored. A group definition stops, if a new group definition starts or at the end of the file. Comments are not allowed inside a definition line.

There are two possible methods to import entries from an external source in to a group - the execution of a system command or an LDAP query.
To import entries via a system command like (eg. cat|grep or find or your self made shell script), write a single line that begins with exec: followed by the command to be executed - like:
exec:cat /etc/anydir/*.txt|grep '@'
The executed system command has to write a comma(,) or pipe(|) or linefeed(LF,CRLF) separated list of entries to STDOUT, that should become part of that group, where this line is used. There could be multiple and any combination of entry types in one group definition.

If you are familar with the usage of LDAP, you can define LDAP queries to import entries from one or more LDAP server. This is done, defining one query per line. The syntax of such a line is:

ldap:{host_and_protocol},{LDAP_group_query_filter}{LDAP_group_query_attribut_to_return},{LDAP_entry_query_filter}{LDAP_entry_query_attribut_to_return}

If the 'host_and_protocol' part is empty {}, the default LDAP configuration will be used. A 'host_and_protocol' part should contain the following entries in the following structure:
{host=>127.0.0.1:389,base=>(sep)DC=domain,DC=tld(sep),user=>(sep)...(sep),password=>(sep)pass(sep),timeout=>..,scheme=>ldap/ldaps,STARTTLS=>0/1,version=>2/3}
The 'host' has to be set, if you want to define any other LDAP parameter. If any other parameter is not defined, the default LDAP configuration value will be used, except user and password. The port definition (:xxx) in the host setting is optional - if not defined, the default LDAP ports 389(LDAP) and 636(LDAPS) will be used. It is possible to define a comma(,) separated list of hosts for failover functionality like 'host=>"localhost:389,192.168.1.1:389,...."' - notice the quotes as terminator which are required in this case!
The value of the base, password and user parameter has to start and end with a single character (sep) as terminator, that is not part of the value
and is not used in the value. The parameter "base" defines the LDAP search root like LDAPRoot .

The 'LDAP_group_query_filter' and 'LDAP_group_query_attribut_to_return' are used to query an LDAP group for it's members (users). The resulting list will contain the requested attributes of all group members. The definition of these two parameters could look as follows:
{(&(objectclass=dominoGroup)(CN=LocalDomainAdmins))}{member}

It is possible to modify each returned value with a callback-code. This is for example useful for MS-AD queries on the attribute 'proxyaddresses', which returns a list of all available mail addresses (SMTP,smtp,X400...).

example: ldap:{},{(&(CN=firstname lastname)(proxyaddresses=smtp:))<=s/^\ssmtp:\s(.+)\s$/$1/i}{proxyaddresses},{}{}

<= is the required separator, s/^\ssmtp:\s(.+)\s*$/$1/i is the callback code.
The callback code has to return a value of not zero or undef on success. The code gets the LDAP result in the variable $_ and has to modify this variable in place on success.
It is not allowed to use any of the following characters in the callback definition of an ldap line: {}|

The 'LDAP_entry_query_filter' and 'LDAP_entry_query_attribut_to_return' are used to query each member from the first query, for it's email address. The literal '%USERID%' in the 'LDAP_entry_query_filter' will be replaced by each LDAP-attribute result of the first query. The definition of these two parameters could look as follows:
{(&(objecttype=person)(CN=%USERID%)(o=%USERID%))}{mailaddress}
or more simple
{(&(objecttype=person)(CN=%USERID%))}{mailaddress}

A callback code could be used the same way like for 'LDAP_group_query_filter' - {(&(objecttype=person)(CN=%USERID%))<=callback-code}{mailaddress}.

To break long lines in to multiple, terminate a continued line with a slash "/"

If you are able to get all results (eg. email addresses or domain names) with the 'LDAP_group_query' query, leave the definition of 'LDAP_entry_query_filter' and 'LDAP_entry_query_attribut_to_return' empty {}{}.

The result of each group definition will be stored in a file in files/group_export/GROUPNAME.txt.
The groups are build at every start of assp and if the defined file or an include file is stored (changed file time). To force a reload of all groups, open the file and click 'Save changes' or change the file time with an external shell script. It is also possible to use GroupsReloadEvery, to reload the Groups definition in time intervals, if the exec: or ldap: option are used. default:

GroupsReloadEvery: Reload the Groups definitions every this minutes ^s
-- ASSP will reload the Groups definition every this minutes, if the exec: or ldap: option is used in Groups.
A value of zero disables the scheduled reload. Defaults to 60 minutes.
Notes On Group Definitions default: 60

SPAM Control

redRe: Regular Expression to Identify Redlisted Mail*
-- If an email matches this Perl regular expression it will be considered redlisted.
redRe detects tags to process a mail like the recipient were redlisted - nothing else (no redlist addition/removal).
The Redlist serves two purposes:
1) the Redlist is a list of addresses that cannot contribute to the
whitelist and which are not considered local even if their mail is
from a local computer. For example, if someone goes on a vacation and
turns on their autoresponder, put them on the redlist until
they return. Then as they reply to every spam they receive they won't
corrupt your non-spam collection or whitelist: [autoreply]
2) Redlisted addresses will not be added to the Whitelist when your
local user sends mail to that address, thereby preventing accidental
pollution of the Whitelist by, say, inadvertent replies by your
users to mails from the spammer.
Redlisted messages will not be stored in the SPAM/NOTSPAM-collection. As all fields marked by * this field accepts
a list separated by | or a specified file 'file:files/redre.txt'. default: file:files/redre.txt

EmailWhiteRemovalToRed: Add Whitelist Removals To Redlist
-- If set addresses which are removed from Whitelist via email-interface will automatically be added to the Redlist. The address can only be added again to the Whitelist after it is removed from the Redlist. default:

SpamError: Spam Error
-- SMTP error message to reject spam. The literal LOCALDOMAIN will be replaced by the recipient domain. The literal LOCALUSER will be replaced by the recipient user part. For example:554 5.7.1 Mail appears to be unsolicited -- send error reports to postmaster@LOCALDOMAIN. default: 554 5.7.1 Mail appears to be unsolicited -- send error reports to postmaster@LOCALDOMAIN

NotSpamTag: Ham Password SALT
-- If an incoming email subject contains the TAG generated based on this value, it will be considered as defined in NotSpamTagProc . The literal 'NOTSPAMTAG' (will be replaced by a 10 digit not-spam-tag) can be used in any 5xx error reply ( SpamError , SenderInvalidError , PenaltyError , SPFError , RBLError , URIBLError , UuencodedError , bombError , scriptError ) to ask for resending the mail with the TAG in the subject.
Randomly picked up bit sequences of the text defined here, are used as "SALT" to calculate a 10 digit not-spam-tag. This value must be at least 12 characters long. Leave this value empty to disable this feature.
Every generated TAG can be used by the sender exactly one time. Every additional usage of a TAG will be ignored, and the sender may get a new generated TAG.
To define your own static TAGs, use whiteRe and/or npRe and change the error reply definitions accordingly.
To generate a random 80 character string, run 'perl -e "print chr(int(rand(94))+33)for(0...79);"' from command line and copy and paste the result to here. default:

NotSpamTagProc: Not-Spam-Tag will consider the mail as
-- If a sender uses the Not-Spam-Tag , how should the mail be processed. Regardless of this setting, the IP address of the sender will not be penalized if a NotSpamTag is found. default: 1

noGriplistUpload: Don't Upload Griplist Stats
-- Check this to disable the Griplist upload when rebuildspamdb runs. The Griplist contains IPs and their value between 0 and 1, lower is less spammy, higher is more spammy. This value is called the grip value. default:

noGriplistDownload: Don't auto-download the Griplist file
-- Set this checkbox, if you don't use the Griplist. You have to disable also noGriplistUpload to download the Griplist. default:

StoreASSPHeader: Store Assp-Header into Spam Collection
-- Add "X-Assp-" to the collected spam-mails. default:

AddIntendedForHeader: Add Envelope-Recipient Header
-- Adds two lines to the email header: "X-Assp-Intended-For: user@domain" and "X-Assp-Envelope-From: user@domain". default: 1

NoExternalSpamProb: Block Outgoing Spam-Prob header
-- Check this box if you don't want your X-Assp-Spam-Prob header on external mail
Note this means mail from local users to local users will also be missing the header. default: 1

AddSpamHeader: Add Spam Header
-- Adds a line to the email header "X-Assp-Spam: YES" if the message is spam, or "X-Assp-Spam: YES (Probably)" if it is possibly spam. default: 1

AddCustomHeader: Add Custom Header
-- Adds a line to the email header if the message is spam. For example: X-Spam-Status:yes default: X-Spam-Status:yes

AddLevelHeader: Add Graphical Level Header
-- Adds a line to the email header "X-Assp-Spam-Level: **** " showing the total message score represented by stars (1 - 20), every star represents five scoring points. default: 1

AddSubjectHeader: Add X-ASSP-Original-Subject Header
-- Adds a line to the email header "X-ASSP-Original-Subject: the subject". default:

AddSpamReasonHeader: Add Spam Reason Header
-- Adds a line to the email header "X-Assp-Spam-Reason: " explaining why the message is spam.
Notes On Spam Control default: 1

Copy Spam & Ham

sendAllSpam: Copy Spam and Send to this Address
-- If this is set, ASSP will deliver a copy of spam mails to this address. For example: spammaster@mydomain.com. The literal USERNAME is replaced by the user part of the recipient, the literal DOMAIN is replaced by the domain part of the recipient.
For example: USERNAME@Spam.DOMAIN, USERNAME+Spam@DOMAIN, catchallspamthis@DOMAIN. Separate multiple entries by comma or space. To deliver copy of spams based on the domain name (only some special hosted domains), use ccSpamInDomain . default:

ccSpamInDomain: Copy Spam and Send to this Address per Domain*
-- If the domain of the recipient-address is matches one in this list, ASSP will deliver an additional copy of spam emails of a domain to this address (even if sendAllSpam is not set). For example: monitorspam@example1.com|monitor@example2.com. default:

sendAllDestination: Copy Spam SMTP Destination
-- IP address and port to connect to when Spam messages are copied. If blank they go to the main SMTP Destination. eg "10.0.1.3:1025", "SSL:10.0.1.3:465", "1025", etc. default:

ccSpamFilter: Copy Spam to these Recipients Only
-- Restricts Copy Spam to these recipients. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

ccSpamAlways: Copy Spam to these Recipients always
-- Copy Spam to these recipients regardless of collection mode. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

ccSpamNeverRe: Do Not Copy Spam Regex*
-- Never Copy Spam regardless of collection mode. Put anything here to identify messages which should not be copied. default:

ccMaxScore: Do Not Copy Messages Above This MessageTotal score
-- Messages whose score exceeds this threshold will not be copied. For example: 75 default:

ccMaxBytes: Restrict Copy Spam to MaxBytes
-- CCMail will cut off Spam mails, thereby reducing the load considerably (recommended). default: 1

spamSubjectCC: Prepend Spam Subject to Copied Spam
-- If set, spamSubject gets prepended to the subject of the copied message. default:

spamTagCC: Prepend Spam Tag to Copied Spam
-- The check which caused the spam detection will be prepended to the subject of the message. For example: [DNSBL] default: 1

sendAllHamDestination: Copy Not-Spam SMTP Destination
-- IP address and port to connect to when Ham messages are copied. If blank they go to the Spam SMTP Destination. eg "10.0.1.3:1025", "SSL:10.0.1.3:465",, "1025", etc. default:

sendHamInbound: Copy Incoming Not-Spam and Send to this Address
-- If you put an address in this box ASSP will forward a copy of notspam messages from outside to this address. The literal USERNAME is replaced by the user part of the recipient, the literal DOMAIN is replaced by the domain part of the recipient. For example: archiv@mydomain.com, USERNAME@mybackup.domain, catchallforthis@DOMAIN default:

sendHamOutbound: Copy Outgoing Not-Spam and Send to this Address
-- If you put an address in this box ASSP will forward a copy of outgoing notspam messages to this address. default:

ccHamFilter: Copy Ham Filter
-- Copy Not-Spam to these addresses only. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

ccnHamFilter: Do Not Copy Ham Filter
-- Do Not Copy Ham to these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

ccMailReplaceRecpt: ccMail Recipient Replacement
-- The recipient replacement (ReplaceRecpt) rules from the "Recipients/Local Domains" section, will be used to replace ccMail recipients. For example: sendHamInbound = USERNAME@yourspamdomain.lan - in this case you are able to detect the target domain "yourspamdomain.lan" in a rule and you can replace the recipient/domain depending on its values and/or on the senders address.
Notes On CC Messages default:

SPAM Lover/Hater

spamSubjectSL: Suppress SpamSubject to Spam-Lover-Messages
-- If set, spamSubject and spamTag does NOT get prepended to the subject of the Spam-Lover-Message. default:

spamTagSL: Suppress SpamTags to Spam-Lover-Messages
-- If set, spamTags (the method used to catch spam) does NOT get prepended to the subject of the Spam-Lover-Message. default: 1

groupSpamLovers: Group SpamLovers and Not SpamLovers per mail
-- If set, the first envelope recipient consider a mail to be for spamlovers or not. If the first envelope recipient is any SpamLover, all other (following) envelope recipients must be also any SpamLover (or reverse) - if not, their address will be not accepted by ASSP for this single mail and '452 too many recipients' will be sent. default:

spamLovers: All Spam-Lover
-- Messages to Spam-Lovers are processed and filtered by ASSP, but (optionally) get tagged with spamSubject and are not blocked. When a
Spam-Lover is not the sole recipient of a message, the message is processed
normally, and if it is found to be spam, it will not be delivered to the Spam-Lover.
delaySpamLovers are not included here and must be set additionally.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). Default: postmaster|abuse.
For example: fribo*@thisdomain.com|jhanna|@sillyguys.org

This option and all SpamLover-Options (...SpamLovers) below accepting a second score parameter like "user@your-domain.com=>70"
If such a parameter is defined in any option for an entry and the recipient address matches this entry and the message score exceeds the parameter value, the message will be considered spam.
If there are multiple possible matches for a recipient address found, the generic longest match (and assigned value) will be used.
ASSP will use the highest found value for all envelope recipients of an email.
The according low limit is calculated as:
for outgoing mails: value - ( PenaltyMessageLimit - PenaltyMessageLow )
or
for incoming and local mails: value - ( LocalPenaltyMessageLimit - LocalPenaltyMessageLow ) default: postmaster|abuse

SpamLoversRe: Regular Expression to Identify Spam-Lover*
-- If a message matches this regular expression it will be considered a Spam-Lover message. default:

baysSpamLovers: Bayesian Spam-Lover*
-- default:

baysSpamLoversRe: Regular Expression to Identify Bayesian Spam-Lover*
-- If a message matches this regular expression it will be considered a Bayesian Spam-Lover message. For example: password|news default:

baysSpamLoversRed: Do not store Bayesian Spam-Lover in SpamDB
-- If set (recommended), mail to Bayesian Spam-Lover will be stored in the discarded folder (not in the Spam/Notspam folder). default: 1

blSpamLovers: Blacklisted Domains Spam-Lover*
-- default:

bombSpamLovers: Bomb Spam-Lover*
-- default:

hlSpamLovers: HELO Blacklisted Spam-Lover*
-- default:

hiSpamLovers: Valid/Invalid Helo*
-- default:

atSpamLovers: Bad Attachment Spam-Lover*
-- default:

spfSpamLovers: SPF Failures Spam-Lover*
-- default:

rblSpamLovers: DNSBL Failures Spam-Lover*
-- default:

uriblSpamLovers: URIBL Failures Spam-Lover*
-- default:

srsSpamLovers: Unsigned SRS Bounces Spam-Lover*
-- default:

delaySpamLovers: No Delaying Spam-Lover*
-- default:

isSpamLovers: Invalid Sender Spam-Lover*
-- default:

mxaSpamLovers: Missing MX Spam-Lover*
-- default:

ptrSpamLovers: Invalid/Missing PTR Spam-Lover*
-- default:

pbSpamLovers: Penalty Box Blocking Spam-Lover *
-- default:

sbSpamLovers: Country Blocking Spam-Lover *
-- default:

spamHaters: All Spam-Haters
-- Spam-Haters are used to override Spam-Lovers.
Example: If you have set your entire domain as a Spam-Lover(s), but there are still some addresses you still wish to block spam for. If you add those addresses to the Spam-Haters field allows messages to only those addresses to be blocked while still allowing the messages to the other Spam-Lovers pass through. The message will only be blocked if all recipients are Spam-Haters. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
For example: *fribo@thisdomain.com|jhanna|@sillyguys.org default:

baysSpamHaters: Bayesian Spam-Hater*
-- default:

rblSpamHaters: DNSBL Failures Spam-Hater*
-- default:

hlSpamHaters: HELO Blacklisted Spam-Hater*
-- default:

switchSpamLoverToScoring: Switch Spam-Lover to Message Scoring
-- Put the filter automatically in "Message Scoring Mode" when DoPenaltyMessage is set (instead of stopping spam processing altogether).
Notes On Spam-Lover default:

No Processing

noProcessingIPs: No Processing IPs
-- Mail from any of these IP's will pass through without processing. (some attachments may be processed)
For example: 145.145.145.145|146.145.
To define IP's only for specific email addresses or domains (recipients) you must use the file:... option
An entry (line) may look as follows:
145.146.0.0/16=>@local.domain|user@mydomain|user2@*.mydomain # comment

It is possible to define a predefined group on any or both sides of the '=>' separator, like:
[ipgroup]=>[usergroup]|user@mydomain

NOTICE: the following combination of two entries, will lead in to a user/domain based matching - the global entry will be ignored!
145.146.0.0/16 # comment
145.146.0.0/16=>@local.domain|user@mydomain|user2@.mydomain # comment
If multiple user/domain based entries are defined for the same IP, only the last one will be used!

All fields marked by '*' accept a filepath/filename : 'file:files/ipnp.txt'. default: file:files/ipnp.txt

noProcessing: No Processing Addresses
-- Mail solely to or from any of these addresses are proxied without processing. The envelope sender and recipients are checked. Like a more efficient version of Spam-Lovers & redlist combined. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). If you register TO addresses here, all recipients for a single mail must be marked as noprocessing to flag the mail as "noprocessing". default:

noProcessingFrom: No Processing Addresses From
-- Mail solely from any of these addresses are proxied without processing. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo@example.com). default:

noProcessingDomains: No Processing Domains*
-- Domains from which you want to receive all mail and proxy without processing. Your ISP, domain registration, mail list servers, stock broker, or other key business partners might be good candidates. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that buy.com would also match spambuy.com but .buy.com won't match buy.com. For example: sourceforge.net|@google.com|.buy.com default: sourceforge.net

npRe: Regular Expression to Identify No Processing Mail*
-- If a message matches this Perl regular expression ASSP will treat the message as a 'No Processing' mail. For example: 169.254.122.|172.16.|[autoreply]. default:

npSize: Message Size Limit
-- ASSP will treat incoming messages larger than this SIZE (in bytes) as 'No Processing' mail, after the header part of the mail is received without any error. Empty or 0 disables the feature. default: 500000

npSizeOut: Message Size Limit Outgoing
-- ASSP will treat outgoing messages larger than this SIZE (in bytes) as 'No Processing' mail. Empty or 0 disables the feature. default: 500000

processOnlyAddresses: Process Only These Addresses
-- If the Enable Process Only Addresses check box is checked, mail solely to or from any of the addresses in this list (envelope only) will be processed by ASSP. All others will be proxied without processing. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
Note that if an address matches both the NoProcessing and the OnlyTheseProcessing lists, the NoProcessing rules take precedence. default:

poTestMode: Enable Process Only Addresses

Notes On No Processing default:

Whitelisting

whiteListedIPs: Whitelisted IPs
-- They contribute to the Whitelist and to Notspam. For example: 145.145.145.145|146.145.|146.145.0.0/16. It is recommended to use the CIDR notation.
To define IP's only for specific email addresses or domains (recipients) you must use the file:... option
An entry (line) may look as follows:
145.146.0.0/16=>@local.domain|user@mydomain|user2@*.mydomain # comment

It is possible to define a predefined group on any or both sides of the '=>' separator, like:
[ipgroup]=>[usergroup]|user@mydomain

All fields marked by '*' accept a filepath/filename : 'file:files/ipwl.txt'. default: file:files/ipwl.txt

whiteRe: Regular Expression to Identify Non-Spam*
-- If an incoming email matches this Perl regular expression, it will be considered whitelisted.
For example: Secret Ham Password|307\D{0,3}730\D{0,3}4[12]\d\d
For help writing regular expressions click here.
IMPORTANT: The body is scanned in a later stage AFTER all sender related checks are performed. So a white regular expression here might not prevent the message to be blocked by eg. invalid PTR. Set the sender related checks to score only if you want to make sure that the white regular expression will be seen. Some things you might include here are your office phone number or street address, spam rarely includes these details. . default:

whiteListedDomains: Whitelisted Domains and Addresses
-- Domains and addresses from which you want to receive all mail. Your ISP, domain registration, mail list servers, stock broker, or other key business partners might be good candidates. Be careful not to put widely used or local domains here like google.com or hotmail.com or mydomain.com. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that example.com would also match spamexample.com but .example.com won't match example.com. Wildcards are supported. For example: sourceforge.net|group@google.com|.example.com

It is possible to make email addresses whitelisted only for a set of local domains and/or local users. Use wildcards ( and ?) to define domains.
Use the following syntax to do this:
@anydomain=>@any_local_domain - for domain to domain
@.anydomain=>@any_local_domain - for any sub-domain to domain
user@anydomain=>@.any_local_domain - for user to any sub-domain

It is possible to define more than one entry at the left and the right side of the definition (=>), like:
@anydomain|@other_domain=>@any_local_domain|@other_local_domain - always separate multiple entries by pipes
It is also possible to use a GroupDefinition in any or both sides, like:
[sendergroup]=>[recipientgroup]
[sendergroup1]|[sendergroup2]|*@domain=>[recipientgroup1]|[recipientgroup2]|user@local_domain

NOTICE - that the local email addresses and domains are not checked to be local once default: file:files/whitedomains.txt

wildcardUser: Wildcard User for White Domain
-- If you add this user via email-interface(eg: @domain.com), the whole domain will be whitelisted. For example: '' default: *

ValidateRWL: Enable Realtime Whitelist Validation
-- RWL: Real-time white list. These are lists of IP addresses that have
somehow been verified to be from a known good host. Senders that pass RWL validation will pass IP-based filters. This requires an installed Net::DNS module in PERL. default:

RWLwhitelisting: Whitelist all RWL Validated Addresses
-- If set, the message will also pass Bayesian Filter and URIBL. default:

RWLmaxreplies: Maximum Replies
-- A reply is affirmative or negative reply from a RWL. The RWL module will wait for this number of replies (negative or positive) from the RWLs listed under Service Provider for up to the Maximum Time below. This number should be equal to or less than the number of RWL Service Providers listed to allow for randomly unavailable RWLs. default: 4

RWLminhits: Minimum Hits
-- A hit is an affirmative response from a RWL. The RWL module will check all of the RWLs listed under Service Provider, and flag the email with a RWL pass flag if equal to or more than this number of RWLs return a positive whitelisted response. This number should be less than or equal to Maximum Replies above and greater than 0 default: 1

RWLmaxtime: Maximum Time
-- This sets the maximum time to spend on each message performing RWL checks default: 10

noRWL: Don't Validate RWL for these IPs*
-- Enter IP addresses that you don't want to be RWL validated, separated by pipes (|). For example: 145.145.145.145|146.145. default:

AddRWLHeader: Add X-Assp-Received-RWL Header
-- Add X-Assp-Received-RWL header to header of all mails processed by RWL. default: 1

RWLCacheInterval: RWL Cache Refresh Interval
-- IP's in cache will be removed after this interval in days. 0 will disable the cache. default: 7

WhitelistPrivacyLevel: PrivacyLevel of the Whitelist
-- Sets the privacy level of the whitelistdb . If a (local) user adds an email address to the whitelist:

(0) global & private - this email address is automatically whitelisted for all other local users
(1) domain & private - this email address is automatically whitelisted for all other local users in the same local domain
(2) private only - this email address is only whitelisted for this single local user

(0-1) unless another user has removed this email address from his whitelist. Default is zero, which is the legacy setting.
NOTICE: independent from this setting, the whitelistdb is filled with all three entries (global,domain,private), to make it possible to change this value. default: 0

MaxWhitelistDays: Max Whitelist/Personal Black Days
-- This is the number of days an address will be kept on the whitelist and personal blacklist without any email to/from this address. Set it to 0 to keep the entries infinity. default: 365

WhitelistOnly: Reject All But Whitelisted Mail
-- Check this if you don't want Bayesian filtering and want to reject all mail from anyone not whitelisted. To do this related to local user addresses, use InternalAndWhiteAddresses and switch this option off. default:

NoAutoWhite: Only Email-Interface Addition to Whitelist.
-- Check this box to allow additions to the whitelist by email interface only. default:

NoAutoWhiteAdresses: No AutoWhite Addresses
-- Mail solely to or from any of these addresses are excluded from automatic whitelist additions. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

NotGreedyWhitelist: Only the envelope-sender is added/compared to the whitelist
-- Normal operation includes addresses in the FROM, SENDER, REPLY-TO, ERRORS-TO, or LIST-* header fields.
This allows nearly all list email to be whitelisted.
If set to 'envelope-sender only', only this address is compared/added.
If set to 'check all addresses - one match for white - add all', one match in any of this fields is enough to get white and all addresses will be added to whitelist.
If set to 'check all addresses - all matches for white - update all', all defined addresses in all defined fields must be already whitelisted for a message to get a whitelisted state and all addresses will updated in whitelist. Notice: this setting will overwrite a match in whiteListedDomains , if a not whitelisted sender is found.
If any address is found in redlist, no whitelist addition will be done and the message gets not white.
If the penalty score of a message has reached PenaltyMessageLow, no whitelist addition will be done.
This setting is ignored, for mails to add/remove whitelist entries via email-interface. default: 0

GreedyWhitelistAdditions: How add Greedy Senders to Whitelist
-- Defines what sender addresses are added to the whitelist if a message is considered to be from a whitelisted sender. NotGreedyWhitelist is considered in determining if a message is from a whitelisted sender. default: 1

WhitelistLocalOnly: Only local or authenticated users contribute to the whitelist.
-- Normal operation allows all local, authenticated, or whitelisted users to contribute to the whitelist.
Check this box to not allow whitelisted users to add to the whitelist. default:

WhitelistLocalFromOnly: Only users with a local domain in mailfrom contribute to the whitelist.
-- Check this box to prevent sender with non-local domains from contributing to the whitelist. (for example: redirected messages). default: 1

WhitelistAuth: Whitelist mails from authenticated users.
-- Mails from authenticated users will be processed as whitelisted. default:

UpdateWhitelist: Save Whitelist ^s
-- Save a copy of the white list every this many seconds. Empty or Zero will prevent any saving and the cleanup of old records.
Notes On Whitelist default: 3600

Relaying

acceptAllMail: Accept All Mail*
-- Relaying is allowed for these IPs. They contribute also to the whitelist. Before setting this option, please read the complete section - it is recommended to configure relayPort to send mails from your LAN to the Internet. This can take either a directly entered list of IP's separated by pipes or a file 'file:files/acceptall.txt'.
For example: 145.145.145.145|146.145. default:

DoLocalSenderDomain: Do Local Domain Check for Local Sender
-- If activated, each local sender address must have a valid Local Domain. acceptAllMail and redlisted mails breaks this rule. default:

DoLocalSenderAddress: Do Local Address Check for Local Sender
-- If activated, each local sender address must have a valid Local Address. acceptAllMail and redlisted mails breaks this rule. default:

nolocalDomains: Skip Local Domain Check
-- Do not check relaying based on localDomains. Let the mailserver do it. NOT RECOMMENDED. default:

ldLDAP: Do LDAP lookup for local domains
-- Check local domains against an LDAP database.
Note: Checking this requires filling in LDAP DomainFilter ( ldLDAPFilter ) in the LDAP section.
This requires an installed NET::LDAP module in Perl. default:

ispip: ISP/Secondary MX Servers*
-- Enter any addresses that are your ISP or backup MX servers, separated by pipes (|).
These addresses will (necessarily) bypass Griplist, IP Limiting, Delaying, Penalty Box, SPF, DNSBL & SRS checks unless the IP can be determined by (ispHostnames) ISP/Secondary Hostnames. For example: 127.0.0.1|172.16.. default:

contentOnlyRe: Regular Expression to Identify Forwarded Messages*
-- Put anything here to identify messages which should bypass PB, Sender Validation, Griplist, IP Limiting, Delaying, SPF, DNSBL & SRS checks. For example: email addresses of people who are forwarding from other accounts to their mailbox on your server. default:

ispHostnames: Regular Expression to Identify ISP/Secondary Hostnames*
-- Hostnames (regular expression) to lookup the IP that connected to the ISP/Secondary server.
If found, this address is used to perform IP-based checks on forwarded messages.
For example: mx1.yourisp.com or mx1.yourisp.net|mx2.yoursecondary.com . This hostnames are found in the 'Received:' header, like 'Received: from ...123.123.123.123... by mx1.yourisp.com'. Leave this blank to disable the feature. default:

send250OKISP: Send 250 OK To ISP/Secondary MX Servers
-- Set this checkbox if you want ASSP to reply to IP's in ISPIP with '250 OK' instead of SMTP error code '554 5.7.1'. default: 1

ispgripvalue: ISP/Secondary MX Grip Value
-- It is recommended to set it to 0.5 (Completely GReyIP) for ISP and Secondary MX servers. If left blank the Griplist X value is used (percentage of spam messages in relation to total).
Note: value has to be greater than 0 and less than 1, where 0 = never spam and 1 = always spam default: 0.5

BounceSenders: Bounce Senders*
-- Envelope sender addresses treated as bounce origins. Null sender (<>) is always included.
Accepts specific addresses (postmaster@domain.com), usernames (mailer-daemon), or entire domains (@bounces.domain.com)
Separate entries with pipes: |. For example: postmaster|mailer-daemon default: postmaster|mailer-daemon

PopB4SMTPFile: Pop Before SMTP DB File
-- Enter the DB database filename of your POP before SMTP implementation with records stored for dotted-quad IP addresses.
For example: /etc/mail/popip.db default:

PopB4SMTPMerak: Pop Before SMTP Merak Style
-- If set Merak 7.5.2 is supported. default:

relayHost: Relay Host
-- Your isp's mail relayhost (smarthost). For example: mail.isp.com:25
If you run Exchange/Notes and you want assp to update the nonspam database and the whitelist, then enter your isp's smtp relay host here. Blank means no relayhost. Only required if clients don't deliver through SMTP. Separate multiple entries by "|".
If you need to connect to the relay host using native SSL, write 'SSL:' in front of the IP/host definition. In this case the Perl module IO::Socket::SSL must be installed and enabled ( useIOSocketSSL ).
Examples: your_ISP_Server:25, 149.1.1.1:25, SSL:149.1.1.2:465|any_other_host:25 ! default:

relayAuthUser: User to Authenticate to Relay Host
-- The username used for SMTP AUTH authentication to the relayhost - for example, if your ISP need authentication on the SMTP port! Supported authentication methods are PLAIN, LOGIN, CRAM-MD5 and DIGEST-MD5 . If the relayhost offers multiple methods, the one with highest security option will be used. The Perl module Authen::SASL must be installed to use this feature! The usage of this feature will be skipped, if the sending MTA uses the AUTH command. Leave this blank, if you do not want use this feature. default:

relayAuthPass: Password to Authenticate to Relay Host
-- The password used for SMTP AUTH authentication to the relayhost ! Leave this blank, if you do not want use this feature. default:

relayPort: Relay Port
-- Tell your mail server to connect to this IP/port as its smarthost / relayhost. For example: 225
Note that you'll want to keep the relayPort protected from external access by your firewall.
You can supply an interface:port to limit connections. Separate multiple entries by "|".Examples: 225, 127.0.0.1:225, 192.168.1.1:225|192.168.2.1:225 ! default:

allowRelayCon: Allow Relay Connection from these IP's*
-- Enter any addresses that are allowed to use the relayPort , separated by pipes (|). If empty, any ip address is allowed to connect to the relayPort. If this option is defined, keep in mind : Addresses defined in acceptAllMail are NOT automatically included and have to be also defined here, if them should allow to use the relayPort. For example: 127.0.0.1|172.16..
If you use MS Office 365, you should define the EOP IP addresses here and you should configure your firewall to redirect connection from the hosted Exchange server to the relayPort . default:

RelayOnlyLocalSender: Allow Relaying Only for Local Sender
-- If set, the envelope sender (MAIL FROM:) is immediately checked after the DATA command is received (to be valid). If the sender address could not be validated, the connection is dropped.
This setting is ignored for BounceSenders, which can relay at any time .
The connection will be dropped regardless any other assp setting ( except EmailSenderOK ).
It is recommended to switch this to ON, if you use for example MS Office 365. At least, it is wise, to switch this ( or RelayOnlyLocalDomains ) to ON in every case default:

RelayOnlyLocalDomains: Allow Relaying Only for Local Domains
-- If set, the envelope sender domain (MAIL FROM:) is immediately checked after the DATA command is received (to be a local domain). If the sender domain could not be validated, the connection is dropped.
This setting is ignored for BounceSenders, which can relay at any time .
The connection will be dropped regardless any other assp setting ( except EmailSenderOK ).
It is recommended to switch this to ON, if you use for example MS Office 365. At least, it is wise, to switch this ( or RelayOnlyLocalSender ) to ON in every case default:

NoRelaying: No Relaying Error
-- SMTP error message to deny relaying. default: 530 Relaying not allowed

defaultLocalHost: Default Local Host
-- If you want to be able to send mail to local users without a domain name then put the default local domain here.
Blank disables this feature. For example: mydomain.com . default: assp.local

LocalFrequencyInt: Local Frequency Interval
-- The time interval in seconds in which the number of envelope recipients per sending address has not to exceed a specific number ( LocalFrequencyNumRcpt ).
Use this in combination with LocalFrequencyNumRcpt to limit the number of recipients in a given interval, to prevent local abuse - for example from hijacked local accounts. A value of 0 (default) will disable this feature and clean the cache within five minutes. It is recommended to enable DoLocalSenderAddress and/or DoLocalSenderDomain, if you want to use this feature. To give users the chance to inform an admin about such blocked mails, local mails to EmailAdmins are never blocked because of that feature.
default: 0

LocalFrequencyNumRcpt: Local Frequency Recipient Number
-- The number of envelope recipients per sending address that has not to exceed in a specific time interval ( LocalFrequencyInt ).
Use this in combination with LocalFrequencyInt to limit the number of recipients in a given interval, to prevent local abuse - for example from hijacked local accounts. A value of 0 (default) will disable this feature and clean the cache within five minutes. It is recommended to enable DoLocalSenderAddress and/or DoLocalSenderDomain, if you want to use this feature. To give users the chance to inform an admin about such blocked mails, local mails to EmailAdmins are never blocked because of that feature.
default: 0

LocalFrequencyOnly: Check local Frequency for this Users only
-- A list of local addresses, for which the 'local frequency check' should be done. Leave this field blank (default), to do the check for every address.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna|@sillyguys.org default:

NoLocalFrequency: Check local Frequency NOT for this Users
-- A list of local addresses, for which the 'local frequency check' should not be done. Noprocessing messages will skip this check.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna|@sillyguys.org default:

NoLocalFrequencyIP: Check local Frequency NOT for this IP's*
-- A list of local IP-addresses, for which the 'local frequency check' should not be done.
For example: 145.145.145.145|145.146. default:

genDKIM: Generate and Add DKIM signatures to relayed messages
-- If selected, ASSP will add DKIM signatures to relayed messages if it finds a valid DKIM configuration in DKIMgenConfig for the sending domain. This will also be done for noprocessing mails. This requires an installed Mail::DKIM module in PERL. default:

DKIMgenConfig: The File with the DKIM configurations*
-- The file that contains the DKIM configuration. A description how to configure DKIM could be found in the default file dkim/dkimconfig.txt.
Notes On Relaying default: file:dkim/dkimconfig.txt

Recipients/Local Domains

removeForeignBCC: remove Foreign BCC
-- Remove foreign BCC: header lines from the mail header. The remove is done before the DoHeaderAddrCheck is done! default:

DoHeaderAddrCheck: Check TO,CC and BCC headers
-- If enabled TO: , CC: and BCC: header lines are checked the following way:

a possible recipient replacement is done
local email address validation is done - if OK, the next address or headerline is processed
spamtrapaddresses will be detected - scored with stValencePB - mail is blocked (noPenaltyMakeTraps is honored)
a local but not valid TO/CC/BCC: address will be detected - scored with irValencePB
a RelayAttempt will be detected if a BCC address is not local - scored with rlValencePB - mail is blocked
The check 3 and 4 honors whitelisting , noprocessing and noBlockingIPs
Enable this check only, if assp is configured to validate local domains and email addresses!
NOTICE: that removeForeignBCC take place before this check is done - step 5 will be never reached if removeForeignBCC is enabled! default:

sendAllPostmaster: Catchall Address for Messages to Postmaster
-- ASSP will deliver messages addressed to all postmasters of your local domains to this address. For example: postmaster@mydomain.com default:

sendAllPostmasterNP: Skip Spam Checks for Postmaster Catchall
-- default:

sendAllAbuse: Catchall Address for Messages to Abuse
-- ASSP will deliver messages to all abuse addresses of your local domains to this address. For example: abuse@mydomain.com default:

sendAllAbuseNP: Skip Spam Checks for Abuse Catchall
-- default:

DoRFC822: Validate addresses to conform with RFC 822
-- If activated, the envelope sender and/or each envelope recipient is checked to conform with the email format defined in RFC 822. For an invalid sender address 'nofromValencePB' is used for scoring - for invalid recipient addresses, each is scored with irValencePB .
For the sender address in addition a top level domain existence and DNS name server registration check is done.
The default setting is 'sender' - recommended settings are 'sender' or 'both'! default: 2

LocalAddresses_Flat: Lookup valid Local Addresses from here
-- These email addresses are the list of your local addresses. You can list specific addresses (user@mydomain.com), addresses at any local domain (user), or entire domains (@mydomain.com). Wildcards are supported (fribo@domain.com). (|).
For example: fribo@thisdomain.com|jhanna|@sillyguys.org or place them in a plain ASCII file one address per line:file:files/localuser.txt. You can use entries like @mydomain.com=>vrfyhost:port to VRFY users on your MTA, for more information read localDomains. You can use an entry like ALL=>vrfyhost:port to define a VRFY host for all domain entries ( better use Groups ). default:

LocalAddresses_Flat_Domains: Use Addresses without '@' as Domains
-- Will handle entries without '@' as full domains default: 0

RejectTheseLocalAddresses: Reject These Local Addresses*
-- If ANY recipient is on reject list, message will not be delivered. Used for disabled legitimate accounts, where a user may have left the company. This stops wildcard mailboxes from getting these messages. default:

localDomains: Local Domains
-- Check local domains against these addresses. Add a fake domain like 'assp-nospam.org' for the email interface if you run MS Exchange. When mailing to eg. 'spam@assp-nospam.org' MS Exchange forwards it outbound to ASSP who handles the different options. As in every field marked by '' separate addresses with | or use file 'file:files/localdomains.txt'. Wildcards are supported.
For example: mydomain.com|.mydomain.com|here.org
Use the syntax: *mydomain.com=>smtp.mydomain.com|other.com=>mx.other.com:port|other2.com=>mx.other.com:port,mx2.other.com:port to verify the recipient addresses with the SMTP-VRFY (if VRFY is not supported 'MAIL FROM:' and 'RCPT TO:' will be used) command on other SMTP servers. The entry behind => must be the hostname:port or ip-address:port of the MTA which is used to verify 'RCPT TO' addresses with a VRFY command! If :port is not defined, port :25 will be used. You can use an entry like ALL=>vrfyhost:port to define a VRFY host for all local domain entries that don't have a MTA defined ( better use Groups ). Separate multiple VRFY hosts for failover by comma ",". You have to enable the SMTP 'VRFY' command on your MTA - the 'EXPN' command should be enabled! This requires an installed Net::SMTP module in PERL.
If you have configured LDAP and enabled DoLDAP and ASSP finds a VRFY entry for a domain, LDAP search will be done first and if this fails, the VRFY will be used. So VRFY could be used for LDAP backup/fallback/failover!
It is recommended to configure 'ldaplistdb' in the 'File Paths and Database' section when using this verify extension - so ASSP will store all verified recipients addresses there to minimize the queries on MTA's. There is no need to configure LDAP, but both VRFY and LDAP are using ldaplistdb. Please go to the 'LDAP setup' section to configure MaxLDAPlistDays and LDAPcrossCheckInterval or start a crosscheck now with forceLDAPcrossCheck. This three parameters belong also to VRFY. default: putYourDomains.com|here.org

DoVRFY: Verify Recipients with SMTP-VRFY
-- If activated and the format 'Domain=>MTA' is encountered in
localDomains recipient addresses will be verified with SMTP-VRFY (if VRFY is not supported 'MAIL FROM:' and 'RCPT TO:' will be used).
If you know that VRFY is not supported with a MTA, you may put the MTA into VRFYforceRCPTTO. Don't forget to configure LDAPFail (belongs also to VRFY) to your needs! default: 1

VRFYQueryTimeOut: SMTP VRFY-Query Timeout
-- The number of seconds ASSP will wait for an answer of the MTA that is queried with the VRFY command to verify a recipient address. default: 5

VRFYforceRCPTTO: Force the usage of RCPT TO*
-- Define MTA's here for which you want ASSP to force the usage of MAIL FROM:,RCPT TO: instead of the VRFY command. The definition of each MTA has to be the same as defined in LocalAddresses_Flat and/or localDomains (after the '=>') for example: smtp.mydomain.com|mx.other.com:port|10.1.1.1|10.1.1.2:125 . default:

DisableVRFY: Disable VRFY and EXPN for External Clients
-- If you have enabled VRFY and/or EXPN on your MTA to make assp able to verify addresses and you do not want external clients to use VRFY and EXPN - select this option. default:

DoLDAP: Do LDAP lookup for valid local addresses
-- Check local addresses against an LDAP database before accepting the message.
Note: Checking this requires filling in the other LDAP parameters below.
This requires an installed Net::LDAP module in PERL. default:

LocalAddressesNP: Do Not Validate Local Addresses if in NoProcessing List
-- If a recipient is found in NoProcessing, the user validation is skipped. default:

CatchAll: Catchall per Domain*
-- ASSP will send to this addresses/domain if no valid user is found in LocalAddresses_Flat/LDAP.
For example: catchall@domain1.com|catchall@domain2.com default:

CatchAllAll: Catchall for All Domains
-- ASSP will send to this address if no valid user is found in LocalAddresses_Flat/LDAP and no match is found in Catchall per Domain.
For example: catchall@domain.com default:

CatchallallISP2NULL: Move ISP Connection with wrong Recipient Address to NULL
-- If set, ASSP will move all ISP connections with wrong recipient addresses to a NULL-connection. The ISP will receive "250 OK" until the mail has passed, but the mail will not be sent to your MTA. This is done after CatchAll but before CatchAllAll is checked. default:

NullAddresses: NULL Connection Addresses*
-- ASSP will dump a message silently when encountering such an address in "MAIL FROM:" or "RCPT TO:". Accepts specific addresses (null@example.com), user parts (nobody) or entire domains (@example.com). default:

InternalAddresses: Accept Mail from Local Domains only
-- These local addresses accept mail only from local domains. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

InternalAndWhiteAddresses: Accept Mail from Local Domains and Whitelisted Senders only
-- These local addresses accept mail only from local domains and whitelisted external senders. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

SepChar: Separation Character for Subaddressing
-- RFC 3598 describes subaddressing with a Separation Character. A star ('*') is not allowed as Separation Character. Everything between Separation Character and @ is ignored (including Separation Character). For Example = '+' will allow user+subaddress@domain.com. default: +

EnableBangPath: Support Bang Path
-- If set, ASSP will support addresses like domainx!user and will convert them to user@domainx . default:

MaxVRFYErrors: Maximum recipient verification Errors
-- The maximum number of failed 'RCPT TO' or 'VRFY' commands encountered before the connection is dropped. You can leave this field at 0, if you are using 'DoLDAP', 'LocalAddresses_Flat'! If configured, ASSP will drop the connection, if the count of '550 unknown user' errors, received from your 'smtpDestination'(MTA), reached this value! default: 0

DoMaxDupRcpt: Block Max Duplicate Recipients
-- Block remote servers that uses the same recipient address more times, than the number defined in MaxDupRcpt in the RCPT TO: command. Scoring is done with mdrValencePB . This check is skipped for outgoing, noprocessing, whitelisted and spamlovers mails. If a message has to be delayed, this check will score before the delay if set to block or score - and score and/or block on the next server request. default: 3

MaxDupRcpt: Maximum Allowed Duplicate Recipient Addresses
-- The maximum number of duplicate recipient addresses that are allowed in the sequence of the RCPT TO: commands!
The number per mail is calculated by 'number of RCPT TO: commands - number of unique recipient addresses'.
For example: if one address is used three times or two addresses are used each two times, will result in the same count - 2. Or if both is the case in one mail, the count will be 4. default: 0

ReplaceRecpt: Enable recipient replacement*
-- recommented if used: file:files/rcptreplrules.txt - default empty ! This enables recipient replacement. If you do not use file:, separate the rules with |. The replacement will be done before any ASSP check. Use this option carefully - for example: if you have enabled DKIM check, the DKIM check will fail, if the recipient of the mail was modified. For a more detailed description of the rules and options, read the file: files/rcptreplrules.txt! default:

NoValidRecipient: No-Valid-Local-User Reply
-- SMTP reply for invalid Users. Default: '550 5.1.1 User unknown: EMAILADDRESS'
The literal EMAILADDRESS (case sensitive) is replaced by the fully qualified SMTP recipient (e.g., thisuser@yourcompany.com).
Notes On Local Addresses default: 550 5.1.1 User unknown: EMAILADDRESS

Validate Helo

useHeloBlacklist: Use the Helo Blacklist
-- Use the list of blacklisted-helo hosts built by rebuildspamdb. default: 3

useHeloGoodlist: Use the Helo Goodlist
-- Use the list of known good helo hosts built by rebuildspamdb.
bonus - the message/IP get a bonus of the weighted negative value of hlValencePB
whitelisted - the message is processed as whitelisted

The good helos and weights are stored together with the helo blacklist. default: 1

DoIPinHelo: Do Score Suspicious Helos
-- Score servers with IP number in Helo and check for mismatch with sending IP. default: 3

ForceFakedLocalHelo: Enforce Check of Forged Helos Before Delaying
-- If set, ASSP will check Forged Helos before DELAYING. Collecting, Testmode, CopySpam, Spam-Lover and private/domain whitelist ( WhitelistPrivacyLevel ) is ignored. default: 1

DoFakedLocalHelo: Block Forged Helos
-- Block remote servers that claim to come from our Local Domains/Local IP's/Local Host. default: 1

DoFakedUseLocalDomain: Use Local Domain List for Blocking Forged Helos
-- If set, DoFakedLocalHelo will use localDomains. default: 1

DoFakedWL: Do Not Block Whitelisted
-- Disable "Block Forged Helo's" for whitelisted addresses (not recommended). default:

DoFakedNP: Do Not Block Noprocessing
-- Disable "Block Forged Helo's" for addresses identified as noprocessing (not recommended). default:

myServerRe: Local Domains,IP's and Hostnames*
-- Local Domains, IP's and Hostnames are often use to fake (forge) the Helo. Include all IP addresses and hostnames for your server here, localhost is already included. Include Local Domains of your choice here, if you deactivated the automatic use of the local domain list. For example: 11.22.33.44|mx.YourDomains.com|here.org default:

noHelo: Don't Validate HELO for these IP's*
-- Enter IP addresses that will be excluded from all HELO checks.
For example: 127.0.0.1|192.168. default:

heloBlacklistIgnore: Don't process these HELO's
-- HELO / EHLO greetings on this list will be excluded from all HELO checks. For example: host123.isp.com|host456..com default:

ForceValidateHelo: Enforce Early Helo Checks
-- If set, ASSP will Validate/Invalidate the format of HELO before DELAYING. Collecting, Testmode, CopySpam, Spam-Lover and private whitelist ( WhitelistPrivacyLevel ) is ignored. default: 1

DoValidFormatHelo: Validate Format of HELO
-- If activated, the HELO is checked against the expression below. If the Regular Expression matches, the HELO is validated as being ok. default: 1

validFormatHeloRe: Regular Expression to Validate Format of HELO
-- Validate Format HELO will check incoming HELOs according to rfc1123.
For example: ^(?:\w[\w.-].\w{2,6})$ or ^(?:(?:[a-z\d][a-z\d-]*)?[a-z\d].)+[a-z]{2,6}$ default: file:files/validhelo.txt

DoInvalidFormatHelo: Invalidate Format of HELO
-- If activated, the HELO is checked against the expression below. If the Regular Expression matches, the HELO is invalidated as being not ok. default: 1

invalidFormatHeloRe: Regular Expression to Invalidate Format of HELO**
-- Invalidate Format HELO will check incoming HELOs for this.
For example: ^\d+.\d+.\d+.\d+$|^[^.]+.?$, default: file:files/invalidhelo.txt

DoHeloWL: Do Valid/Invalid/Black Helo for Whitelisted
-- Do valid/invalid Helo for whitelisted addresses. default: 1

DoHeloNP: Do Valid/Invalid/Black Helo for Noprocessing
-- Do valid/invalid Helo for noprocessing addresses.

Notes On Validate Helo
default: 1

Validate Sender

DoBlackDomain: Do Blacklisted Addresses and Domains
-- default: 1

DoBlackDomainWL: Do Blacklisting Addresses and Domains for White
-- Do blacklisting addresses & domains in messages which are marked whitelisted by whiteRe, whiteListedDomains, whiteListedIPs, whitelistdb, DoOrgWhiting or ValidateRWL . default: 1

DoBlackDomainNP: Do Blacklisting Addresses and Domains for NoProcessing
-- Do blacklisting addresses & domains in messages which are marked noprocessing by npRe, noProcessingDomains, noProcessingIPs or noProcessing. default: 1

blackListedDomains: Blacklisted Addresses and Domains
-- Addresses & Domains from which you always want to reject mail, they only send you spam. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that buy.com would also match spambuy.com but .buy.com won't match buy.com. abc@def.com will match abc@def.com but won't match bbc@def.com. Wildcards are supported. For example: cc|info|biz|seller@bayer.com|sell@basf.com

It is possible to make email addresses blacklisted only for a set of local domains and/or local users. Use wildcards ( and ?) to define domains.
Use the following syntax to do this:
@anydomain=>@any_local_domain - for domain to domain
@.anydomain=>@any_local_domain - for any sub-domain to domain
user@anydomain=>@.any_local_domain - for user to any sub-domain

NOTICE - that the local email addresses and domains are not checked to be local once default: file:files/blackdomains.txt

DoMsgID: Check Message IDs
-- Score messages with missing/suspicious/invalid Message-ID. Scoring is done by midmValencePB / midsValencePB / midiValencePB . default: 3

noMsgID: Don't Validate Message-IDs for these IPs*
-- Enter IP addresses that you don't want to be Message-ID validated, separated by pipes (|). For example: 127.0.0.1|192.168. default: 127.0.0.|192.168.|10.

validMsgIDRe: Regular Expression to Validate Format of Message-ID*
-- Check Message IDs will check incoming messages for valid Message-IDs.
For example: ^.+\@.+..+$ default: ^.+\@.+..+$

invalidMsgIDRe: Regular Expression to Invalidate Format of Message-ID**
-- Check Message IDs will check incoming messages for invalid Message-IDs. default:

DoNoValidLocalSender: Validate Remote Sender with Local Domain Address
-- If activated, each remote sender with a local domain is checked against the Local Addresses File and/or LDAP. default: 1

ForceNoValidLocalSender: Early "Remote Sender with Local Domain Address" Check
-- If set, ASSP will check Remote Sender with Local Domain Address before Delaying a message.
Collecting, Testmode, CopySpam, and Spam-Lover settings are ignored. default: 1

DoNoSpoofing: Block Local Address from External Sender
-- If activated, each external sender address built with a domain in localDomains is regarded a spoofed address. An external sender is a sender from an IP not in acceptAllMail and not authenticated. Scoring is done with slValencePB. default: 3

onlySpoofingCheckIP: Do Spoofing Check ONLY for these IP's*
-- Enter IP's that you want to be checked for spoofing. If this is set, ONLY these IP's will be checked. For example:145.145.145.145|145.146. default:

onlySpoofingCheckDomain: Do Spoofing Check ONLY for these Addresses/Domains
-- Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo@example.com). If set, ONLY these addresses/domains will be checked for spoofing. default:

noSpoofingCheckIP: Don't do Spoofing Check for these IP's*
-- Enter IP's that you don't want to be checked for spoofing. For example:145.145.145.145|145.146. default:

noSpoofingCheckDomain: Don't do Spoofing Check for these Addresses/Domains
-- Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo@example.com). default:

DoNoSpoofing4From: Do NoSpoofing for from:
-- Do the NoSpoofing check also for header 'from:' addresses. default:

DoReversed: Reversed Lookup
-- If activated, each sender IP is checked for a PTR record. This requires an installed Net::DNS module in PERL. default: 3

DoReversedWL: Do Reversed Lookup for Whitelisted
-- Do reversed lookup for whitelisted addresses. default: 1

DoReversedNP: Do Reversed Lookup for Noprocessing
-- Do reversed lookup for noprocessing addresses. default: 1

DoInvalidPTR: Reversed Lookup FQDN
-- If activated - and Reversed Lookup is activated -, the PTR-FQDN record is checked against the Regex. This requires an installed Net::DNS module in PERL. default: 3

invalidPTRRe: Regular Expression to Invalidate Format of PTR**
-- Validate Format PTR will check PTR records for this.
For example: ^\d+.\d+.\d+.\d+$|^[^.]+.?$ or file:files/invalidptr.txt default: file:files/invalidptr.txt

validPTRRe: Regular Expression to Validate Format of PTR*
-- Validate Format PTR will check PTR records for this.
For example: static or file:files/validptr.txt default: file:files/validptr.txt

PTRCacheInterval: Reversed Lookup Cache Refresh Interval
-- IP's in cache will be removed after this interval in days. 0 will disable the cache. default: 7

DoDomainCheck: Validate MX or A Record
-- If activated, the sender address and each address found in the following header lines (ReturnReceipt:, Return-Receipt-To:, Disposition-Notification-To:, Return-Path:, Reply-To:, Sender:, Errors-To:, List-...:) is checked for a valid MX or A record. Scoring is done for non existing MX record and non existing A record - a messages fails (block), if both records are not found. default: 3

MXACacheInterval: Validate Domain MX Cache Refresh Interval
-- IP's in cache will be removed after this interval in days. 0 will disable the cache. default: 7

DoNoFrom: Check For Existing From Header
-- Scoring is set with fromValencePB. default: 3

DoNoFromWL: Do DoNoFrom for Whitelisted
-- Check for existing From Header for whitelisted addresses. default: 1

DoNoFromNP: Do DoNoFrom for NoProcessing
-- Check for existing From Header for noprocessing addresses. default: 1

removeDispositionNotification: Remove Disposition Notification Headers
-- If set, all headers : "ReturnReceipt: , Return-Receipt-To: and Disposition-Notification-To:" will be removed from not whitelisted and not noprocessing incoming mails. Select this to prevent unwanted whitelisting of spammers that request a Disposition Notification. Another way to prevent autowhitelisting because of an autoresponder is to use redRe . default:

DoDKIM: Validate DomainKeys Identified Mail
-- If activated, DomainKeys Identified Mails are checked for the right signature and contents. All DKIM parameters belongs also to the old DomainKey specification. This requires an installed Mail::DKIM::Verifier module in PERL. In addition DKIM is used to process Domain-based Message Authentication, Reporting & Conformance - described in DMARC (DMARC requires also ValidateSPF to be enabled). default: 3

DoStrictDKIM: Validate DomainKeys Identified Mail strictly
-- The DKIM test will fail, if the mail was modified by a mailhop. In this case the from address, the from domain, the to domain, the DKIM-signature by itself and the prefix of the digest-verification are valid, only the lower digest value differs! This may happen, if a mailhop has modified any other headerfield like X-...! If unchecked a mail will only pass, if the author policy and sender policy are accept or neutral! default: 0

noDKIMAddresses: Do not any DKIM Check for this Addresses *
-- Mail from any of these addresses will not be tagged and checked for DKIM. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default:

noDKIMIP: Exclude these IP's from any DKIM Check*
-- Enter IP's that you want to exclude from DKIM check, separated by pipes (|). default:

DKIMCacheInterval: Validate DKIM-Pre-Check-Cache Refresh Interval
-- Domains's in cache will be removed after this interval in days. 0 will disable the cache.
If activated a DKIM-pre-check will be done. If ASSP finds a DKIM-Signature in the mail header, it checks the DNS records of the sending domain for valid DKIM configurations and writes a record in to the DKIM-pre-check-cache, if it finds such configuration.
If ASSP does not find a DKIM-Signature in the mail header, it also checks the DNS records of the sending domain for valid DKIM configurations. If it find such a configuration, the mail is considered spam, because it should have a DKIM-Signature.
The next mail from a domain that is found in this cache, must have a DKIM-Signature to pass the DKIM-pre-check. How ever, some DNS records are wrong or inaccurate and will cause ASSP to block mails because of this - register such domains and/or IP's in noDKIMAddresses and/or noDKIMIP .
default: 7

AddDKIMHeader: Add X-Assp-DKIM Header
-- Add X-Assp-DKIM header. default: 1

SenderInvalidError: Sender Validation Error
-- SMTP error message to reject invalid senders. The literal REASON is replaced by (missing MX, missing PTR, invalid Helo, invalid user) depending on the check.

Notes On Validate Sender
default: 554 5.7.1 REASON .

IP Blocking

DelayIP: Simple IP Greylisting
-- Enable simple delaying for IP's in black penaltybox with totalscore above this value. A value of zero or empty disables this feature. default:

DelayIPTime: Simple IP Greylisting Embargo Time
-- Enter the number of minutes for which delivery, related with IP address of the sending host, is refused with a temporary failure. Default is 5 minutes. default: 5

DoDenySMTP: Do Deny Connections from these IP's
-- If activated, the IP is checked against (denySMTPConnectionsFrom) Deny Connections from these IP's. default: 1

denySMTPConnectionsFrom: Deny Connections from these IP's
-- Manually maintained list of IP's which should be blocked. IP's in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, whitebox (PBWhite) will pass. For example: file:files/blockip.txt.
To define IP's only for specific email addresses or domains (recipients) you must use the file:... option
An entry (line) may look as follows:
145.146.0.0/16=>@local.domain|user@mydomain|user2@*.mydomain # comment

It is possible to define a predefined group on any or both sides of the '=>' separator, like:
[ipgroup]=>[usergroup]|user@mydomain

noBlockingIPs: Do not block Connections from these IP's
-- Manually maintained list of IP's which should not be blocked. For example: 145.145.145.145|145.146.
To define IP's only for specific email addresses or domains (recipients) you must use the file:... option
An entry (line) may look as follows:
145.146.0.0/16=>@local.domain|user@mydomain|user2@*.mydomain # comment

It is possible to define a predefined group on any or both sides of the '=>' separator, like:
[ipgroup]=>[usergroup]|user@mydomain

DoDenySMTPstrict: Do Deny Connections from these IP's Strictly
-- If activated, the IP is checked against ('denySMTPConnectionsFromAlways') Deny Connections from these IP's Strictly. default: 1

denySMTPConnectionsFromAlways: Deny Connections from these IP's Strictly*
-- Manually maintained list of IP's which should strictly be blocked after address verification and before body and header is downloaded. Contrary to denySMTPConnectionsFrom IP's in noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, whitebox (PBWhite) will not pass if listed here. default: file:files/denyalways.txt

DoDropList: Do also Deny Connections from these IP's
-- If activated, the IP is checked against the Droplist in addition to 'denySMTPConnectionsFromAlways' and/or 'denySMTPConnectionsFrom'. The droplist is downloaded if a new one is available and contains the Spamhaus DROP List. See "http://www.spamhaus.org/drop/drop.lasso". default: 0

denySMTPstrictEarly: Do Strictly Deny Connections Early
-- IP's in denySMTPConnectionsFromAlways will be denied right away. default:

enhancedOriginIPDetect: Do an Enhanced Origin IP Address Detection in the Mail Header
-- If selected, ASSP will analyze the mail headers "RECEIVED:" lines for IP's on the mail routing way to detect spam bots, that uses open relay or hijacked mail servers for mail delivery.
Local and private IP's, and IP's listed in ispip, acceptAllMail, whiteListedIPs, noProcessingIPs, noDelay and noPB will be ignored.
The detected IP's will be additionally checked for IP-Blocking, DNSBL and IP-Frequency - the same way like the connected IP. These IP's are also additionally used for the maximum mail size calculation in MaxRealSizeAdr and MaxRealSizeExternalAdr. default: 1

DoFrequencyIP: Check Frequency - Maximum Connections Per IP
-- default: 0

maxSMTPipConnects: Maximum Frequency of Connections Per IP
-- The maximum number of SMTP connections an IP Address can make during the IP Address Frequency Duration. If a server makes more than this many connections to ASSP within the (maxSMTPipDuration) IP Address Frequency Duration it will be banned from future connections until the (maxSMTPipExpiration) IP Address Frequency Expiration is reached. This can be used to prevent server overloading and DoS attacks. 10 connections are typically enough. If left blank or 0, there is no limit imposed by ASSP. IP's in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, whitebox (PBWhite) are excluded from SMTP session limiting, whitelisted and noprocessing addresses are honored default: 10

maxSMTPipDuration: Maximum Frequency of Connections Per IP Duration
-- The window (in seconds) during which the (maxSMTPipConnects) IP Frequency (see above for more details) will be scrutinized for each IP. The default is 90 seconds. default: 90

maxSMTPipExpiration: Expiration of Maximum Frequency
-- The number of seconds that must pass before an IP address blocked by the (maxSMTPipConnects) IP Address Frequency setting is allowed to connect again. The default is 7200 (seconds) . default: 7200

DoDomainIP: Check Number of IP's Per Domain
-- This check is skipped if the IP and domain have passed the SPF-check. If ValidateSPF is enabled and an IP/Domain reaches the maxSMTPdomainIP limit, the MaintThread starts a background SPF check to prevent blocking good mails in future. default: 0

maxSMTPdomainIP: Limit Number of IP's Per Domain
-- The number of IP(subnet) switches a domain may have during the (maxSMTPdomainIPExpiration) Limit Different IP's Per Domain Expiration. If a domain switches more often than this it will be banned from future connections until the Expiration is reached. This can be used to prevent server overloading and DoS attacks. 10 connections are typically enough. If left blank or 0, there is no limit imposed by ASSP. IP's in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, whitebox (PBWhite) are excluded, whitelisted and noprocessing addresses are honored. default: 10

maxSMTPdomainIPExpiration: Expiration of Limit Number
-- The number of seconds that must pass before a domain blocked by the (maxSMTPdomainIP) Limit Subnet IP's Per Domain setting (see above for more details) is allowed to connect again. The default is 7200 (seconds). default: 7200

maxSMTPdomainIPWL: Do Not Limit Different IP's For These Domains
-- This prevents specific domains from limiting. For example: yahoo.com|hotmail..com|gmail.com

Notes On IP Blocking
default: gmx.de|t-online.de|yahoo.com|hotmail.com|gmail.com

SenderBase / Whois

sbTestMode: SenderBase Testmode
-- default:

enableWhois: Use Whois Queries instead or after or before of SenderBase Queries

If enabled, WHOIS queries to IP-Whois-Servers

"ARIN" => "whois.arin.net" - (which will possible redirect to)

"RIPE" => "whois.ripe.net"
"APNIC" => "whois.apnic.net"
"KRNIC" => "whois.krnic.net"
"LACNIC" => "whois.lacnic.net"
"AFRINIC" => "whois.afrinic.net"

will be done instead/after/before (WHOIS only/SenderBase first/WHOIS first) the Senderbase queries to CISCO's Ironport servers to get informations about an IP address. ARIN will be the first queried WHOIS server.
For the two '...first' options, the alternative second check is done, if the first check fails or assp has got no result for the county code.
This is useful, if your DNS-servers don't get answers for senderbase queries or senderbase queries are too slow.
In most cases WHOIS queries are much more faster than senderbase queries!
NOTICE: you must open the WHOIS-port (43) for TCP on your firewall for outgoing traffic from assp (if not already done)! default: 0

DoOrgWhiting: Do Organization Whiting
-- If activated, each sending IP address has its assigned organization looked up. Scoring is set with sworgValencePB. default: 1

whiteSenderBase: Whitelisted Organizations, Domains and Hosts in SenderBase**
-- If the organization, domain or hostname in the SenderBase IP description matches this Perl regular expression, the message will be considered non-spam. For example file:files/whiteorg.txt
NOTICE: If only the hostname matches an entry and DoOrgWhiting is set to "whiting", the domain+organization pair will not be added to the white organizations!
default: file:files/whiteorg.txt

DoOrgBlocking: Do Organization Blocking
-- If activated, each sending IP address has its assigned organization looked up. Scoring is set with sborgValencePB, Testmode is set with sbTestMode. default: 2

blackSenderBase: Blacklisted Organizations, Domains and Hosts in SenderBase**
-- If the organization, domain or hostname in the SenderBase IP description matches this Perl regular expression, the message will be considered spam. default:

DoCountryBlocking: Do Country Blocking
-- If activated, each sending IP address has its assigned country looked up. default: 2

CountryCodeBlockedRe: Blocked Country Codes**
-- Messages from IP's based in these countries will be blocked. For example: CN|KR|RU|JP|TR|TH|PL|LT|CL|RO|UA|GR|HU|SA|IN|IE|PT|MD|PE|CZ|TW|BR|CL. "all" will block all foreign countrycodes which are not in 'Suspicious Country Codes' or 'Ignore Country Codes'. See: English country names and code elements. default: CN|KR|RU|JP|TR|TH|PL|LT|CL|RO|UA|GR|HU|SA|IN|GB|IE|PT|MD|PE|CZ|TW|BR|CL

DoSenderBase: Do Country Code Scoring
-- If activated, each sending IP address has its assigned country looked up. default: 3

NoCountryCodeRe: Ignore Countries*
-- Messages from IP's based in these countries will be ignored. For example: US|CA|DE default: US|CA|DE

CountryCodeRe: Suspicious Country Codes**
-- Messages from IP's based in these countries will increase the MessageScore. For example: CN|KR|RU|JP|TR|TH|PL|LT|CL|RO|UA|GR|HU|SA|IN|IE|PT|MD|PE|CZ|TW|BR|CL|ID|PH default: CN|KR|RU|JP|TR|TH|PL|LT|CL|RO|UA|GR|HU|SA|IN|IE|PT|MD|PE|CZ|TW|BR|CL|ID|PH

MyCountryCodeRe: Home Country Codes**
-- Put here your own country code(s) (for example: US). Messages from IP's based in these countries will decrease, messages from other countries will increase the MessageScore. default:

ScoreForeignCountries: Score Foreign Countries
-- Messages from foreign countries will increase the total messageScore using sbfccValencePB. default: 1

SBCacheExp: Country Cache Refresh Interval
-- IP's in cache will be removed after this interval in days. 0 will disable the cache. default: 3

PenaltyBox / Message and IP Scoring

DoPenalty: Do PenaltyBox - IP History
-- The PenaltyBox is a temporary position of low esteem awarded for a perceived misdeed. It scores IP's based on some events ( baValencePB see penalty scores )and writes them into a BlackBox (PBBlack). If the score per specified time interval surpasses the threshold the message is rejected (and the IP is marked for blocking). They continue to get scored up to the Extreme Threshold.
These top performers can get a special treatment PenaltyExtreme when DoPenaltyExtreme is enabled. The WhiteBox (PBWhite) stores IP's which should not be put into the BlackBox (PBBlack). The WhiteBox is always enabled. If an address is in the whitelist or whitedomain, the IP goes into the WhiteBox. The WhiteBox is one of the sources Delaying/Greylisting uses to determine when delaying should not be done.
Entries in Don't do penalties for these IP's or ISP/Secondary MX Servers will prevent from penalties. Select 'monitor/messageScoring' to fill WhiteBox (PBWhite) and BlackBox (PBBlack). 'monitor/messageScoring' is also the right choice if you do not want to block IP's but rather score a message in 'Message Scoring Mode'. default: 2

DoPenaltyMessage: Message Scoring Mode
-- If this feature is selected, the total score for all checks during a message is used to determine if the email is Spam. If the combined score is greater than the Low MessageLimit (PenaltyMessageLow) and less than or equal the High MessageLimit (PenaltyMessageLimit) the message will not be blocked but tagged. If the combined score is greater than the High MessageLimit (PenaltyMessageLimit), the message will be blocked. default: 1

DoLocalPenaltyMessage: Message Scoring Mode for Local and Outgoing Mails
-- If this feature is selected, the total score for all checks during a local or outgoing message is used to determine if the email is Spam. If the combined score is greater than the Local Low MessageLimit (LocalPenaltyMessageLow) and less than or equal the Local High MessageLimit (LocalPenaltyMessageLimit) the message will not be blocked but tagged. If the combined score is greater than the Local High MessageLimit (LocalPenaltyMessageLimit), the message will be blocked. default: 0

MsgScoreOnEnd: Message Scoring on End
-- ASSP will wait using the 'DoPenaltyMessage' action, until all configured possible checks are finished. Use this, to force calculating a complete message score over all values, including all bonus values. default:

PenaltyMessageLow: Low MessageLimit
-- MessageMode will not block messages whose score exceeds this threshold during the message but will tag them. For example: 40 default: 40

LocalPenaltyMessageLow: Low MessageLimit for Local and Outgoing Mails
-- MessageMode will not block local and outgoing messages whose score exceeds this threshold during the message but will tag them. For example: 40 default: 40

PenaltyMessageLimit: High MessageLimit
-- MessageMode will block messages whose score exceeds this threshold during the message. For example: 50 default: 50

LocalPenaltyMessageLimit: High MessageLimit for Local and Outgoing Mails
-- MessageMode will block local and outgoing messages whose score exceeds this threshold during the message. For example: 50 default: 50

AddScoringHeader: Add IP/Message Scoring Header
-- Adds a line to the email header "X-Assp-XXX-Score: ", where XXX may be IP, Message or both. default: 1

pbdb: PenaltyBox Database
-- The directory/file with the penaltybox database files. For removal of entries from BlackBox (PBBlack) use noPB .
For removal of entries from WhiteBox (PBWhite) use noPBwhite. For whitelisting IP's use whiteListedIPs or noProcessingIPs . For blacklisting use denySMTPConnectionsFrom and denySMTPConnectionsFromAlways .
Write only "DB:" to use a database table instead of a local file.
default: pb/pbdb

noPB: Don't do Profiling for these IP's*
-- Enter IP's that you don't want to be penalized. These IP's will also be automatically removed from BlackBox (PBBlack). For example: 127.0.0.1|172.16. default:

noPBwhite: Don't do WhiteBox for these IP's*
-- Enter IP's that you want to be penalized. These IP's will also be automatically removed from WhiteBox (PBWhite). default:

WhiteExpiration: Expiration Time for WhiteBox Entries
-- The WhiteBox (PBWhite) is always activated. The WhiteBox (PBWhite) is similar to the Whitelist - but it is not a whitelist: content-related checks like Bayesian, URIBL, Bomb will be done, IP-related checks will be skipped. WhiteBox (PBWhite) entries will expire after this specified number of days. For example: 30 default: 30

DoDamping: Do Damping on Messagescore [0...99]
-- If DoPenalty and DoPenaltyMessage are set not to disabled and DoDamping is not set to 0, ASSP will slowdown the spammers traffic speed proportional to the current message score - because slowing down their speed will reduce spam everywhere.
The delay in seconds per receive/read cycle is calculated by the division [messagescore / DoDamping] . A recommended value is 5 default is 0. In this case the delay for a message score of 50 would be 10 seconds.
Do not use this option, if you have a highly frequented system, because the spammers connections will stay possibly a long time on your system, and you system could possibly reach the sessions limit ( maxSMTPSessions ).
Damping is never done for: noprocessing, whitelisted, nodelay, ISP, redlisted, noPB, outgoing/releayed and contentonly addresses, IP's, messages.
Damping may not be done for forced checks, relay attemps, messages reaching maxerrors, spamtrapaddresses and if any block condition is found - because ASSP will no more read from those connections and closes such connections immediately - but ASSP will try to keep the connection open for the calculated time, before it closes the connection.
Using this option or using a too low value (long delay) could possibly prevent ASSP from receiving spam messages, for example for spamlovers or sendAllSpam . Some Servers could give up sending data, because of too long delays. default: 0

maxDampingTime: Max time Used for Damping
-- The maximum time in second, that is used for one damping cycle if DoDamping is not set to 0, even if the calculated value caused by DoDamping is higher. For example: 30 default: 30

spamtrapaddresses: PenaltyBox Trap Addresses *
-- Mail to any of these addresses will be blocked and the scoring value is added. Whitelist and noPenaltyMakeTraps will be ignored. Nothing will be stored in the Spam Collection, if these addresses are not checked for validity. TO: and CC: addresses will be also checked - BCC: addresses only, if 'removeForeignBCC' is not set. If you want to use these addresses as permanent honeypott addresses (with collection), it is better to define them in spamaddresses and to enable DoNotBlockCollect . Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default: put|your@penaltytrap.com|addresses|@here.org

PenaltyTrapPolite: PenaltyTrap Reply
-- SMTP reply for invalid Users. Default: '550 5.1.1 User unknown: EMAILADDRESS'
The literal EMAILADDRESS (case sensitive) is replaced by the fully qualified SMTP recipient (e.g., thisuser@example.com). default: 550 5.1.1 User unknown: EMAILADDRESS

DoPenaltyMakeTraps: Do Heavy Used Invalid Addresses as PenaltyBox Trap Addresses
-- If set to 'make traps, only collect them', the frequency of Invalid Addresses is stored, no other action taken. If set to 'do not make them but block' or 'make traps and block them', addresses in heavy use will act like spamtrapaddresses (PenaltyBox Trap Addresses). If UseTrapToCollect is also set they will work like spamaddresses and collect the mails. default: 2

PenaltyMakeTraps: Invalid Addresses Limit
-- Minimum number of times an address must appear before it will be used as Trap. For example 10. default: 10

noPenaltyMakeTraps: Exceptionlist for Traps
-- Addresses which should not be used for traps. This list is also opponent to spamtrapaddresses . Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

PBTrapInterval: Invalid Addresses Refresh Interval
-- Addresses will be removed after this interval in days. For example 3. default: 3

PenaltyUseNetblocks: Use IP Netblocks
-- Perform the IP address checks of the sending host based on the /24 subnet rather than on the specific IP. default: 1

PenaltyError: Penalty Reply
-- If set SMTP reply for Penalty Deny. eg: '554 5.7.1 Error, send your mail to postmaster@LOCALDOMAIN to ensure delivery'. The literal LOCALDOMAIN will be replaced by the recipient domain. The literal LOCALUSER will be replaced by the recipient user part. For example:554 5.7.1 Mail appears to be unsolicited -- send error reports to postmaster@LOCALDOMAIN. default:

PenaltyDuration: Penalty Interval
-- IP's will be kept in the BlackBox (PBBlack) if their score exceeds the Penalty Limit during this interval (minutes). default: 60

PenaltyLimit: Penalty Limit
-- PB will block IP's whose score exceeds this threshold during the Penalty Interval.
Successful ASSP checks will increase the internal score per IP. For example: 50 default: 50

PenaltyExpiration: Expiration Time
-- Penalties will expire after this number of minutes. If set to Zero the Penalty BlackBox (PBBlack) will be deleted and started from scratch. default: 360

CleanPBInterval: Clean Up PB Databases ^s
-- Delete outdated entries from blackbox (PBBlack) and whitebox (PBWhite) databases every this many hours.
Defaults to 3 hours. default: 3

DoPenaltyExtreme: PenaltyBox Extreme IP Profiling
-- If set PBextreme will block IP's whose score meet or exceed Extreme Scoring Threshold. DoPenaltyExtreme blocks after the header is done, based on the IP's score from previous and current SMTP session default: 0

DoPenaltyExtremeSMTP: Enforce Early PenaltyBox Extreme IP Profiling
-- If set PBextreme will block IP's whose score meet or exceed Extreme Scoring Threshold before DELAYING, based on the IP's score from previous SMTP sessions. This can be set independently from DoPenaltyExtreme above. Whitelist, Collecting, Testmode, CopySpam, Spam-Lover is ignored. default: 0

noExtremePB: Don't do Extreme Profiling for these IP's*
-- Enter IP's that you don't want to be extreme penalized. IP's in noPB are already included. For example: 127.0.0.1|172.16. default:

noExtremePBAddresses: Don't do Extreme Profiling for Mails from any of these Addresses
-- Mails from any of these addresses will not be extreme profiled if DoPenaltyExtremeSMTP is not set. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com). default:

PenaltyExtreme: Extreme Scoring Threshold
-- PBextreme will use this to determine candidates for special treatment. For example: 150. default: 150

ExtremeWL: Penalize Whitelisted
-- Enable extreme penalties for whitelisted addresses. default:

ExtremeNP: Penalize NonProcessing
-- Enable extreme penalties for addresses on the noProcessing list. default:

ExtremeExpiration: Expiration Time for Extreme Penalties
-- Extreme penalties will expire after this number of days. For example: 7 default: 7

DoExtremeExport: Do Export Penalty BlackBox Extreme
-- default:

DoExtremeExportAppend: Append Export File
-- Do not overwrite the export file but append to it. default:

exportInterval: Export BlackBox Extreme File Interval ^s
-- Exported Penalty Black Box Extreme File every this hours.
Defaults to 6 hours. default: 6

exportExtremeBlack: Exported BlackBox Extreme File
-- IP's in Penalty BlackBox (PBBlack) which surpassed the extreme level will be regularly stored into this file. May be used for setting the firewall or similar applications. default: file:files/exportedextreme.txt

DoNotPenalizeRed: Do Not Score IP's in Redlisted Messages
-- IP's matching Red Regex or Redlist will not collect scoring values from PenaltyBox. default:

DoNotPenalizeNull: Do Not Score IP's From Bounce/Null-Senders
-- IP's matching BounceSenders will not be IP-penalized. default:

autValencePB: Bad SMTP Authentication, default=60 +
-- Message/IP scoring
This option and all other ValencePB options with a "+" at the end of the description, accepts a second comma or pipe separated value like: "20,10" .
In this case the first value is used for message scoring and the second value is used for IP scoring.
If only the first value is defined, this value is used for both scoring mechanism.
If a ValencePB option is related to any feature which allowes the usage of weighted penalties, the message scoring value is used to calculate the weighted penalty and the result is used calculating (result * ipscorevalence / messagescorevalence ) for IP scoring. default: 60

baValencePB: Bad Attachment, default=20 +
-- Message/IP scoring default: 20

backsctrValencePB: Backscatter detection, default=10 +
-- Message scoring default: 10

baysValencePB: Bayesian, default=49 +
-- Message/IP scoring default: 49

bayslocalValencePB: Bayesian for Local Messages, default=55 +
-- Message/IP scoring default: 55

bayshamValencePB: Bayesian HAM Bonus, default=0 +
-- Message/IP scoring bonus (zero or negative value only) default: 0

HMMValencePB: Hidden-Makov-Model, default=49 +
-- Message/IP scoring default: 49

HMMlocalValencePB: Hidden-Makov-Model for Local Messages, default=55 +
-- Message/IP scoring default: 55

HMMhamValencePB: Hidden-Makov-Model HAM Bonus, default=0 +
-- Message/IP scoring bonus (zero or negative value only) default: 0

blValencePB: Blacklisted Domain, default=20 +
-- Message/IP scoring default: 20

bombSuspiciousValencePB: Bomb Suspicious - scoring only, default=10 +
-- Message scoring default: 10

bombValencePB: Bomb Expression, default=20 +
-- Message/IP scoring default: 20

blackValencePB: Bomb Black Expression, default=20 +
-- Message/IP scoring default: 20

dkimValencePB: Domain Key Verification failed, default=15 +
-- Message/IP scoring default: 15

dkimOkValencePB: Domain Key Verification OK, default=0
-- Message Scoring Bonus default: 0

erValencePB: Empty Recipients, default=5 +
-- Message/IP scoring default: 5

etValencePB: Early Talker Scoring, default=25 +
-- Message/IP scoring for clients who talk before server's greeting is sent. A value of zero will disable this check - otherwise assp scores the IP and droppes the connection. default: 25

fhValencePB: Forged HELO, default=150 +
-- Message/IP scoring default: 150

fiphValencePB: Suspicious HELO: IP in HELO, default=39 +
-- Message/IP scoring default: 39

fiphmValencePB: Suspicious HELO: IP in HELO mismatch, default=60 +
-- Message/IP scoring default: 60

flValencePB: Invalid Local Sender, default=20 +
-- Message/IP scoring default: 20

slValencePB: Spoofed Local Sender, default=20 +
-- Message/IP scoring default: 20

hlValencePB: Blacklisted/Good HELO, default=20 +
-- Message/IP scoring default: 20

iaValencePB: Internal Only Address, default=25 +
-- Message/IP scoring default: 25

idValencePB: Domain Changing IP Frequency, default=150 +
-- Message/IP scoring default: 150

ifValencePB: IP Frequency, default=150 +
-- Message/IP scoring default: 150

idleValencePB: Timeout Score
-- For IP scoring with smtpIdleTimeout. default: 0

iplValencePB: IP Parallel Sessions, default=5 +
-- Message/IP scoring default: 5

ihValencePB: Invalid HELO, default=10 +
-- Message/IP scoring default: 10

irValencePB: Invalid Recipient, default=10 +
-- Message/IP scoring default: 10

isValencePB: Subject Frequency, default=150 +
-- Message/IP scoring default: 150

mdrValencePB: Duplicate Recipient, default=10 +
-- Message/IP scoring default: 10

midmValencePB: Missing Message-ID, default=10 +
-- Message/IP scoring default: 10

midsValencePB: Suspicious Message-ID, default=10 +
-- Message/IP scoring default: 10

midiValencePB: Invalid Message-ID, default=10 +
-- Message/IP scoring default: 10

fbmtvValencePB: Invalid FBMTV check, default=25 +
-- Message/IP scoring default: 25

batvValencePB: Invalid BATV check, default=25 +
-- Message/IP scoring default: 25

meValencePB: Max Errors Exceeded, default=10 +
-- Message/IP scoring default: 10

msValencePB: Message Scoring Limit Exceeded, default=10 +
-- IP scoring default: 10

mxValencePB: Missing MX, default=10 +
-- Message/IP scoring default: 10

mxaValencePB: Missing MX & A Record, default=15 +
-- Message/IP scoring default: 15

nofromValencePB: No From Score, default=50 +
-- For Message/IP scoring in DoNoFrom. default: 50

pbeValencePB: Extreme Bad IP History, TotalScore larger than PenaltyExtreme, default=25
-- Message Scoring default: 25

pbValencePB: Bad IP History, TotalScore larger than PenaltyLimit, default=15
-- Message Scoring default: 15

pbwValencePB: Good IP History (IP in PB WhiteBox), default=-15
-- Message Scoring Bonus default: -15

gripValencePB: GRIP value (+ if > 0.9,- if < 0.1), default=5
-- Message scoring default: 5

okValencePB: Message OK, default=-25
-- IP Bonus default: -25

ptmValencePB: Missing PTR Record, default=10 +
-- Message/IP scoring default: 10

ptiValencePB: Invalid PTR Record, default=15 +
-- Message/IP scoring default: 15

rblnValencePB: DNSBL Neutral, default=35 +
-- Message/IP scoring default: 35

rblValencePB: DNSBL Failed, default=100 +
-- Message/IP scoring default: 100

rlValencePB: Failed Relay Attempt, default=10 +
-- Message/IP scoring default: 10

saValencePB: Spam Collect Address, default=25
-- IP scoring default: 25

scriptValencePB: Script Expression, default=25 +
-- Message/IP scoring default: 25

sbnValencePB: No Organization and No CountryCode, default=10 +
-- For Message/IP scoring in DoOrgBlocking/DoCountryBlocking default: 10

sworgValencePB: White Organizations Score, default=-25
-- Bonus for Message/IP scoring in DoOrgWhiting default: -25

sbsccValencePB: Suspicious Country Code, default=10
-- Message scoring default: 10

bccValencePB: Blocked Country Code Score, default=25 +
-- For Message/IP scoring in PenaltyBox ( DoPenalty ) default: 25

sbfccValencePB: Foreign Country Code Score, default=10 +
-- message scoring in PenaltyBox ( DoPenaltyMessage ) default: 10

sbhccValencePB: Home Country Code Score, default=-10 +
-- Bonus for Message/IP Scoring in PenaltyBox ( DoPenalty ) default: -10

sborgValencePB: Blocked Organizations Score, default=25 +
-- For Message/IP scoring in PenaltyBox ( DoPenalty ) default: 25

spfpValencePB: SPF Pass Score, default=-10
-- Bonus for Message/IP scoring with SPF default: -10

spfnValencePB: SPF Neutral, default=5 +
-- Message/IP scoring default: 5

spfsValencePB: SPF Softfailed, default=5 +
-- Message/IP scoring default: 5

spfnonValencePB: SPF None, default=0 +
-- Message/IP scoring default: 0

spfuValencePB: SPF Unknown, default=0 +
-- Message/IP scoring default: 0

spfeValencePB: SPF Error, default=5 +
-- Message/IP scoring default: 5

spfValencePB: SPF Failed, default=10 +
-- Message/IP scoring default: 10

srsValencePB: SRS Validate Bounce Failed Score, default=10 +
-- For Message/IP scoring in SRSValidateBounce default: 10

stValencePB: Penalty Trap Address, default=50 +
-- For Message/IP scoring default: 50

tlsValencePB: OK, Is a SSL/TLS connection, default=-10 +
-- Message Scoring/IP scoring Bonus for SSL/TLS connections default: -10

uriblnValencePB: URIBL Neutral, default=20 +
-- Message/IP scoring default: 20

uriblValencePB: URIBL Failed, default=25 +
-- Message/IP scoring default: 25

vsValencePB: Virus suspicious, default=25
-- Message scoring default: 25

vdValencePB: Virus detected, default=50 +
-- Message/IP scoring default: 50

teValencePB: TestRe Valence, default=20 +
-- Valence for testing testRe

Notes On Penalty Box
default: 20

Delaying/Greylisting

EnableDelaying: Enable Delaying/Greylisting
-- Enable Greylisting as described at Greylisting-whitepaper.
It's a new method of blocking significant amounts of spam at the mailserver level, but without resorting to heavyweight statistical analysis or other heuristical approaches. default: 1

DelayWL: Whitelisted Greylisting
-- Enable Greylisting for whitelisted mails. This also enables Geylisting for SPF-Cache-OK listed IP's and mails from white organizations, which are normally not greylisted. default:

DelayNP: NoProcessing Greylisting
-- Enable Greylisting for noprocessing mails. default:

DelaySL: Spam-Lovers Greylisting
-- Enable Greylisting for Spam-Lovers. default:

DelayAddHeader: Add X-Assp-Delayed Header
-- Add X-Assp-Delayed header to header of all delayed or whitelisted mails. default: 1

DelayEmbargoTime: Embargo Time
-- Enter the number of minutes for which delivery, related with new 'triplet' (IP address of the sending
host + mail from + rcpt to), is refused with a temporary failure. Default is 5 minutes. default: 5

DelayWaitTime: Wait Time
-- Enter the number of hours to wait for delivery attempts related with recognized 'triplet'; delivery is accepted
immediately and the 'tuplet' (IP address of the sending host + sender's domain) is safelisted. Default is 28 hours. default: 28

DelayExpiryTime: Expiry Time
-- Enter the number of days for which whitelisted 'tuplet' is considered valid. Default is 36 days. default: 36

DelayUseNetblocks: Use IP Netblocks
-- Perform the IP address checks of the sending host based on the /24 subnet it is at rather than the specific IP.
This feature may be useful for legitimate mail systems that shuffle messages among SMTP clients between retransmissions. default: 1

DelayNormalizeVERPs: Normalize VERP Addresses
-- Some mailing lists (such as Ezmlm) try to track bounces to individual mails, rather than just individual recipients, which creates a variation on the VERP method where each email has its own unique envelope sender. Since the automatic whitelisting (called savelisting to make a difference to the standard whitelisting) that is built into Greylisting depends on the envelope addresses for subsequent mails being the same, the greylisting filter will attempt to normalize the unique sender addresses, when this option is checked. default: 1

DelayWithMyName: Add myName to Triplets
-- If set, myName is added to every delay triplet (not to tuplets). This is useful and recommended, if you are using more than one ASSP host with shared databases for delaydb. This option makes the triplets unique to every ASSP host, because it is allowed for SMTP-hosts, to request a backup MX immediately after the primary MX, without waiting 5 minutes (DelayEmbargoTime) between the two requests. default: 0

DelayMD5: Use MD5 for DelayDB
-- Message-Digest algorithm 5 is a cryptographic hash function and adds some level of security to the delay database. Must be set to off if you want to list the database with DelayShowDB/DelayShowDBwhite. This requires an installed Digest::MD5 module in PERL. default: 1

DelayShowDB: Show Delay/Greylisting Database
-- The directory/file with the delay database file. If you change the filename in section Filepath ( delaydb ) you must change it here too. default: file:delaydb

DelayShowDBwhite: Show Delay/Greylisting Save Database
-- The directory/file with the save delay database file. If you change the filename in section Filepath ( delaydb ) you must change it here too. default: file:delaydb.white

DelayExpireOnSpam: Expire Spamming Safelisted Tuplets
-- If a safelisted 'tuplet' is ever associated with spam, viruses, failed rbl, spf etc, it is deleted from the safelist.
This renews the temporary embargo for subsequent mail involving the tuplet. default: 1

CleanDelayDBInterval: Clean Up Delaying Database ^s
-- Delete outdated entries from triplets and safelisted tuplets databases every this many seconds.
Defaults to 3 hour. default: 10800

noDelay: Don't Delay these IPs
-- Enter IP addresses that you don't want to be delayed, separated by pipes (|). There are misbehaving MTAs that will not be able to get a legitimate email through a Greylisting server because they do not try again later. An INCOMPLETE list of such mailers is available at cvs.puremagic.com/viewcvs/Greylisting/schema/whitelist_ip.txt.
When using mentioned list remember to add trailing dots in IP addresses which specify subnets (eg. 192.168 -> 192.168. ).
For example: 127.0.0.1|172.16..
To define IP's only for specific email addresses or domains (recipients) you must use the file:... option
An entry (line) may look as follows:
145.146.0.0/16=>@local.domain|user@mydomain|user2@*.mydomain # comment

It is possible to define a predefined group on any or both sides of the '=>' separator, like:
[ipgroup]=>[usergroup]|user@mydomain

noDelayAddresses: Do not Delay these Addresses
-- Enter senders email addresses that you don't want to be delayed, separated by pipes (|). You can list specific addresses (user@anydomain.com), addresses at any domain (user), or entire domains (@anydomain.com). Wildcards are supported (fribo@domain.com). (|).
For example: fribo@anydomain.com|jhanna|@sillyguys.org or place them in a plain ASCII file one address per line:file:files/nodelayuser.txt. default:

DelayError: Reply Code to Refuse Delayed Messages
-- SMTP reply code to refuse delayed messages. Default: 451 4.7.1 Please try again later

Notes On Delaying
default: 451 4.7.1 Please try again later

SPF/DMARC/SRS

ValidateSPF: Enable SPF Validation
-- Enable Sender Policy Framework Validation as described at openspf and Domain-based Message Authentication, Reporting & Conformance - described in DMARC (DMARC requires also DoDKIM to be enabled).
This requires an installed Mail::SPF module in PERL. Testmode is set with spfTestMode, scoring is set with spfValencePB. If you need more information about the syntax of SPF records, visit SPF_Record_Syntax. default: 3

SPF2: Do SPF Version 2 Validation
-- Enable Sender Policy Framework Validation Version 2.
This requires an installed Mail::SPF object-oriented Perl module that supersedes the old Mail::SPF::Query module. default: 1

SPFWL: Whitelisted SPF Validation
-- Enable Sender Policy Framework Validation for whitelisted users also. default:

SPFNP: noProcessing SPF Validation
-- Enable Sender Policy Framework Validation for nonprocessed messages also. default:

SPFLocal: Local and outgoing mail SPF Validation
-- Enable Sender Policy Framework Validation for local and outgoing messages also. Don't forget to configure your DNS-server for SPF and/or to configure SPFoverride / SPFfallback / SPFlocalRecord, if you enable this option. default:

enableSPFbackground: Enable SPF Background Check
-- SPF background checks are initiated by some features (for example DoDomainIP) to fillup the SPFCache. The collected results are later used to prevent blocking good mails. default: 1

AddSPFHeader: Add Received-SPF Header
-- Add Received-SPF header to header of all mails processed by SPF. default: 1

SPFError: SPF Failed Reply
-- SMTP reply for SPF failed messages. Default: '554 5.7.1 failed SPF: SPFRESULT'
The literal SPFRESULT (case sensitive) is replaced by the actual result. default: 554 5.7.1 failed SPF: SPFRESULT

noSPFRe: Skip SPF Processing*
-- Put anything here to identify these messages in mailfrom or header default:

SPFoverride: Override Domains
-- Set override to define SPF records for domains that do publish (or not) but which you want to override anyway. If you specify only domains the Local SPF Record ( SPFlocalRecord ) below will be used as default. Wildcards are supported. For example: abc.com=>v=spf1 a/24 mx/24 ptr -all|cello.ch=>v=spf1 ip4:213.46.243.0/26 ~all|abc.com|.def.com .
To generate a SPF record for a domain:
- go to http://www.senderbase.org
- lookup the domain information in "Look up your network"
- right beside "Addresses in domain used to send email" click on export, and export the list in to plain text
- copy and past the list in to an editor and generate a comma separated IP list
- go to an online SPF record generator - for example: http://www.royhochstenbach.com/projects/spfgenerator and generate the SPF record
- put "domain=>SPF-record" in any of SPFoverride or SPFfallback
- define the policy as strict as possible default:

SPFfallback: Fallback Domains
-- Set fallback to define "pretend" SPF records for domains that don't publish them yet. If you specify only domains the Local SPF Record ( SPFlocalRecord ) below will be used as default. Wildcards are supported. For example: abc.com=>v=spf1 a/24 mx/24 ptr -all|cello.ch=>v=spf1 ip4:213.46.243.0/26 ~all|abc.com|.def.com default:

LocalPolicySPF: Local SPF Policy
-- If the sending domain does not publish its own SPF Records this will be used.
The default is v=spf1 a/24 mx/24 ptr ~all
This option applies to Mail::SPF::Query module only. default: v=spf1 a/24 mx/24 ptr ~all

SPFlocalRecord: Fallback/Override SPF Record
-- Used in Fallback/Override Domains
The default is v=spf1 a/24 mx/24 ptr -all default: v=spf1 a/24 mx/24 ptr -all

strictSPFRe: Strict SPF Processing Regex*
-- Softfail/Neutral will be failed for these sending addresses. Put anything here to identify the addresses default: file:files/strictspf.txt

blockstrictSPFRe: Block SPF Processing Regex*
-- All failed messages will be blocked for these sending addresses. Put anything here to identify the addresses. default: @ebay.com|@paypal.com

DoSPFinHeader: Additional SPF Check on the Header from
-- Do an additional SPF check on the header from: address if it is in blockstrictSPFRe this check breakes RFC rules . default:

SPFsoftfail: Fail SPF Softfail Validations
-- Intentionally fail SPF softfail status responses. The possible results of a query are:

pass:The client IP address is an authorized mailer for the sender. The mail should be accepted subject to local policy regarding the sender.

fail:The client IP address is not an authorized mailer, and the sender wants you to reject the transaction for fear of forgery.

softfail:The client IP address is not an authorized mailer, but the sender prefers that you accept the transaction because it isn't absolutely sure all its users are mailing through approved servers. The softfail status is often used during initial deployment of SPF records by a domain.

neutral:The sender makes no assertion about the status of the client IP.

none:There is no SPF record for this domain.

permerror & temperror:The DNS lookup encountered an error during processing.

unknown:The domain has a configuration error in the published data or defines a mechanism that this library does not understand. default:

SPFneutral: Fail SPF Neutral Validations
-- Intentionally fail SPF neutral status responses default:

SPFqueryerror: Fail SPF Error Responses
-- Intentionally fail SPF 'error' status responses default:

SPFnone: Fail SPF None and Unknown Responses
-- Intentionally fail SPF 'none' and 'unknown' status responses default:

SPFunknown: Fail SPF Unknown Responses
-- Intentionally fail SPF 'unknown' status responses default:

SPFCacheInterval: SPF Cache Refresh Interval
-- SPF records in cache will be removed after this interval in days. 0 will disable the cache. default: 7

DebugSPF: Enable SPF/DNS/Whois/Senderbase Debug output to ASSP Logfile
-- Enables verbose debugging of SPF/DNS/Whois/Senderbase queries within the related modules.

Notes On SPF
default:

DoDMARC: Enable DMARC Check
-- If enabled and ValidateSPF and DoDKIM are enabled and the sending domain has published a DMARC-record/policy, assp will act on the mail according to the senders DMARC-policy using the results of the SPF and DKIM check. It is save to leave this feature ON, it will not produce false positives!
If you have published a DMARC-record and you want to collect statisical data, look at dmarcian.com default: 1

DMARCReportFrom: From Address for DMARC Reports
-- The email address to be used as FROM: address to send DMARC reports. If blank, no DMARC reports will be sent! If only the user name is defined, assp will add the domain name that belongs to the report. default:

noDMARCReportDomain: Don't send DMARC reports to these Addresses/Domains
-- Put any DMARC report recipient domain or address (ruf/rua) in to this list - for example if DMARC reports could be never delivered for any reason.
Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo@example.com). default:

EnableSRS: Enable Sender Rewriting Scheme
-- Enable Sender Rewriting Scheme as described at www.openspf.org/SRS.
This requires an installed Mail::SRS module in PERL.
You should use SRS if your message handling system forwards email for domains with published spf records and there SPF record not includes your MX.
NOTICE: In case your local users are forwarding mails (e.g. from external domains) to external domains (external mail accounts) and these foreign domains bounces back (e.g. out_of_office / vacation), your MTA (smtpDestination) will possibly get mails from external domains to be delivered to external domains!
Note that you have to setup the outgoing path (Relay Host and Port) to let ASSP see and rewrite your outgoing traffic.
Testmode is set with srsTestMode. default:

SRSAliasDomain: Alias Domain
-- SPF requires the SMTP client IP to match the envelope sender (return-path). When a message is forwarded through
an intermediate server, that intermediate server may need to rewrite the return-path to remain SPF compliant.
For example: thisdomain.com default: thisdomain.com

SRSSecretKey: Secret Key
-- A key for the cryptographic algorithms -- Must be at least 5 characters long. default:

SRSTimestampMaxAge: Maximum Timestamp Age
-- Enter the maximum number of days for which a timestamp is considered valid. Default is 2 days. After this number of days a SRS bounce is no longer valid! default: 2

SRSHashLength: Hash Length
-- The number of bytes of base64 encoded data to use for the cryptographic hash.
More is better, but makes for longer addresses which might exceed the 64 character length suggested by RFC2821.
This defaults to 6, which gives 6 x 6 = 36 bits of cryptographic information, which means that a spammer will have
to make 2^36 attempts to guarantee forging a SRS address. default: 6

SRSValidateBounce: Enable Bounce Recipient Validation
-- Bounce messages that fail reverse SRS validation (but not a valid SMTP probe)
will receive a 554 5.7.5 [Bounce address not SRS signed] SMTP error code.
Testmode is set with srsTestMode, scoring is set with srsValencePB. default: 0

SRSno: Don't Rewrite These Addresses*
-- Don't rewrite addresses when messages come from these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).
For example: fribo@thisdomain.com|jhanna|@sillyguys.org default:

noSRS: Don't Validate Bounces From these IPs*
-- Enter IP addresses that you don't want to validate bounces from, separated by pipes (|).
For example: 127.0.0.1|172.16..

Notes On SRS
default:

DNSBL

ValidateRBL: Enable DNS Blacklist Validation
-- This requires an installed Net::DNS module in PERL. default: 1

ForceRBLCache: Early DNSBL Cache Blocking
-- If set, ASSP will use cached DNSBL hits to block messages before other tests. testmode will override this. spamlover settings will be ignored. default:

noRBL: Don't do DNSBL for these IPs*
-- Enter IP addresses that you don't want to be DNSBL validated, separated by pipes (|). For example: 127.0.0.1|172.16.. default:

RBLWL: Whitelisted DNSBL Validation
-- Enable DNSBL for whitelisted users also default: 0

AddRBLHeader: Add X-Assp-DNSBL Header
-- Add X-Assp-DNSBL header to messages with positive reply from DNSBL. default: 1

RBLError: DNSBL Failed Reply
-- SMTP reply for DNSBL failed messages. Default: '554 5.7.1 DNS Blacklisted by RBLLISTED'
The literal RBLLISTED (case sensitive) is replaced by the actual service providers(s). default: 554 5.7.1 DNS Blacklisted by RBLLISTED

RBLServiceProvider: RBL Service Providers*
-- Names of DNSBLs to use separated by "|". You may set for every provider a weight like zen.spamhaus.org=>50|bl.spamcop.net=>25.
Defaults are:
zen.spamhaus.org=>1|bl.spamcop.net=>1|psbl.surriel.com=>2|ix.dnsbl.manitu.net=>2|
l2.apews.org=>3|combined.njabl.org=>1|safe.dnsbl.sorbs.net=>1|dnsbl-1.uceprotect.net=>2|
dnsbl-2.uceprotect.net=>2|dnsbl-3.uceprotect.net=>2|blackholes.five-ten-sg.com=>3".
DNSBL providers can get a "weight" like bl.spamcop.net=>1.
The value of the weight can be set directly like=>45 or as a divisor of RBLmaxweight. Low numbers < 6 are divisors . So if RBLmaxweight = 50 (default) bl.spamcop.net=>50 would be the same as bl.spamcop.net=>1, bl.spamcop.net=>2 would be the same as bl.spamcop.net=>25.
If the sum of weights surpasses RBLmaxweight, the DNSBL check fails. If not, the DNSBL check is scored as "neutral" even with RBLmaxhits reached. Setting Showmaxreplies will allow ALL replies to contribute to the total weight regardless of RBLmaxhits.
Some RBL Service Providers, like blackholes.five-ten-sg.com, provides different return codes in a single DNS-zone: like 127.a.b.c - where a,b,c are used to identify a weight or type (or what ever) of the returned entry. If you want to care about special return codes, or if you want to use different weights for different return codes, you should use the following enhanced entry syntax:

RBL-Service-Provider=>result-to-watch=>weight (like:)
blackholes.five-ten-sg.com=>127.0.0.2=>3
blackholes.five-ten-sg.com=>127.0.0.5=>4
blackholes.five-ten-sg.com=>127.0.?.*=>5

You can see, the wildcards * (multiple character) and ? (single character) are possible to use in the second parameter. Never mix the three possible syntax types for the same RBL Service Provider. A search for a match inside such a definition is done in reverse ASCII order, so the wildcards are used as last.
Some RBL Service Providers, provides different return codes using a bitmask in any part of the reply. To define weights for bitmasks, place a single 'M' in front of the mask number, like

sp.com=>127.0.0.M2=>25
sp.com=>127.0.0.M4=>41
sp.com=>127.0.M1.5=>56
sp.com=>127.0.M64.=>11
sp.com=>127.0.0.2=>22
sp.com=>127.0..*=>1

Valid bitmasks are 1,2,4,8,16,32,64 and 128. The resulting weight will be the weight sum of all matching bitmasks (if no full qualified definition is found). For example: a return code of 127.0.0.6 for sp.com will result in a weight of 66 (25+41), a reply of 127.0.0.2 will result in 22
Because each single bitmask indicates a set of 128 numbers you should prevent the usage of something like 127.0.M16.M1 - this will lead in to a set of (128*128) 16384 addresses, which is really too much!
For the same service provider, first define all bitmask definitions, after that all full qualified definitions and than all definitions with wildcards, like in the example above! If your definition order is wrong, the resulting weights will be unexpected!
default: file:files/dnsbls.txt

RBLmaxreplies: Maximum Replies
-- A reply is affirmative or negative reply from a DNSBL.
The DNSBL module will wait for this number of replies (negative or positive) from the DNSBLs listed under Service Provider for up to the Maximum Time( RBLmaxtime ).
This number should be equal to or less than the number of DNSBL Service Providers listed to allow for randomly unavailable DNSBLs. default: 7

RBLmaxhits: Maximum Hits
-- A hit is an affirmative response from a DNSBL.
The DNSBL module will check all of the DNSBLs listed under Service Provider. If the number of hits is greater or equal Maximum Hits, the email is flagged Failed.
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral default: 2

RBLmaxweight: RBL Maximum Weight
-- A weight is a number representing the trust we put into a DNSBL.
The DNSBL module will check all of the DNSBLs listed under Service Provider. If the total of weights is greater or equal Maximum Weight, the email is flagged Failed.
If the total of weights is greater 0 and less Maximum Weight, the email is flagged Neutral default: 50

RBLmaxtime: Maximum Time
-- This sets the maximum time in seconds to spend on each message performing DNSBL checks. Default is 15. default: 15

RBLsocktime: Socket Timeout
-- This sets the DNSBL socket read timeout in seconds. default: 1

RBLCacheExp: DNSBL Expiration Time
-- IP's in cache will be removed after this interval in hours. 0 will disable the cache.
Notes On DNSBL
default: 24

URIBL

ValidateURIBL: Enable URI Blocklist Validation
-- Enable URI Blocklist. Messages that fail URIBL validation will receive URIBLError SMTP error code. This requires an installed Net::DNS module and an installed Email::MIME module in PERL.
0 = disabled, 1 = block, 2 = monitor, 3 = messagescore . default: 1

URIBLWL: Do URI Blocklist Validation for Whitelisted
-- URIBL check is done ignoring all spamlovers and testmodes! default:

URIBLNP: Do URI Blocklist Validation for NoProcessing
-- URIBL check is done ignoring all spamlovers and testmodes! default:

URIBLLocal: Do URI Blocklist Validation for Local Mails
-- default:

URIBLISP: Do URI Blocklist Validation for ISP/Secondary
-- default: 1

URIBLServiceProvider: URIBL Service Providers*
-- Domain Names of URIBLs to use separated by "|". You may set for every provider a weight like multi.surbl.org=>50|black.uribl.com=>25.
The value of the weight can be set directly like=>45 or as a divisor of URIBLmaxweight . Low numbers < 6 are divisors . So if URIBLmaxweight = 50 (default) multi.surbl.org=>50 would be the same as multi.surbl.org=>1, multi.surbl.org=>2 would be the same as multi.surbl.org=>25.
If the sum of weights surpasses URIBLmaxweight, the URIBL check fails. If not, the URIBL check is scored as "neutral" even with URIBLmaxhits reached. Setting Showmaxreplies will allow ALL replies to contribute to the total weight regardless of URIBLmaxhits.
Some URIBL Service Providers, like multi.surbl.org and black.uribl.com , provides different return codes in a single DNS-zone: like 127.a.b.c - where a,b,c are used to identify a weight or type (or what ever) of the returned entry. If you want to care about special return codes, or if you want to use different weights for different return codes, you should use the following enhanced entry syntax:

URIBL-Service-Provider=>result-to-watch=>weight (like:)
multi.surbl.org=>127.0.0.2=>2
multi.surbl.org=>127.0.0.4=>3
multi.surbl.org=>127.0.0.?=>4
multi.surbl.org=>127.0.0.*=>5

You can see, the wildcards * (multiple character) and ? (single character) are possible to use in the second parameter. Never mix the three possible syntax types for the same URIBL Service Provider. A search for a match inside such a definition is done in reverse ASCII order, so the wildcards are used as last.
Some URIBL Service Providers, provides different return codes using a bitmask in any part of the reply. To define weights for bitmasks, place a single 'M' in front of the mask number, like

sp.com=>127.0.0.M2=>25
sp.com=>127.0.0.M4=>41
sp.com=>127.0.M1.5=>56
sp.com=>127.0.M64.=>11
sp.com=>127.0.0.2=>22
sp.com=>127.0..*=>1

URIBLCCTLDS: URIBL Country Code TLDs*
-- List of two level country code TLDs and three level country code TLDs used to determine the base domain of the uri. Two level TLDs will be checked on third level, third level TLDs will be checked on fourth level. Any not listed domain will be checked in level two. default: file:files/URIBLCCTLDS.txt

URIBLmaxuris: Maximum URIs
-- More than this number of URIs in the body will increase spam probability. Enter 0 to disable feature. default: 0

URIBLmaxdomains: Maximum Unique Domain URIs
-- More than this number of unique domain URIs in the body will increase spam probability. Enter 0 to disable feature. default: 0

URIBLNoObfuscated: Disallow Obfuscated URIs
-- When enabled, messages with obfuscated URIs of types [integer/octal/hex IP, other things!] in the body will get increased spam probability and if weights are used, the double weight will be used. default: 1

URIBLcheckDOTinURI: Check for 'DOT' in URI
-- When enabled, assp will also check for the used word 'DOT' instead of a '.' in URI's like 'exampledotcom or example!d o-t_com' .
Enable this feature only, if you don't expect any problems in your national language (using 'dot' + a toplevel domain in any words). default:

URIBLmaxreplies: Maximum Replies
-- A reply is affirmative or negative reply from a URIBL.
The URIBL module will wait for this number of replies (negative or positive) from the URIBLs listed under Service Provider
for up to the Maximum Time below. This number should be equal to or less than the number of URIBL Service Providers
listed to allow for randomly unavailable URIBLs. default: 2

URIBLmaxhits: Maximum Hits
-- A hit is an affirmative response from a URIBL.
The URIBL module will check all of the URIBLs listed under Service Provider,
and flag the email with a URIBL failure flag if more than this number of URIBLs return a positive blacklisted response.
This number should be less than or equal to Maximum Replies above and greater than 0.
If the number of hits is greater or equal Maximum Hits, the email is flagged failed in every case!
If the number of hits is greater 0 and less Maximum Hits, the email is flagged neutral.
This behavior could be changed to your needs by using weighted values for the URIBLServiceProvider . default: 1

URIBLmaxweight: URIBL Maximum Weight
-- A weight is a number representing the trust we put into a URIBL.
The URIBL module will check all of the URIBLs listed under URIBLServiceProvider for every URI found in an email. If the total of weights for a URI is greater or equal this Maximum Weight, the email is flagged Failed.
If the total of weights is greater 0 and less Maximum Weight, the email is flagged Neutral . If not defined or set to zero only the hit count will used to detect a fail or neutral state. default: 50

URIBLmaxtime: Maximum Time
-- This sets the maximum time in seconds to spend on each message performing URIBL checks. default: 10

URIBLsocktime: Socket Timeout
-- This sets the URIBL socket read timeout in seconds. default: 1

URIBLwhitelist: Whitelisted URIBL Domains*
-- This prevents specific domains from being checked by URIBL module. For example: doubleclick.net or file:files/URIBLwhitelist.txt. Domains already listed in noProcessingDomains and whiteListedDomains will be honored. default: doubleclick.net

noURIBL: Don't Check Messages from these Addresses*
-- Don't validate URIBL when messages come from these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).
For example: fribo@thisdomain.com|jhanna|@sillyguys.org default:

URIBLIPRe: Bad URI IP's*
-- Every IP in a URI and every IP resolved for a hostname in a URI is checked against this list of IP's or networks. For example:145.145.145.145|145.146.|1.2.0.0/16
This high security feature will follow the rules in URIBLWL, URIBLNP, URIBLLocal and URIBLISP - but if a match is found, it will block the email ( ignores scoring, monitoring, testmodes and spamlover ). default:

AddURIBLHeader: Add X-Assp-Received-URIBL Header
-- Add X-Assp-Received-URIBL header to messages with positive reply from URIBL. default: 1

AddURIS2MyHeader: Add X-Assp-Detected-URI Header
-- URI's detected with URIBLOK are added to our header lines (X-Assp-Detected-URI:). default:

URIBLCacheInterval: URIBL Cache Refresh Interval for Hits
-- Domains in cache will be removed after this interval in days. Empty or 0 will disable the cache. default: 1

URIBLCacheIntervalMiss: URIBL Cache Refresh Interval for Misses
-- Domains in cache with status=2 (miss) will be removed after this interval in days. Empty or 0 will prevent caching of non-hits. default: 0.5

URIBLError: Reply Code to Refuse Failed URIBL Message
-- SMTP reply code to refuse failed URIBL message. The literal URIBLNAME (case sensitive) is replaced by the names of URIBLs with negative response. If this field is empty, client connection is simply dropped.
Notes On URIBL
default: 554 5.7.1 Blacklisted by URIBLNAME Contact the postmaster of this domain for resolution. This attempt has been logged.

Attachment Blocking

DoBlockExes: External Attachment Blocking
-- This requires an installed Email::MIME module in PERL. default: 0

BlockExes: External Attachment Blocking Level
-- Set the level of Attachment Blocking to 1-3 for attachments that should be blocked, set level to 4 for attachments that should be allowed. Choose 0 for no attachment blocking. default: 0

BlockWLExes: Whitelisted & Local Attachment Blocking
-- Set the level of Attachment Blocking to 0-4 for whitelisted & local senders. Choose 0 for no attachment blocking. default: 0

BlockNPExes: NoProcessing Attachment Blocking
-- Set the level of Attachment Blocking to 0-4 for no processing senders. Choose 0 for no attachment blocking. default: 0

BadAttachL1: Level 1 rejected File Extensions
-- This regular expression is used to identify Level 1 attachments that should be blocked.
Separate entries with a pipe |. The dot . is assumed to precede these, so don't include it.
For example:
ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|exe-bin|hlp|ht[ab]|in[fs]|isp|js|jse|lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|ps1?|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws[cfh]
If you've installed the ASSP_AFC Plugin (at least version 2.10) and 'exe-bin' is defined (on any level), the Plugin will detect executable files based on there binary content. Detected will be all executables, libraries and scripts for DOS and Windows (except .com files), MAC-OS and linux ELF (for all processor architectures). default: exe-bin|exe|scr|pif|vb[es]?|jse?|ws[cfh]?|sh[sb]?|li?nk|bat|cmd|com|ht[ab]|ps1?

BadAttachL2: Level 2 rejected File Extensions
-- This regular expression is used to identify Level 2 attachments that should be blocked.
Level 2 already includes all rejected extensions from Level 1.
For example:
(ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse|lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws[cfh]).zip default:

BadAttachL3: Level 3 rejected File Extensions
-- This regular expression is used to identify Level 3 attachments that should be blocked.
Level 3 includes Level 2 and Level 1.
For example:
zip|url default:

GoodAttach: Level 4 Allowed File Extensions
-- This regular expression is used to identify attachments that should be allowed. All others are blocked. Separate entries with a pipe |. The dot . is assumed to precede these, so don't include it.
For example:
ai|asc|bhx|dat|docx?|eps|gif|htm|html|ics|jpg|jpeg|hqx|od[tsp]|pdf|p7[mscz]|ppt|rar|rpt|rtf|snp|txt|xls|zip|7z default:

UserAttach: User based Good and Bad Attachments
-- This set of regular expression is used to identify attachments that should be allowed or blocked for specified users and/or domains. Separate entries with a any of '=> , ; space'. Separate multiple regex entries with pipe '|'. The dot . is assumed to precede the regex, so don't include it anywhere (except the user name).
To define entries you have to use the 'file:...' option. Define one entry per line - comments are not allowed in a definition line.
The syntax of an entry is as follows:
username => good => goodAttachRegex , good-out => goodoutRegex , good-in => goodinRegex , block => blockAttachRegex , block-out => blockoutRegex , block-in => blockinRegex
username - Mail solely to or from any of these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com) or a Group definition [GROUP]. Wildcards are supported (fribo@domain.com).

good => goodAttachRegex - good attachment for incoming and outgoing mails
good-out => goodoutRegex - good attachment for outgoing mails
good-in => goodinRegex - good attachment for incoming mails
block => blockAttachRegex - bad attachment for incoming and outgoing mails
block-out => blockoutRegex - bad attachment for outgoing mails
block-in => blockinRegex - bad attachment for incoming mails

For example:
user@domain.tld => good => ai|asc|bhx|dat|doc|eps|gif|htm|html|ics|jpg|jpeg|hqx|od[tsp]|pdf|ppt|rar|rpt|rtf|snp|txt|xls|zip
*@domain.tld => good => ai|asc|bhx , good-out => eps|gif , good-in => htm|html , block => pdf|ppt , block-out => rar|rpt , block-in => xls|exe-bin

At least one of the above option must be defined in a line - a maximum of all (six) could be defined, if this makes sense.
If the user name matches for a sender or recipient and a (in/out) regex definition is found in this file, all level definition are overwritten for this mail.
good, good-out and good-in - and also - block, block-out and block-in - will be logical OR combined according to the mail flow.
Notice: if a bad attachment is found on a user based attachment check, the penalty box IP address scoring is skipped. default:

AttachmentError: Reply Code to Refuse Rejected Attachments
-- The literal 'FILENAME' will be replaced with the name of the blocked attachment! default: 550 5.7.1 These attachments are not allowed -- Compress before mailing.

BlockUuencoded: Refuse Uuencoded Mails
-- default: 1

UuencodedError: Reply to Refuse Uuencoded Mails
-- For example: 554 5.7.1 This mail is uuencoded and will be blocked
Notes On Attachment Blocking default: 554 5.7.1 This message is uuencoded and will be blocked.

ClamAV and FileScan

noScan: Do Not Scan Messages from/to these Addresses*
-- Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default:

noScanIP: Do Not Scan Messages from these IP's*
-- Enter IP addresses that you don't want to be scanned for virus , separated by pipes (|). For example: 145.145.145.145|145.146. default:

NoScanRe: Skip Virus RegEx*
-- Put anything here to identify messages which should not be checked for viruses. default:

SuspiciousVirus: No-Blocking Virus Scan Scoring Regex**
-- If a ClamAV or FileScan result matches this expression it will be scored with the suspicious virus score ( vsValencePB ) and the message will not be blocked.
It is possible to weight such results. Every weighted regex that contains at least one '|' has to begin and end with a '~' - inside such regexes it is not allowed to use a '~', even it is escaped - for example: ~abc\~|def~=>23 or ~abc~|def~=>23 - instead use the octal (\126) or hex (\x7E) notation , for example ~abc\126|def~=>23 or ~abc\x7E|def~=>23 . Every weighted regex has to be followed by '=>' and the weight value. For example:
Phishing.=>1.45|~Heuristics|Email~=>50
or
~(Email|HTML|Sanesecurity).(Phishing|Spear|(Spam|Scam)[a-z0-9]?).~=>4.6|Spam=>1.1|~Spear|Scam~=>2.1 .
The multiplication result of the weight and the penaltybox valence value will be used for scoring, if the absolute value of weight is less or equal 6. Otherwise the value of weight is used for scoring. default: file:files/suspiciousvirus.txt

ScanWL: Scan Whitelisted Senders
-- default: 1

ScanNP: Scan No Processing Senders
-- default:

ScanLocal: Scan Local Senders
-- default:

ScanCC: Scan Copied Spam and Forwarded Ham Mails
-- default:

AvError: Reply Code to Refuse Infected Messages
-- Reply code to refuse infected messages. The string $infection is replaced with the name of the detected virus.
For example: 554 5.7.1 Mail appears infected with [$infection] -- disinfect and resend. default: 554 5.7.1 Mail appears infected with [$infection].

EmailVirusReportsTo: Send Virus Report To This Address
-- If set an email containing the Message ID, Remote IP, Message Subject, Sender email address, Recipient email address, and the virus detected will be sent to this address. For example: admin@domain.com default:

EmailVirusReportsHeader: Add Full Header To Virus Report To Mail Address Above
-- If set the full message headers will also be added to Virus Reports. default:

EmailVirusReportsToRCPT: Send Virus Report To Recipient
-- If set the intended recipient of the message will be sent a copy of the Virus Report. If "for HAM only" is selected, the report will only be sent, in case the mail is not detected as SPAM before the virus check is done.
default: 0

DoFileScan: Use File System Virus Scanner
-- If activated, the message is written to a file inside the 'FileScanDir' with an extension of 'maillogExt'. After that ASSP will call 'FileScanCMD' to detect if the temporary file is infected or not. The temporary created file(s) will be removed.
The infected file will be stored in a special folder, if the SpamVirusLog is set to 'quarantine' and the filepath to the viruslog is set.
Please check the setting of FileLogScan before you enable this option! default: 0

FileScanDir: File Scan Directory
-- Define the full path to the directory where the messages are temporary stored for the file system virus scanner. This could be any directory inside your file system. The running ASSP process must have full permission to this directory and the files inside! default: c:/assp/virusscan

FileScanCMD: File Scan Command
-- ASSP will call this system command and expects a returned string from this command. This returned string is checked against 'FileScanBad' and/or 'FileScanGood' to detect if the message is OK or not! If the file does not exists after the command call, the message is consider infected. ASSP expects, that the file scan is finished when the command returns!
The literal 'FILENAME' will be replaced by the full qualified file name of the temporary file.
The literal 'NUMBER' will be replaced by the threadnumber and could be used to name logfiles and to redirect them to STDOUT.
The literal 'FILESCANDIR' will be replaced with the value of FileScanDir.
Any case sensitive literal starting and ending with an asterix () like 'rcpt' or 'mailfrom*' will be replaced by the quoted runtime connection variable of Con{fh}->{literal} (this->{literal}). You need to know the assp internals!
If a code reference is defined for the internal variable $main::FileScanCMDbuild_API in lib/CorrectASSPcfg.pm , assp will call '$FileScanCMDbuild_API->(\$cmd,$this)' before running the command. The first parameter, the command (FileScanCMD), is submitted as a reference to a scalar, which must be modified in place. If you want assp not to scan the message, set this variable to undef. The second submitted parameter is the reference to the client connection parameter HASH - $Con{fh} (eg. $this)
All outputs of this command to STDERR are automatic redirected to STDOUT.
FileScan will not run, if FileScanCMD is not specified.
If you have your online/autoprotect file scanner configured to delete infected files inside the 'FileScanDir', define 'NORUN' in this field! In this case FileScanGood and FileScanBad are ignored. If there is a need to wait some time for the autoprotect scanner, write 'NORUN-dddd', where dddd are the milliseconds to wait!
Depending on your operating system it may possible, that you have to quote (' or ") the command, if it contains whitespaces. The replaced file name will be quoted by ASSP if needed. default:

FileScanBad: RegEx to Detect 'BAD' in Returned String*
-- Put anything here to identify bad messages by the string returned from the FileScanCMD. If defined and this regular expression matches, the message is consider infected. default:

FileScanGood: RegEx to Detect 'GOOD' in Returned String*
-- Put anything here to identify good messages by the string returned from the FileScanCMD. If defined and this regular expression matches and 'FileScanBad' does not, the message is consider not infected.
If both FileScanBad and FileScanGood are defined, FileScanBad has not to match and FileScanGood has to match, to consider a mail not infected! default:

FileScanRespRe: FileScan Responds Regex*
-- A regular expression that will be used over the text returned from the FileScanCMD. The result of this regex is used as virus name ($infection) in AvError. For example: infected by .+? .\<hr \/> default:

FileLogScan: Scan Resent and Stored Files for Virus with FileScan
-- If virus check is enabled ( DoFileScan ), every file/mail (except reports - eg. n10000123456$maillogExt) in the 'resendmail' folder and if selected, every collected file is scanned for virus before it is sent or stored.
If a virus is found, the file/mail is not (re)sent (it will get the extension '.virus'). Infected collected files are moved in to the SpamVirusLog folder.
If 'scan resend folder and collected files' is selected, it could be possible, that the virus scanner ( FileScanCMD ) forces a very high system workload.
If you are not sure what to set here, leave the setting at the default 'scan resend folder only'!
Under normal conditions the scan will be done by the SMTP-worker, if assp is under a havy workload, the scan request will be transfered to the High-Workers (10000/10001). default: 1

UseAvClamd: Use ClamAV
-- If activated, the message is checked by ClamAV, this requires an installed File::Scan::ClamAV Perl module and a running Clamd . It is not recommended to use ClamAV on heavy-load systems, because of resulting system overload, stucking workers or timeouts.
The infected file will be stored in a special folder, if the SpamVirusLog is set to 'quarantine' and the filepath to the viruslog is set.
Please check the setting of ClamAVLogScan before you enable this option! default: 0

AvClamdPort: Port or file socket for ClamAV
-- A socket specified in the clamav.conf file - LocalSocket. For example /tmp/clamd. If the socket has been setup as a TCP/IP socket (see the TCPSocket option in the clamav.conf file), then specify the TCP socket. For example: 3310 default:

ClamAVBytes: ClamAV Bytes
-- The number of bytes per message or file that will be submited to ClamAV and FileScan for virus scanning. Values of 100000 or larger are not recommended, because while a thread is waiting for the scanner result, it could not get new connections. default: 60000

ClamAVLogScan: Scan Resent and Stored Files for Virus with ClamAV
-- If virus check is enabled ( UseAvClamd ), every file/mail (except reports - eg. n10000123456$maillogExt) in the 'resendmail' folder and if selected, every collected file is scanned for virus before it is sent or stored.
If a virus is found, the file/mail is not (re)sent (it will get the extension '.virus'). Infected collected files are moved in to the SpamVirusLog folder.
If 'scan resend folder and collected files' is selected, it could be possible, that the virus scanner (clamd) forces a very high system workload.
If you are not sure what to set here, leave the setting at the default 'scan resend folder only'!
Under normal conditions the scan will be done by the SMTP-worker, if assp is under a havy workload, the scan request will be transfered to the High-Workers (10000/10001). default: 1

ClamAVtimeout: ClamAV Timeout
-- ClamAV will timeout after this many seconds.
default: 10 seconds.
Notes On Virus Control default: 10

Regex Filter / Spambomb

AllowInternalsInRegex: Allow Internal Variables in Regex
-- Allow internal variables to be used in regular expressions - replaces something like ${$EmailDomainRe} with the value of $EmailDomainRe default:

preHeaderRe: Regular Expression to early Identify Spam in Handshake and Header Part*
-- Until the complete mail header is received, assp is processing the handshake and header content line per line, but the first mail content check is done after the complete mail header is received.
It is possible, that some content (malformed headers, forbidden characters or character combinations) could cause assp to die or to run in to a unrecoverable exception.
Use this regular expression to identify such incoming mails based on a line per line check, at the moment where a single line is received.
This setting does not affect any other and is not affected by any other configuration setting, except that this check is only done for incoming mails.
If a match is found, assp will immediately send a '421 closing transmission' reply to the client and will immediately terminate the connection.
Default setting is file:files/preheaderre.txt default: file:files/preheaderre.txt

bombReWL: Do Bomb/Script Regular Expressions Checks for Whitelisted
-- default:

bombReNP: Do Bomb/Script Regular Expressions Checks for NoProcessing
-- default:

bombReLocal: Do Bomb/Script Regular Expressions Checks for Local Messages
-- default:

bombReISPIP: Do Bomb/Script Regular Expressions Checks for ISPIP
-- default: 1

bombMaxPenaltyVal: Maximum Penalty on Bombs per Mail per Check
-- Depending on the configuration, it could be possible that a message gets a very high penalty value on a bomb-check. This value limits the maximum penalty per mail for every single bomb-check that is enabled. default: 70

maxBombSearchTime: Maximum time spend on Bomb Search
-- Maximum time in seconds that is spend on every configured bomb check. This time check is done, after every found bomb. So it is possible that the bomb search takes longer as the defined value, if no bomb is found or a single search takes more time. Default is 5.

Even if any of the following bomb parameters is set to "block", but the sum of the resulting weighted penalty value is less than the corresponding "Penalty Box Valence Value" (because of lower weights) - only scoring will be done!
A description of how of weighting regular expressions is done and working, could be found at the bottom this web page. default: 5

DoTransliterate: Transliterate non-Roman characters in to Roman
-- If enabled, ASSP tries to transliterate non-Roman characters in an email it to Roman characters. These transliterations are than additionally used in the bomb checks.
For example - the (character) sequence '年光通信产业会回归高增长轨道' will be transliterated to 'Nian Guang Tong Xin Chan Ye Hui Hui Gui Gao Zeng Chang Gui Dao' .
To transliterate something, use the 'Mail Analyzer'.
To make this feature working, the Perl module Text::Unidecode must be installed. default:

DoBombHeaderRe: Use BombHeader Regular Expressions on Header Part
-- If activated, each message-header is checked against bombSenderRe, bombHeaderRe, bombSubjectRe and bombCharSets Regular Expressions. If you use sendAllSpam, be aware that only the header will be shown in the spamcopy.
The scoring value is the sum of all valences(weights) of all found bombs - bombValencePB . default: 1

bombSenderRe: Envelope Blocking Regular Expression **
-- Part of DoBombHeaderRe: expression to identify sender (mailfrom,ip,helo). default: emailserver3.com|\d\d\d\d\d\d\@tom.com

bombHeaderRe: Regular Expression to Identify Spam in Header Part**
-- Part of DoBombHeaderRe: header will be checked against this Regex if DoBombHeaderRe is enabled. For example
file:files/bombheaderre.txt default: file:files/bombheaderre.txt

bombSubjectRe: Regular Expression to Identify Spam in Subject**
-- Part of DoBombHeaderRe : the mail header will be checked against this Regex if DoBombHeaderRe is enabled. If DoBombHeaderRe is enabled, the mail subject will be automatically checked against RFC2047 (for NON printable characters in the undecoded MIME content). default:

maxSubjectLength: Maximum allowed Subject Length
-- If set to a value greater than 0, assp will check the length of the Subject of the mail. If the Subject length exceeds this value, the message score will be increased by 'bombValencePB' and the string that is checked in 'bombSubjectRe' will be trunked to this length. It is possible to define a special weight using the syntax 'length=>value', in this case the defined absolute value will be used instead of 'bombValencePB' to increase the message score. If the subject is too long and this weight is equal or higher than 'bombMaxPenaltyVal' no further bomb checks will be done on the subject. default: 200=>100

bombHeaderReMaxHits: Maximum Hits for Bombs in Header and Sender
-- A hit is a found Bomb in header and sender - bombSenderRe , bombHeaderRe , bombSubjectRe , bombCharSets .
If the number of hits is greater or equal Maximum Hits, the email is flagged Failed (possibly blocked and/or scored).
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral (possibly scored) default: 1

DoBombRe: Use Bomb Regular Expressions
-- If activated, each message is checked against bombRe and BombData Regular Expressions.
The scoring value is the sum of all valences(weights) of all found bombs - bombValencePB . default: 1

bombRe: Regular Expression for Header and Data Part
-- Header and Data will be checked against this Regular Expression if DoBombRe is enabled. For example:
IMG [^>]src=['"]cid|<BODY<a class="alink notfound" href="%5E%3E">^>*>(<[^>]+>|\n|\r)<IMG<a class="alink notfound" href="%5E%3E">^>+>(<[^>]+>|\n|\r)*</BODY>
If you want to search for attachment names, define a line with 'attachment:the_attachment_name'. default: file:files/bombre.txt

bombSkipHeaderTagRe: Regular Expression to Identify skipped Tags in Header Part*
-- Regular Expression to define header tags, that will be skipped for bombSuspiciousRe, bombHeaderRe, bombRe and blackRe - like 'DKIM-Signature|Domainkey-Signature' - the always followed collon (:) is added by assp. For example
file:files/bombskipheadertagre.txt default: file:files/bombskipheadertagre.txt

bombReMaxHits: Maximum Hits for Bombs in Header and Data
-- A hit is a found Bomb in header and data - bombRe .
If the number of hits is greater or equal Maximum Hits, the email is flagged Failed (possibly blocked and/or scored).
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral (possibly scored) default: 1

bombDataRe: BombData Regular Expression for Data Part
-- Data part will be checked against the Regular Expression if DoBombRe is enabled. For example:
IMG [^>]src=['"]cid|<BODY<a class="alink notfound" href="%5E%3E">^>*>(<[^>]+>|\n|\r)<IMG<a class="alink notfound" href="%5E%3E">^>+>(<[^>]+>|\n|\r)*</BODY>
If you want to search for attachment names, define a line with 'attachment:the_attachment_name'. default:

bombDataReMaxHits: Maximum Hits for Bombs in Data
-- A hit is a found Bomb in data - bombDataRe .
If the number of hits is greater or equal Maximum Hits, the email is flagged Failed (possibly blocked and/or scored).
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral (possibly scored) default: 1

bombSuspiciousRe: Suspicious Expression for Scoring Only**
-- Sender, Header and Data will be checked for scoring only. Put here anything which might be suspicious. bombSuspiciousValencePB will be used to increase the score.
For example:
unsubscribe

NOTICE: BombSuspiciousRe is processed per default for all mails (incoming and outgoing) regardless of noprocessing and whitelisting! Only noBombScript is observed in every case.
To change this behavior, use the enhanced regular expression syntax (NWIL) described at the bottom of the GUI! default:

noBombScript: Don't Check Messages from these Addresses*
-- Don't detect spam bombs or scripts in messages from these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default:

DoTestRe: Do Test Regular Expression
-- If activated, each message is checked against the Test Regular Expression below. This provides a way to test regex strings on live mail. default: 0

testRe: Test Regular Expression**
-- Use this to test your regular expressions. Test valence is teValencePB . default:

bombError: Spam Bomb Error
-- SMTP error message to reject spam bombs. For example: 554 5.7.1 Delivery not authorized, message refused -- send report to mailto:postmaster@mydomain.tld or call +12.34.56.78.90 default: 554 5.7.1 Delivery not authorized, message refused -- .

bombErrorReason: Add Reason
-- Add matching expression to Spam Bomb Error default: 1

DoBlackRe: Use Black Regular Expression to Identify Spam Strictly
-- Each incoming message is checked against the BlackRe to Identify Spams. No Optout.
The scoring value is the sum of all valences(weights) of all found bombs - blackValencePB . default: 0

blackReMaxHits: Maximum Hits for Identify Spam Strictly
-- A hit is a found Bomb for Identify Spam Strictly. - blackRe
If the number of hits is greater or equal Maximum Hits, the email is flagged Failed (possibly blocked and/or scored).
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral (possibly scored) default: 1

DoScriptRe: Use Regular Expression to Identify Mobile Scripts
-- Each message is checked against the Expression to Identify Mobile Scripts.
The scoring value is the sum of all valences(weights) of all found bombs - scriptValencePB . default: 0

scriptReMaxHits: Maximum Hits for Identify Mobile Scripts
-- A hit is a found mobile scripting code for Identify Mobile Scripts - scriptRe .
If the number of hits is greater or equal Maximum Hits, the email is flagged Failed (possibly blocked and/or scored).
If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral (possibly scored) default: 1

scriptError: Script Error
-- SMTP error message to reject scripts. For example: 554 5.7.1 Your email appears to be spam -- send an error report to mailto:postmaster@mydomain.tld or call +12.34.56.78.90

Notes On Bomb Regex default: 554 5.7.1 Your email contains html scripting code -- please resend as plain text.

Bayesian and Hidden Markov Model (HMM) Options

DoBayesian: Bayesian Check
-- If activated, the message is checked based on Bayesian factors in spamdb for global and private entries. Private spamdb entries have a five times higher weight than global entries. This needs a fully functional spamdb built by rebuildspamdb. For starters it is best practice to put this inactive and build the spamdb collection with the help of DNSBL ,URIBL and spamaddresses. Scoring is done with baysValencePB for external mails, bayslocalValencePB is used for outgoing and internal mails - both values are multiplied with the detected baysProbability . It is possible to score (in and out) with a bonus for HAM with bayshamValencePB ( bayshamValencePB * ( 1 - baysProbability )).
Both, the Bayesian-check and the Hidden-Markov-Model-check (below), are using Perl version depending (Perl 5.12 and higher) Unicode features to recognize any possible character. How ever, some east asian languages (and some others) have graphemes, that contains multiple unicode code points. If you need (or want) assp to process all text as a sequence of UAX #29 Grapheme Clusters, the Perl module Unicode::LineBreak is required. default: 0

DoHMM: Hidden Markov Model Check
-- If activated, the message is checked based on a Hidden Markov Model for global and private entries. Private HMM entries have a five times higher weight than global entries. This needs a fully functional HMMdb database built by rebuildspamdb. For starters it is best practice to put this in monitoring mode and build the HMM collection with the help of DNSBL ,URIBL and spamaddresses. Scoring is done with HMMValencePB for external mails, HMMlocalValencePB is used for outgoing and internal mails - both values are multiplied with the detected hmmProbability. It is possible to score (in and out) with a bonus for HAM with HMMhamValencePB ( HMMhamValencePB * ( 1 - baysProbability )).
The perl module BerkeleyDB version 0.34 or higher and BerkeleyDB version 4.5 or higher is required (to store temporary data) to use this feature and 'useBerkeleyDB' must be set to ON.
If this option is disabled, the rebuildspamdb task will NOT build a valid HMM database!
Compared to the Bayesian option, the Hidden Markov Model will produce results that are much more exact. How ever, it is possible, that HMM gets no result on very small messages, for this reason it is recommended to use both Bayesian and HMM. If you enable both checks, check your settings for baysValencePB, HMMValencePB, bayslocalValencePB and HMMlocalValencePB - eg. divide them by 2. or set the bayes values to 1/3 and the HMM values to 2/3.
NOTICE that using this option requires a very fast database server behind, if HMMusesBDB is set to OFF. The Bayesian- and HMM check together can produce 4000 and much more SQL queries per second.
Keep in mind, that all backups and exports of the HMM database could require several 100MB of diskspace, if the file count in the corpus is very large. default: 0

BayesAfterHMM: Do Bayesian depends on HMM results
-- This value is ignored, if DoHMM is not enabled or set to monitor or DoBayesian is disabled.
The Bayesian check will only run, if the spam/ham probability of the HMM check is in a given value range or the HMM check has given too few results or the confidence ( baysConf ) of the detection is too low.
Leave this blank to run the Bayesian check every time, independent from any HMM result (default).
To set this value, define a probability value range like 0.4-0.6 or 0.3-0.7 - eg: best set it according to the setting of baysProbability ( [ 1 - baysProbability ]-baysProbability ). default:

ignoreDBVersionMissMatch: Ignore a database version missmatch
-- The status of assp is changed to "not healthy" if the current version of any of Spamdb or HMMdb is not equal to the required database version. Such a missmatch is automatically corrected with the next successful rebuildspamdb. How ever, if you are unable to solve this problem for any reason, you should set this value to keep the status of assp "healthy". default: 0

HMMusesBDB: Use BerkeleyDB for the Hidden Markov Model database
-- If enabled (default), the Hidden Markov Model database uses BerkeleyDB - notice: in this case no database import, backup or export are provided for the HMMdb. This value is completely ignored, if DBdriver is set to 'BerkeleyDB' and spamdb is set to 'DB:'. Switch this parameter to OFF, if you want to use the same database engine for the HMMdb like spamdb is configured.
Changing this value requires a restart of assp. Possibly a forced rebuildspamdb is required after the restart. default: 1

DoPrivatSpamdb: Use also private entries for the Bayesian Spamdb and Hidden Markov Model databases
-- If enabled, private entries (based on the local recipient and/or the report sender email address) will be added to the Bayesian and HMM databases. These private entries have a three times higher priority for users (full email address) and two times higher priority for domains (domain part of the email address) than global entries. To enable this option "spamdb" must be set to use a database "DB:" first!
Setting this option to ON, will increase the record count for the spamdb and the HMM databases dramaticaly! default: 3

BayesMaxProcessTime: Bayesian and HMM Check Timeout
-- The Bayesian- and HMM Checks are the most memory and CPU consuming tasks that ASSP is doing on a message. If such tasks running to long on one message, other messages could run in to SMTPIdleTimeout. Define here the maximum time in seconds that ASSP should spend on Bayesian Checks for one message. Default is 60. default: 15

BayesWL: Bayesian/HMM Check on Whitelisted NON Local Senders/Messages
-- default:

BayesNP: Bayesian/HMM Check on NoProcessing Messages
-- default:

BayesLocal: Bayesian/HMM Check on Local Senders
-- default:

noBayesian: Skip Bayesian and HMM Check*
-- Mail from/to any of these addresses are ignored by Bayesian- and HMM check, mails will not be stored in spam/notspam collection. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com) default:

noBayesian_local: Skip Bayesian and HMM Check for this local senders*
-- Mail from any of these local addresses are ignored by Bayesian- and HMM checks, mails will not be stored in spam/notspam collection. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com) default:

Bayesian_localOnly: Do Bayesian and HMM Check ONLY for this local senders*
-- Only mail from any of these local addresses are processed by the Bayesian- and HMM checks, except they are also defined in noBayesian_local . BayesLocal must be switched on to make this option working. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com) default:

maxBayesValues: Maximum most significant results used per mail to calculate Bayesian- and HMM-Probability
-- Maximum count of most significant values used to calculate the Bayesian/HMM-Spam-Probability and the confidence of that probability.
The Bayesian/HMM Spam probability will be fine with 30 and will get more exact, than higher this value is - until a value of 60.
The confidence of the Bayesian/HMM Spam probability will get better, than higher this value is.
Values above 60 are possible, but could lead in to a performance penalty, without getting a better spam detection.
Default is '60', minimum is '30'. default: 60

baysProbability: Bayesian and HMM Probability Threshold
-- Messages with spam-probability below or equal this threshold are considered Ham. Recommended '0.6'. If you change this value, check your setting of BayesAfterHMM .
A resulting Spam-Probability above this value is multiplied with baysValencePB_local or baysValencePB to get the penaltybox scoring value for the IP- and message score. In other words, the penaltybox scoring value is weighted by the Spam-Probability in case Spam is detected.
A resulting Spam-Probability below this value but higher than ( 1 - baysProbability ) is stated as 'UNSURE' . In this case the half score will be added to the message score but not to the IP score and the message will not be blocked.

The following default Bayesian math (prob = p1 / (p1 + p2)) is used to calculate the SpamProb value for 'n' found Bayesian-Word-Pairs or HMM-Sequences, each with a spam-weight 'p' - where 0<p<1 :

'SpamProb' = (p1 * p2 * ... * pn) / ( p1 * p2 * ... * pn + (1 - p1) * (1 - p2 ) * ... * (1 - pn)) default: 0.6

baysConf: Bayesian and HMM Confidence Threshold
-- Spam-Mails having a confidence below this threshold are passed in TestMode .
Spam-Mails having a confidence above this threshold are blocked. Set this only above 0 if you are familiar with the bayesian statistics used in ASSP.
Messages that are processed by the bayesian and HMM check get a spam-probability score and a confidence score. The confidence score in assp is a quality indicator. A confidence near 0 would mean the probability score is like a wild guess. A confidence score near 1 would mean that it's pretty sure that the bayesian analysis result is correct. The confidence threshold is an allowance to process a Bayesian/HMM Spam as-if in Bayesian TestMode, if the message's confidence score is lower than the confidence threshold.
Set this level to a specfic value, let's say .001 (which is a good one for starting), then:
- messages with spam-probability higher than 0.6 and a confidence of less than 0.001 would come through as in test mode
- messages with spam-probability higher than 0.6 and a confidence of more than 0.001 would be blocked
- messages with spam-probability less than 0.6 would pass
The 0.6 threshold can be set in baysProbability .
The confidence of the probability value is also used in BayesAfterHMM.
Carefully set this parameter above 0, if the bayesian corpus norm (shown by the rebuildspamdb log) is less than 0.6 or higher than 1.4 .

The following math is used to calculate the SpamProbConfidence value for 'n' found Bayesian-Word-Pairs or HMM-Sequences, each with a spam-weight 'p' - where 0<p<1 :

extreme_confidence_count = |(0 < p1...n < 0.01)| - |(0.99 < p1...n < 1)|
extreme_confidence_count = 0 - if ( extreme_confidence_count < 0 and SpamProb > 0.5) or ( extreme_confidence_count > 0 and SpamProb <= 0.5) == TRUE;
extreme_confidence_count = abs( extreme_confidence_count )
mail_confidence = abs((P1 * P2 * ... * Pk) - ((1 - P1) * (1 - P2 ) * ... * (1 - Pk))) - for all elements P1...k in (0.01 < p1...n < 0.99)
corpus_confidence = 1 / ((abs(1 - corpus_norm) + 1)int(abs(1 - corpus_norm) * 10)) - the exponent is limited to a maximum of 4
SpamProbConfidence = 0.01extreme_confidence_count * mail_confidence * corpus_confidence * (n / maxBayesValues)2

The SpamProbConfidence is limited to a maximum of 1.0 .
All extreme values 'p' having a spam weight less than 0.01 or higher than 0.99 with a corresponding extreme value like (0.001 <-> 0.999) are ignored for the mail_confidence calculation.

empty or zero = disabled.

Show the Bayesian and Hidden-Markov-Model confidence distribution! default: 0

baysConfidenceHalfScore: Reduce Scoring for Low Confidence
-- Spam-Mails having a confidence below the threshold, will get half of the normal penalty score for Bayesian and HMM hits. default: 1

AddSpamProbHeader: Add Bayes and HMM Probability Header
-- Adds a line to the email header "X-Assp-Spam-Prob: 0.0123" and/or "X-Assp-HMM-Spam-Prob: 0.0123" Probability ranges from 0 to +1 where > 0.6 = spam. default:

AddConfidenceHeader: Add Bayes and HMM Confidence Header
-- Adds a line to the email header "X-Assp-Bayes-Confidence: 0.0123" and/or "X-Assp-HMM-Confidence: 0.0123".

Notes On Bayesian
default:

Backscatter Detection

DoMSGIDsig: Do Message-ID tagging and validating (FBMTV)
-- If activated, the message-ID of each outgoing message will be signed with a unique Tag and every incoming mail will be checked against this Tag. This tagging mode is called FBMTV "Forwarder(s) Bounce Message-ID Tag Validation" and it is worldwide unique to ASSP. This Tag is build nearly the same way, as BATVTag is build for the sender address. This Tag will be removed from any incoming email, to recover the original references in the mail header! If anything is changed on this option inside the mail, no DKIM-check will be done! Before activating DoMSGIDsig, please configure MSGIDpreTag and MSGIDsec!
If activated and a bounced mail from null sender or postmaster contains no valid signature the configured action is taken.
If activated and any other mail contains a valid signature (eg. because it is an answer/reply to a tagged mail), this mail will be flagged as noprocessing and whitelisted !
This check requires an installed Digest::SHA1 module in Perl. default: 0

MSGIDpreTag: Message-ID pre-Tag for MSGID-TAG-generation
-- To use Message-ID signing and to create the MSGID-Tags, a pre-Tag is needed. This Tag must be 2-5 characters [a-z,A-Z,0-9] long. Default is 'sig'. default: sig

MSGIDSec: Message-ID Secrets for MSGID-TAG-generation*
-- To use Message-ID signing and to generate the MSGID-Tags, at leased one secret key is needed, up to ten keys are possible.
The notation is : generationnumber[0-9]=secretKey. For example(do not use!): 0=jk09Z|1=oPLmn4g|.... . Multiple pairs are separated by pipes (|). Default is 0=key0|1=key1|2=key2|3=key3|4=key4|5=key5|6=key6|7=key7|8=key8|9=key9 . Do not defines spaces, tabs and '=' as part of the keys(secrets)!
Values that contains any default are not valid, please change them, to prevent detecting strange ASSP-signatures as valid local signatures!
For this reason, please define your secrets as unique as possible! The secrets are used randomly to build the Message-ID-Tags. default: 0=key0|1=key1|2=key2|3=key3|4=key4|5=key5|6=key6|7=key7|8=key8|9=key9

MSGIDsigAddresses: Do FBMTV For These Addresses Only*
-- Mail to any of these addresses will be tagged and checked by FBMTV. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). If empty, FBMTV is done for all addresses. default:

noMSGIDsigRe: Skip Message-ID signing, mail content dependent*
-- Use this to skip the Message-ID tagging depending on the content of the email. If the content of the email matches this regular expression (checking MaxBytes only), FBMTV will not be done. For example: 'I am out of office' . default:

noRedMSGIDsig: Skip Message-ID signing for Redlisted mails
-- If selected, FBMTV will not be done for redlisted emails! default: 0

DoBATV: Do BATV tagging and validating
-- If enabled any sender address of outgoing mails is mangled with a BATV-Tag. Any incoming bounced mail is checked for a valid BATV-Tag. All valid (local) BATV-Tags will be removed from incoming mails - so whitelisting, delaying and all other recipient and sender based checks will use the normal addresses. If the BATV-check is successful, no MSGID-signing-check and DNS-Backscatter-check will be done! If any BATVTag was removed, no DKIM-check will be done! BATV-address-replacement is done, before the recipient replacement rules are processed!
This check requires an installed Digest::SHA1 module in Perl. default: 0

BATVSec: BATV Secrets for BATV-TAG-generation*
-- To use BATV and to create the BATV-Tags, at leased one secret key is needed, up to ten keys are possible.
The notation is : generationnumber[0-9]=secretKey. For example: 0=key0|1=KEYX45rt|.... . Multiple pairs are separated by pipes (|). Default is 0=key0|1=key1|2=key2|3=key3|4=key4|5=key5|6=key6|7=key7|8=key8|9=key9 . Do not defines spaces, tabs and '=' as part of the keys(secrets)! The secrets are use randomly to build the BATV-Tags. default: 0=key0|1=key1|2=key2|3=key3|4=key4|5=key5|6=key6|7=key7|8=key8|9=key9

removeBATVTag: remove strange BATV-Tags from incoming mails
-- Any strange BATV-signature will be removed from the sender address and the real sender address will be used! Using this together with remindBATVTag keeps your clients addressbooks (also whitelist, delaydb ...) clean from BATV-Tags. This will also work, if DoBATV is disabled. If you do not use remindBATVTag and the MTA behind ASSP sends a bounced mail back - this mail will fail on BATV on the recipients site. If any BATVTag was removed, no DKIM-check will be done! default: 0

remindBATVTag: store incoming strange BATV-Tags to remind them for outgoing bounce mails
-- If defined, any incoming stange BATV-signature will be stored and any recipient of outgoing bounce mails will be checked against this list. If there is found a valid (not older than 7 days) BATV-Tag for that recipient, it will be mangled in to the recipient address. This will also work, if DoBATV is disabled. default: 0

DoBackSctr: Do DNS-Backscatter Detection
-- If activated, the IP-address of each message received for null sender,bounced or postmaster will be checked against the list below.
DNS base checks requires an installed Net::DNS module in Perl.
For more information about backscatter detection please read http://www.backscatterer.org/?target=usage. default: 0

BackDNSInterval: Backscatter-DNS Cache Refresh Interval
-- IP's in cache will be removed after this interval in days. 0 will disable the cache and the usage of downloadBackDNSFile and localBackDNSFile. default: 7

BackSctrServiceProvider: ServiceProvider for Backscatterer Detection*
-- ServiceProvider for DNS check on Backscatterer. Possible value is ips.backscatterer.org for DNS check. default: ips.backscatterer.org

downloadBackDNSFile: Download the Backscatterer DNS-IP-List
-- If selected, the complete IP-list is downloaded to a local file. If useDB4IntCache is set, the list is stored in a BerkeleyDB database (BackDNS2). Otherwise the records will be stored in the pbdb cache BackDNS . The download will be skipped, if useDB4IntCache is not set and mysqlSlaveMode is set. IP's are checked on this file first, if the IP is not found on this list, a DNS query is done. It is recommended to use this option for ISP's and users with more than 1000 bounced mails a day. See wget-mirrors.uceprotect.net/rbldnsd-all/ips.backscatterer.org.gz default: 0

localBackDNSFile: Local File for the Backscatterer DNS-IP-List
-- The name of the local file that is used for this IP-list. The content of this file is filled in to the 'Backscatter-DNS Cache' ( BackDNSInterval ). IP's from this list will be removed after one day from the cache.
The following configurations are valid for all Backscatter Detection Options! default: file:files/backdnslist.txt

Back250OKISP: Send 250 OK to ISP if any Backscatter Detection fails
-- If any Backscatter check fails for a bounced mail that is coming from an ISPIP, ASSP will send "250 OK" to the ISP, but will discard the mail, if the check is configured to block! default: 0

BackWL: Do Backscatter Detection checks for Whitelisted mail
-- Tagging will be always done, if not excluded by address or domain! default:

BackNP: Do Backscatter Detection checks for No Processing mail
-- Tagging will be always done, if not excluded by address or domain! default:

noBackSctrRe: Regular Expression to Skip all BackScatter Checks*
-- If the contents of a mail matches these regular expressions, all BackScatter checks will be skipped. default:

noBackSctrAddresses: Do not any Backscatter detection for this Addresses *
-- Mail to and from any of these addresses will not be tagged and checked by any backscatter option. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default:

noBackSctrIP: Exclude these IP's from any Backscatter detection*
-- Enter IP's that you want to exclude from FBMTV and Backscatter check, separated by pipes (|).
Notes On Backscatter Detection default:

TestModes

spamSubject: Prepend Spam Subject
-- Setting a filter to testmode will tell ASSP not to reject the mail but rather build up the whitelist and spam and notspam collections. This can go on for some time without disturbing normal operation. After this very important phase TestMode can be used to tag the message: if TestMode and the message is spam Spam Subject gets prepended to the subject of the email. For example: [SPAM] default:

spamTag: Prepend Spam Tag
-- If checked, the method(s) ASSP used which caught the spam will be prepended to the subject of the email. For example; [DNSBL] default:

allTestMode: All Test Mode ON
-- Turn all of the individual testmodes on - regardless of the individual test mode settings. default:

baysTestMode: Bayesian/Hidden-Markov-Model Test Mode
-- default:

baysTestModeUserAddresses: Bayesian Test Mode User Addresses*
-- These users are in test mode / mark subject only for bayesian spam, even with test mode above off default:

blTestMode: BlackDomain Test Mode
-- default:

hlTestMode: Helo Blacklist Test Mode
-- default:

flsTestMode: Forged Local Domain Test Mode
-- -> DoNoValidLocalSender default:

spfTestMode: SPF Test Mode
-- default:

rblTestMode: DNSBL Test Mode
-- default:

attachTestMode: Bad Attachment Test Mode
-- default:

uriblTestMode: URIBL Test Mode
-- default:

srsTestMode: SRS Test Mode
-- default:

bombTestMode: Bomb Regex Test Mode
-- default:

scriptTestMode: Script Regex Test Mode
-- default:

mxaTestMode: Missing MX Record Test Mode
-- default:

ptrTestMode: Reversed Lookup Test Mode
-- default:

ihTestMode: Invalid Helo Test Mode
-- default:

fhTestMode: Forged Helo Test Mode
-- default:

msTestMode: Message Scoring Test Mode
-- default:

dkimTestMode: DKIM Test Mode
-- default:

pbTestMode: Penalty Box Test Mode
-- default:

switchTestToScoring: Switch Testmode to Message Scoring
-- Put the filter automatically in "Message Scoring" when DoPenaltyMessage is set (instead of stopping spam processing altogether).
Notes On Testmode default:

Email Interface

EmailInterfaceOk: Enable Email Interface
-- Checked means that you want ASSP to intercept and parse mail to the following usernames at any localdomains. The domain '@assp.local' is automatically a local domain and can be used for the email-interface.

NOTICE: It is possible to define any MIME-header lines in any report file after the first (subject) line. This makes it possible to define MIME encoding and/or charset settings.
If a definition of MIME encoding and/or charset is found in a report file, assp converts the report from UTF-8 in to the defined encodings. Don't forget to terminate your MIME-header with an empty line!

It is also possible to include files at any line of such a file, using the following directive
# include filename
where filename is the relative path (from c:/assp) to the included file like reports/mime-header.txt (one file per line). The line will be internaly replaced by the contents of the included file! default: 1

EmailAdminReportsTo: Admin Mail Address
-- If set internal warnings/infos will be sent to this address. For example: admin@domain.com default:

EmailReportDestination: Email Interface Reports Destination
-- Port to connect to when Email Interface or Block reports are send. If blank they go to the main smtpDestination.
If you need to connect to the EmailReportDestination host using native SSL, write 'SSL:' in front of the IP/host definition. In this case the Perl module IO::Socket::SSL must be installed and enabled ( useIOSocketSSL ).
eg 10.0.1.3:1025 SSL:10.0.1.3:465, etc. default:

EmailAdmins: Authorized Addresses*
-- Mail from any of these addresses can add/remove to/from redlist, spamlovers, noprocessing, blacklist. May request an EmailBlockReport for a list of users. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com) default:

EmailInterfaceDomains: Accept Mails (Reports) for these local domains only*
-- Enable the EmailInterface and BlockReports for these local domains ONLY (NOT RECOMMENDED). If used, you have also to define '@assp.local' (if required). If not used, all localdomains and '@assp.local' take place ( see EmailInterfaceOk ). Accepts entire domains (@domain.com|domain.com) default:

EmailSenderOK: Accept Mails (Reports) from these external addresses*
-- Allow these external domains/addresses to report to the email interface (NOT RECOMMENDED). The reply address for the reports must be set to a local one. By default, ASSP only accepts reports from local or authenticated users. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com) default:

EmailSenderNotOK: Not Authorized Addresses*
-- Mail from any of these addresses are not accepted from Email Interface, except "Help Report", "Analyze Report" and "Block Report/Resend". Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). The user will get informed about the denied request. default:

EmailSenderIgnore: Ignore Not Authorized Addresses*
-- Mail from any of these addresses are not accepted from Email Interface. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). The user will get not informed about the denied request. default:

EmailHelp: Help Address
-- Any mail sent by local/authenticated users to this username will be interpreted as a request for help. Do not put the full address here, just the user part. For example: assphelp default: assphelp

EmailSpam: Report Spam Address
-- Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a spam report. Multiple attachments get truncated to MaxBytesReports. Do not put the full address here, just the user part.
For example: asspspam . Use a fake domain like @assp.local when you send the email- so the full address would be then asspspam@assp.local.
You can sent multiple mails as attachments and/or zipped file(s). Each attached email-file must have the extension defined in "maillogExt". In this case only the attachments will be processed. To use this multi-attachment-feature an installed Email::MIME module in PERL is needed. It is also possible to send MS-outlook '.msg' files (possibly zipped). To use this MS-outlook-feature in addition an installed Email::Outlook::Message module in PERL is needed. default: asspspam

EmailHam: Report Ham (Not-Spam) Address
-- Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a false-positive report. Multiple attachments get truncated to MaxBytesReports. Do not put the full address here, just the user part.
For example: asspnotspam . Use a fake domain like @assp.local when you send the email- so the full address would be then asspspam@assp.local.
You can sent multiple mails as attachments and/or zipped file(s). Each attached email-file must have the extension defined in "maillogExt". In this case only the attachments will be processed. To use this multi-attachment-feature an installed Email::MIME module in PERL is needed. It is also possible to send MS-outlook '.msg' files (possibly zipped). To use this MS-outlook-feature in addition an installed Email::Outlook::Message module in PERL is needed. default: asspnotspam

EmailForwardReportedTo: Email Interface Forward Reports Destination
-- Host and Port to forward EmailSpam and EmailHam reports to - eg "10.0.1.3:1025".
If you use more than one assp instance and your users are reporting spam and ham mails to multiple or all of them, but only one (but not this instance) is doing the rebuildspamdb and the corpus folders are not shared between the instances,
define the "host:port" of the central assp (rebuild-) instance here. Every report to EmailSpam and EmailHam (but only these!) will be forwarded to the defined host(s) and NO other local action will be taken. If the forwarding to all defined hosts fails, the request will be processed locally. To define multiple hosts for failover, separate them by pipe (|). default:

EmailErrorsReply: Reply to Spam/Not-Spam Reports
-- default: 1

EmailErrorsTo: Send Copy of Spam/Ham-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailErrorsModifyWhite: Combined Spam/Ham Report & Whitelist Check
-- If set to 'modify whitelist' Ham Reports will add email addresses to the Whitelist, Spam Reports will remove addresses from the Whitelist, also a copy of a file in the GUI to correctedspam (remove) and correctednotspam (add) will modify the Whitelist for the found addresses. If set to 'show whitelist' Spam Reports will show if addresses are whitelisted. default: 1

EmailErrorsModifyNoP: Combined Spam Report and NoProcessing Deletion
-- If set to 'modify noProcessing' Spam Reports will remove email addresses from noProcessing list. If set to 'show noProcessing' Spam Reports will show if addresses are on noProcessing list, also a copy of a file in the GUI to correctedspam (remove) and correctednotspam (show) will modify the noProcessing list for the found addresses. default: 1

EmailWhitelistAdd: Add to Whitelist Address
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add addresses to the whitelist. Do not put the full address here, just the user part.
For example: asspwhite
If an address is added to whitelist, it will be removed from the Personal Blacklist of the sending user. default: asspwhite

EmailWhitelistRemove: Remove from Whitelist Address
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove addresses from the whitelist. Do not put the full address here, just the user part.
For example: asspnotwhite default: asspnotwhite

EmailWhitelistReply: Reply to Add to/Remove from Whitelist
-- default: 1

EmailWhitelistTo: Send Copy of Whitelist-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailRedlistAdd: Add to Redlist Address
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to the redlist. Only the users defined in EmailRedlistTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. Do not put the full address here, just the user part.
For example: asspred. default: asspred

EmailRedlistRemove: Remove from Redlist Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from the redlist. Only the users defined in EmailRedlistTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body.
Do not put the full address here, just the user part.
For example: asspnotred default: asspnotred

EmailRedlistReply: Reply to Add to/Remove from Redlist
-- default: 1

EmailRedlistTo: Send Copy of Redlist-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailSpamLoverAdd: Add to SpamLover Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to spamLovers. Only the users defined in EmailSpamLoverTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. Do not put the full address here, just the user part.
For example: asspspamlover. To use this option, you have to configure spamLovers with "file:..." for example "file:files/spamlovers.txt" ! default: asspspamlover

EmailSpamLoverRemove: Remove from SpamLover Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from spamLovers. Only the users defined in EmailSpamLoverTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body.
Do not put the full address here, just the user part.
For example: asspnotspamlover default: asspnotspamlover

EmailSpamLoverReply: Reply to Add to/Remove from SpamLovers
-- default: 1

EmailSpamLoverTo: Send Copy of Spamlover-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailNoProcessingAdd: Add to NoProcessing Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to the noProcessing addresses. Only the users defined in EmailNoProcessingTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. Do not put the full address here, just the user part.
For example: asspnpadd. To use this option, you have to configure noProcessing with "file:..." for example "file:files/noprocessing.txt" ! default: asspnpadd

EmailNoProcessingRemove: Remove from noProcessing Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from noProcessing .
Do not put the full address here, just the user part. Only the users defined in EmailNoProcessingTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body.
For example: asspnprem. To use this option, you have to configure noProcessing with "file:..." for example "file:files/noprocessing.txt" ! default: asspnprem

EmailNoProcessingReply: Reply to Add to/Remove from noProcessing
-- default: 1

EmailNoProcessingTo: Send Copy of NoProcessing-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailBlackAdd: Add to BlackListed Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to the blackListedDomains addresses. Only the users defined in EmailAdmins and EmailAdminReportsTo are able to request an addition. Do not put the full address here, just the user part.
For example: assp-black. To use this option, you have to configure blackListedDomains with "file:..." for example "file:files/blacklisted.txt" ! default: assp-black

EmailBlackRemove: Remove from BlackListed Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from blackListedDomains .
Do not put the full address here, just the user part. Only the users defined in EmailAdmins and EmailAdminReportsTo are able to request an addition.
For example: assp-notblack. To use this option, you have to configure blackListedDomains with "file:..." for example "file:files/blacklisted.txt" ! default: assp-notblack

EmailErrorsModifyPersBlack: Spam/NotSpam Report will modify Personal Blacklist
-- Spam Reports will add email addresses to the Personal Blacklist, NotSpam Reports will remove addresses from the Personal Blacklist, if the report senders address matches.
Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). Wildcards are supported (fribo@domain.com).
Default is @ , which matches all addresses. default: @

EmailPersBlackAdd: Add to Personal BlackListed Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to add the listed address(es) to the personal blackListed addresses. Do not put the full address here, just the user part.
For example: assp-persblack.
The add and remove is done via email-interface, by sending specific email addresses to 'EmailPersBlackAdd' and 'EmailPersBlackRemove'.
A local user can force a complete report about all his personal black list entries by defining an email address that begins with 'reportpersblack' in a remove or add request : eg: reportpersblack@anydomain.com or by sending an empty body.
Any mail address sent to this username will be removed from the whitelist if possible.
Globalized adding an address to all local users is not supported - use EmailBlackAdd instead.
The following wildcard combinations are allowed for an email address to support personal blacklisting of domains:

full_sender_address
@sender_domain or @sender_domain
@sender_domain or @sender_domain
@.sender_domain or @*.sender_domain default: assp-persblack

EmailPersBlackRemove: Remove from Personal BlackListed Addresses
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the listed address(es) from the personal blackListed addresses .
Do not put the full address here, just the user part.
For example: assp-persnotblack.
The add and remove is done via email-interface, by sending specific email addresses to 'EmailPersBlackAdd' and 'EmailPersBlackRemove'.
A local user can force a complete report about all his personal black list entries by defining an email address that begins with 'reportpersblack' in a remove or add request : eg: reportpersblack@anydomain.com or by sending an empty body.
Only an admin can force a complete cleanup of all personal black entries for a specific email address for all local users - sending an email to 'EmailPersBlackRemove' with the address followed by ',' in the body
eg: address_to_remove@the_domain.foo, - be careful modifying personal entries of other users!
The same wildcard combinations like in EmailPersBlackAdd are supported.
Notice: a remove request for a specific email address will remove ALL entries from the users personal blacklist, that would block this email address (also all matching wildcard entries)! default: assp-persnotblack

EmailBlackReply: Reply to Add to/Remove from BlackListed
-- default: 1

EmailBlackTo: Send Copy of Black-Change-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

EmailAnalyze: Request Analyze Report
-- Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a request for analyzing the mail. Do not put the full address here, just the user part. For example: asspanalyze
Use a fake domain like @assp.local when you send the email- so the full address would be then asspanalyze@assp.local.
You can sent multiple mails as attachments and/or zipped file(s). Each attached email-file must have the extension defined in "maillogExt". In this case only the attachments will be processed. To use this multi-attachment-feature an installed Email::MIME module in PERL is needed. It is also possible to send MS-outlook '.msg' files (possibly zipped). To use this MS-outlook-feature in addition an installed Email::Outlook::Message module in PERL is needed. default: asspanalyze

EmailAnalyzeReply: Reply to Analyze Request
-- default: 1

EmailAnalyzeTo: Send Copy of Analyze-Reports
-- A copy of the Analyze-Report will be sent to this address. For example: admin@domain.com default:

DoAdditionalAnalyze: Spam and Ham Reports will trigger an additional Analyze Report
-- Additional Analyze Report will be generated for Spam and Ham Reports. Setting the TO Address accordingly and choosing EmailAnalyzeTo will send the Analyze Report to the admin only. default: 0

EmailFrom: From Address for Reports
-- Email sent from ASSP acknowledging your submissions will be sent from this address. default: spammaster@yourdomain.com

EmailAllowEqual: Allow '=' in Addresses
-- Allow '=' in addresses to be whitelisted or redlisted. default: 1

EmailSenderNoReply: Do Not Reply To These Addresses*
-- Email sent from ASSP acknowledging your submissions will not be sent to these addresses. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).
Analyze-, PersonalBlackList- and all virus related reports are ignored by this feature (are sent even a user is listed here).
A Report copy to EmailAnalyzeTo, EmailBlackTo, EmailNoProcessingTo, EmailSpamLoverTo, EmailRedlistTo, EmailWhitelistTo and EmailErrorsTo is also ignored by this feature.

Notes On Email Interface
default:

File Paths and Database

base: Directory Base
-- All paths are relative to this folder.
Note: Display only. default: .

spamlog: Spam Collection
-- The folder to save the collection of spam mails. This directory will be used in building the spamdb . For example: spam default: spam

notspamlog: Not-spam Collection
-- The folder to save the collection of not-spam mails. This directory will be used in building the spamdb . For example: notspam default: notspam

incomingOkMail: OK Mail
-- The folder to save non-spam (message ok). These are messages which are considered as HAM, but are not stored in the standard HAM folder because of our policy to use only confirmed HAM messages (whitelisted or local) for spamdb . If you want to keep copies of ok mail then put in a directory name. This directory will not be used in building the spamdb . Default: okmail default: okmail

discarded: Discarded Spam
-- The folder to save discarded spam-messages. These are Spam messages which are not stored for building the spamdb but for resending with an EmailBlockReport. If you want to keep copies of discarded Spam then put in a directory name. Default: discarded default: discarded

viruslog: Attachment/Virus Collection
-- The folder to save rejected attachments and viruses. Leave this blank to not save these files (default). If you want to keep copies of rejected content then put in a directory name. Note: you must create the directory. This directory will not be used in building the spamdb . For example: quarantine default: quarantine

correctedspam: False-negative Collection
-- Spam that got through -- counts double. This directory will be used in building the spamdb . For example: errors/spam default: errors/spam

correctednotspam: False-positive Collection
-- Good mail that was listed as spam, count 4x. This directory will be used in building the spamdb . For example: errors/notspam default: errors/notspam

resendmail: try to resend this files
-- ASSP will try to resend the files in this directory to the original recipient. The files must have the "maillogExt" extension and must have the SMTP-format. For example: resendmail. This requires an installed Email::Send module in PERL. default: resendmail

maillogExt: Extension for Mail Files
-- Enter the file extension (include the period) you want appended to the mail files in the mail collections.
Leave it blank for no extension - this setting will prevent several features from working. Never use '.msg' - this is an extension used by MS-outlook! For Example: .eml default: .eml

spamdb: Spam/HMM Bayesian Database Files
-- The output file from rebuildspamdb. Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. The Hidden Makov Model is only available if this parameter is set to DB: .
It is recommended to use a database for all possible lists and caches for best performance, less memoryusage and stability! If you do not want to install a database engine like MySql or Oracle, use BerkeleyDB! Please read the section DBdriver !
Last Run Rebuildspamdb default: spamdb

whitelistdb: Email Whitelist Database File
-- The file with the whitelist.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. default: whitelist

redlistdb: Email Redlist Database File
-- The file with the redlist.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. default: redlist

persblackdb: Personal Blacklist Database File
-- The file with the personal blacklist. The check of the personal black list is done shortly after the RCPT TO: command. This command will be rejected if an entry is found - any other setting except send250OK and send250OKISP will be ignored.
Each entry is represented by two comma separated values TO,FROM (and an expiration date).
TO could be any of : email address, [subdomain.]domain.tld, @[subdomain.]domain.tld, *@[subdomain.]domain.tld - the last three entry options could be only added and removed by editing the list in the GUI !
FROM could be any of : email address or any [@][subdomain.][domain.]TLD variant (wildcards are allowed). All values are supported by the email interface for all local users.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. default: persblack

griplist: GreyIPlist Database
-- The file with the current Grey-IP-List database -- make this blank if you don't use it. default: griplist

useDB4griplist: Use BerkeleyDB for Griplist
-- If selected ASSP uses 'BerkeleyDB' instead of 'orderedtie' for griplist. Depending on your settings for OrderedTieHashTableSize this could spend some memory and/or result in better performance. The perl module BerkeleyDB version 0.34 or higher and BerkeleyDB version 4.5 or higher is required to use this feature. default:

droplist: Drop also Connections from these IP's*
-- Automatically downloaded (http://www.spamhaus.org/drop/drop.lasso) list of IP's which should be blocked right away. This list could be used in addition to denySMTPConnectionsFrom and/or denySMTPConnectionsFromAlways! default: file:files/droplist.txt

delaydb: Delaying Database
-- The file with the delay database.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. default: delaydb

ldaplistdb: LDAP Database
-- The file with the LDAP-cache database.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. default: ldaplist

adminusersdb: Admin Users Database
-- The file with the GUI-Admin-Users database - default to set is 'adminusers'.
Write only "DB:" to use a database table instead of a local file, in this case you need to edit the database parameters below. Before setting this parameter, please set adminusersdbpass to a value of your choice!
To use this database shared between multiple ASSP's, set all ASSP to mysqlSlaveMode (except the master) and the adminusersdbpass must be the same on all installations! If you want to change the adminusersdbpass, first change it on the master. default:

adminusersdbNoBIN: Admin Users Database uses no Binary Data (ASCII only)
-- Select this, if adminusersdb is set to "DB:" and your database engine does not accept or has problems with binary data (eg. Postgres). If you change this value, you have to stop all assp and to cleanup both tables (adminusers and adminusersright) before restarting assp!. To keep your data do the following: do an ExportMysqlDB - change this value - stop assp - drop or clean both tables - start assp - do an ImportMysqlDB . default:

adminusersdbpass: Admin Users Database PassPhrase
-- The passphrase that is used to encrypt the adminusersdb. This has to be the same on all ASSP installations that are sharing the adminusersdb. If you want to change it, first change it on the master installation and than on the slaves. Do not forget to configure 'mysqlSlaveMode' first. An empty value is not valid! default:

myhost: database hostname or IP
-- You need Tie::RDBM to use a database instead of local files.
This way you can share whitelist, delaydb, redlist and penaltybox between servers default:

DBdriver: database driver name
-- The database driver used to access your database - DBD-driver. The following drivers are available on your system:
$DBdriversJ
If you can not find the driver for your database in this list, you should install it via cpan or ppm!
- or if you have installed an ODBC-driver for your database and DBD-ODBC, just create a DSN and use ODBC.
If assp is running on windows and you want to use a MSSQL server as backend, don't use the ODBC driver - use the ADO driver with the DSN definition!
Useful are ADO|DB2|Informix|ODBC|Oracle|Pg|Sybase|mysql - but any other SQL compatible database should also work.
syntax examples: driver,option1,option2,...,...
ADO[,DSN=mydsn[;Provider=sqloledb]]
DB2
Informix
ODBC,DSN=mydsn|driver={SQL Server},Server=server_name
Oracle,SID=1|INSTANCE_NAME=myinstance|SERVER=myserver|SERVICE_NAME=myservice_name,[PORT=myport]
Pg[,PORT=myport]
Sybase,SERVER=myserver,[PORT=myport]
mysql[,PORT=myport][,mysql_socket=/path/to/mysql.sock][,AutoCommit=1][,mysql_auto_reconnect=1]

Instead using local files for hashes and lists via shared memory, it is recommended to use BerkeleyDB (Perl-module) version 0.34 or higher for highest performance and less memory usage. The BerkeleyDB (engine) version 4.5 or higher is required to use BerkeleyDB.
If you specify BerkeleyDB here, the values for myhost, mydb, myuser and mypassword will be ignored. All possible BerkeleyDB option must be defined here - the option for '-Filename' is already set by ASSP! Options could be defined for example:
BerkeleyDB,-Pagesize=>number,-Env=>[-Cachesize=>number,-Mode=>mode,...,...],...,...
If '-Env=>[-Cachesize=>number]' (number in bytes) is specified, this cache size will be used at minimum for every single list. This is not recommended, because ASSP does automatically calculate the right cache for every list. You may setup configuration values for any BerkeleyDB, creating a file DB_CONFIG (case sensitive) in the corresponding directory ./tmpDB/[list]. Please use the BerkeleyDB documentation if you don't know the syntax of this file. Any value defined in that file will overwrite the corresponding internal ASSP configuration for this DB.

The options for all drivers and their possible or required order depends on the DBD driver used, please read the driver's documentation, if you do not know the needed option.
The username, password, host and databasename are always used from this configuration page. default:

mydb: database name
-- This database must exist before starting ASSP, necessary tables will be created automatically into this database. default:

mysqlSlaveMode: This is a slave of more then one assp-computers accessing the same database
-- If you are running more then one assp-computers accessing the same or (better because of SPOF) a bidirectional replicated database
this is a slave-assp and no database maintenance will be done by this one!
Maintenance should only be done by the first assp - the master!
Maintenance for file based caches and lists will always be done! default:

myuser: database username
-- This user must have CREATE privilege on database to create tables automatically default:

mypassword: database password
-- default:

DBCacheMaxAge: Database Maximum Cache Age
-- Setting this value above zero, enables an internal database cache for every defined table to reduce the concurrent database queries and to prevent possible record access collisions, which could cause stucking workers on some systems
The value defines the maximum age in seconds a record will exists untouched in the table cache.
Be careful, setting this value too high in a database replication environment could cause unexpected query results, because this cache is NOT shared between multiple assp instances.
If set, a value of 10 seems to be popular in any case. A value that is too small will produce overhead without any advantage. A value that is too high may cause database consistency problems. default: 0

importDBDir: import directory
-- The folder to import the used tables of the database from.
The schema of the files must be the assp-schema.
Files can be:
- pbdb.back.db.(add|rpl)
- pbdb.batv.db.(add|rpl)
- pbdb.black.db.(add|rpl)
- pbdb.dkim.db.(add|rpl)
- pbdb.mxa.db.(add|rpl)
- pbdb.ptr.db(add|rpl)
- pbdb.rbl.db.(add|rpl)
- pbdb.rwl.db.(add|rpl)
- pbdb.sb.db.(add|rpl)
- pbdb.spf.db.(add|rpl)
- pbdb.trap.db.(add|rpl)
- pbdb.uribl.db.(add|rpl)
- pbdb.white.db.(add|rpl)
- ldaplist.(add|rpl)
- redlist.(add|rpl)
- whitelist.(add|rpl)
- persblackdb.(add|rpl)
- spamdb.(add|rpl)
- spamdb.helo.(add|rpl)
- delaydb.(add|rpl)
- delaydb.white.(add|rpl)
- adminusers.(add|rpl)
- adminusersright.(add|rpl)
Use the extension "add" or "rpl" to add or replace the records to the tables.
Only files for database-enabled tables will be imported ! The import will be done at ASSP start or if the option below is used.
Imported files will be renamed to *.OK !
For example: mysql/dbimport
If you plan to import in to BerkeleyDB - do the following:
- set DisableSMTPNetworking to on
- set all needed DB parameters
- collect your import files
- restart assp and wait until all imports are finished
- restart assp
- set DisableSMTPNetworking to off default: mysql/dbimport

preventBulkImport: Prevent Bulk Import
-- Do not select, if you are using MySQL! Doing a Bulk-Import of data, ASSP modifies the properties of table columns. This could result in breaking some configured DB features like DB-replication in MSSQL. If selected, ASSP will do a line per line insert/update (which takes much more time) without modifying the tables properties. default:

fillUpImportDBDir: Fill the Import Folder
-- If set to a value between 1 and 9, the corresponding backup file for any list/hash that configured to use a database will be copied from the backupDBDir to the importDBDir. The resulting file name will has an extension of ".rpl", so a possible import will replace the current table content. If a value of "L" is defined, the last backup will be used. Possible values are L or 1 - 9 or blank. Any configured value will be reset to blank after the copy is finished. default:

ImportMysqlDB: import all files from the importDBDir Directory in to the database - now.
-- All files from the "importDBDir" will be imported in to database . Please define the directory above, before using the import!
default:

exportDBDir: export directory
-- The folder to export the used tables of the database.
The schema of the files is the assp-schema.
Ten versions of exports are available!
For example: mysql/dbexport default: mysql/dbexport

ExportMysqlDB: export all tables from the database
-- All table of the database will be exported to the "exportDBDir" Directory. Please define the Directory above, before using the export!
default:

backupDBDir: backup directory
-- The folder to backup the used tables of the database.
The schema of the files is the assp-schema.
Ten versions of backups are available!
For example: mysql/dbbackup default: mysql/dbbackup

backupDBInterval: backup database Interval ^s
-- backup the database (all tables used by assp at the time) every this hours.
Defaults to 2 hours. default: 2

copyDBToOrgLoc: copy the last DB-backup to the original location
-- If DB-backup is enabled, the last backupversion is also copied to the original location.
If database connections are failed, while ASSP is running, ASSP will switch over to use these files instead of DB-tables.
DB-tables will not be imported from here, this must be done from the importDBDir! default: 1

logfile: ASSP Logfile
-- Blank if you don't want a log file. Change it to maillog.log if you don't want auto rollover.
NOTE: Changing this field requires restarting ASSP before changes take effect. default: logs/maillog.txt

MaxLogAge: Max Age of Logfiles
-- The maximum file age in days of logfiles. If a logfile is older than this number in days, the file will be deleted. Default is 0 - recommended is 30. A value of 0 disables this feature and no logfile will be deleted because of its age. default: 0

MaxLogAgeSchedule: Runtime MaxLogAge ^s
-- Runtime hour for deleting old logfiles. Set a number between 0 and 23. 0 means midnight, 1 is default. default: 1

pidfile: PID File
-- Blank is not a valid value!
You have to restart ASSP before you get a pid file in the new location.
This file is used to detect a clean shutdown of ASSP - in this case it does not exist at startup!
Notes On File Path default: pid

Collecting

spamaddresses: Spam Collect Addresses*
-- Mail to any of these addresses are always spam and will contribute to the spam-collection unless from someone on the whitelist - for example honeypott addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). The addresses are not validated, they are readdressed to ccallspam, however you can supersede this by putting a valid address into sendAllCollect below. default:

sendAllCollect: Catchall Address for Collect Addresses
-- ASSP will readdress messages addressed to Collect Addresses to this address.
For example: collect@mydomain.com default:

DoNotBlockCollect: Use Collect Addresses for Testing Your Environment
-- If set ASSP will block messages from Collect Addresses after other checks are performed. That may help to test and control activated filters. default:

UseTrapToCollect: Use Penalty Trap Addresses To Collect
-- If set ASSP will use addresses from DoPenaltyMakeTraps and spamtrapaddresses to collect spams. default:

noCollecting: Do Not Collect Messages from/to these Addresses*
-- Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). default:

noCollectRe: Do Not Collect Messages - Content Based*
-- If the content of a collected file (incl. X-ASSP-... headers) matches this regular expression, it will be deleted from the collection after the mail is completely processed.
If the ASSP_ARC plugin is used, the file will be deleted from the collection after it was archived. This is the only "no collect" option which removes an already collected file, all other options will prevent assp from creating a collection file - if set to "no collection". The check is limited to MaxBytes or at max 100000 Bytes. default:

DoNotCollectRedRe: Do Not Collect RedRe Matching Mails
-- Mails (Spam/Ham) matching Red Regex (redRe) will not be stored in the collection folders. default: 1

DoNotCollectRedList: Do Not Collect Redlisted Mails
-- Mails (Spam/Ham) matching Redlist will not be stored in the collection folders. default: 1

DoNotCollectBounces: Do Not Collect Bounced Mails
-- Mails matching <Bounce Senders=""> will not be collected. default: 1

NoMaillog: Don't Collect Mail
-- Check this if you're using Whitelist-Only and don't care to save mail to build the Bayesian database. default:

MaxFiles: Max Files
-- If you're not using subjects as file names ( UseSubjectsAsMaillogNames ), this is the maximum number of files to keep in each collection (spam & nonspam)
It's actually less than this -- files get a random number between 1 and MaxFiles. default: 14000

FilesDistribution: Files Distribution
-- This defines how file names are chosen in each collection. If set to 1, names are uniformly distributed. If set between 0.01 and 0.99, names distribution is exponential -- files get lower numbers more frequently. This prevents from corpus being refreshed too quickly, especially when MaxFiles is set to low value (ex. 3000). This setting is ignored if UseSubjectsAsMaillogNames is set to ON.
Recommended: 0.5, Default: 1 default: 1

UseSubjectsAsMaillogNames: Use Subject as Maillog Names
-- You can turn this on to help you manually identify mail in your spam and non-spam collections. This will prevent ASSP from controlling the number of files in your collections(-> MaxFiles ). It is recommended to switch on MaintBayesCollection and to setup MaxNoBayesFileAge to your needs, if you have switched on this option. default: 1

MaxAllowedDups: Max Number of Duplicate File Names
-- The maximum number of logged files with the same filename (subject) that are stored in the spam folder (spamlog), if UseSubjectsAsMaillogNames is selected. Default is 0. A low value reduces the number of possibly duplicate mails, assuming that mails with the same subject will have the same content. A value of 0 disables this feature. If this number of files with the same filename is reached, the oldest file with the same subject will be moved to the discarded folder, which has to be defined ( in addition to spamlog ) for this feature to work. default: 5

AllowedDupSubjectRe: Regular Expression to Identify allowed duplicate Subjects*
-- Messages their subject matches this regular expression will be collected regardless the setting in MaxAllowedDups . default:

UseUnicode4MaillogNames: Use Unicode to build Maillog Names
-- If you have switched on UseSubjectsAsMaillogNames and your default (local language) characterset (please setup ConsoleCharset) needs 8 Bit like "KOI8-r","CP-866","Windows-1251","Windows-1252","ISO-8859-X","X-Mac-Cyrillic","JIS_X0201" or any other (or is UTF-8) - and you want to have readable filenames in the maillog and on the console screen, you can switch on this option. The resolution of some characters written to the console could be incorrect depending on your operating system. This requires an installed Email::MIME module in PERL.
If in addition the module Win32::Unicode is installed on windows platforms, assp will generate unicode filenames for the collected corpus files (already on nix systems). default:

UseUnicode4SubjectLogging: Use Unicode to build Subjects in Maillog
-- If you have switched on UseUnicode4SubjectLogging and your default (local language) characterset (please setup ConsoleCharset) needs 8 Bit like "KOI8-r","CP-866","Windows-1251","Windows-1252","ISO-8859-X","X-Mac-Cyrillic","JIS_X0201" or any other (or is UTF-8) - and you want to have a readable subject in the maillog and on the console screen, you can switch on this option. The resolution of some characters written to the console could be incorrect depending on your operating system. This requires an installed Email::MIME module in PERL. default:

MaxFileNameLength: Max Length of File Names
-- The maximum character count that is used from the mail subject to build the file name of the logged file, if UseSubjectsAsMaillogNames is selected. This could be useful, if your mail clients having trouble to build the resend file name (right button - URL) correctly in block reports. Every non printable character will be replaced by a 4 byte string in this link. default: 50

MaintBayesCollection: Maintenance for Bayesian Collection
-- Set this to on, if you want ASSP to run a maintenance tasks on the bayesian collection folders ( spamlog , notspamlog , correctedspam , correctednotspam ). ASSP will delete the oldest files until the number of files per folder reaches MaxFiles. If you want ASSP to delete files because of their age instead of the number of files ( MaxFiles ), setup MaxBayesFileAge and/or MaxCorrectedDays to your needs.
MaintBayesCollection is useful, if UseSubjectsAsMaillogNames is set to on and doMove2Num is set to off, because in this case the number of files in every collection folder will grow infinite. If set to On, the rebuildspamdb task will also do the cleanup. default: 1

MaxBayesFileAge: Max Age of Bayes Files
-- The maximum file age in days of every file in every bayesian collection folder ( spamlog , notspamlog ). If MaintBayesCollection is set to on and a file is older than this number in days, the file will be deleted. Default is 31. A value of 0 disables this feature and no file will be deleted because of its age. To use different values for spamlog and notspamlog, define two space separated values - the first for spamlog and the second for notspamlog, like '30 60'. The rebuildspamdb task will ignore files older than this days (if not zero).
It is not recommended to enable this option, if you use the bayesian engine of ASSP and doMove2Num is set to ON. A better solution in this case is, to have MaintBayesCollection take care of deletions (by date) and change this setting to 0. default: 31

MaxCorrectedDays: Max Corrected File Age
-- This is the number of days a error report will be kept in the correctedspam and correctednotspam folders. These folders are the longterm memory of ASSP, therefore the default is 10000 days (more than 27 years). To use different values for correctedspam and correctednotspam, define two space separated values - the first for correctedspam and the second for correctednotspam, like '1000 1500'. The rebuildspamdb task will ignore files older than this days (if not set to zero). default: 10000

MaxNoBayesFileAge: Max Age of non Bayes Files
-- The maximum file age in days of every file in every non bayesian collection folder ( incomingOkMail , discarded , viruslog ). If defined and a file is older than this number in days, the file will be deleted. Default is 31. A value of 0 disables this feature and no file will be deleted because of its age. To use different values for incomingOkMail and discarded and viruslog, define three space separated values - the first for incomingOkMail and the second for discarded and the third for viruslog, like '31 45 60' default: 31

MaxFileAgeSchedule: Runtime for MaintBayesCollection and MaxNoBayesFileAge ^s
-- Runtime hour for deleting old collected files (bayes and non bayes). Set a number between 0 and 23. 0 means midnight, 1 is default. If empty a cleanup will not be scheduled. This could be fine, if a rebuildspamdb is scheduled, which will also do the cleanup based on the settings of MaintBayesCollection , MaxBayesFileAge and MaxCorrectedDays - but it will not maintain incomingOkMail , discarded and viruslog based on MaxNoBayesFileAge ! default: 1

MaxBytes: Max Bytes
-- How many bytes of the message body will ASSP look at - the message header is always included in all checks? Mails stored in the collecting folders will be truncated to this size. The average of Ham messages (message body) is 6K, the average of Spam messages is 3K. Usually the spam folder will be filled quicker than the notspam folder, therefore set this value to 4000 to get more wordpairs per Ham Message. When both folders are close to the maxfiles limit, reduce it to 3000. default: 4000

StoreCompleteMail: Store the Complete Mail
-- If set, ASSP will look at MaxBytes, but if possible it will store the complete mail up to the number of bytes configured. This could be useful for example, if you want resend blocked messages. Be careful using this option, your disk could be filled up very fast! default: 999999999

MaxBytesReports: Error Max Bytes
-- How many bytes of an error report message will ASSP look at. For example: 10000. Set this to zero for no limit. default: 10000

NonSpamLog: Non Spam
-- Where to store whitelisted/local non spam messages. Default: notspam folder ( notspamlog ). default: 2

baysNonSpamLog: OK Mail
-- Where to store non spam (message ok) messages. These are messages which are considered as HAM, but should not stored in the standard HAM folder because of our policy to use only confirmed HAM messages (whitelisted or local) for SpamDB. Set incomingOkMail accordingly if you choose 'okmail folder'. Default: no collection default: 0

SpamLog: Store Spam
-- Set this to 'disabled' if you do not want to store any Spam regardless of settings in. Default: enabled (store in folder spamlog ). default: 1

noProcessingLog: NoProcessing OK Mails
-- Where to store noprocessing OK mails. default: 0

npAttachLog: NoProcessing rejected Attachments
-- Where to store noprocessing rejected mail+attachments. Recommended: discard folder ( discarded ) & sendAllSpam default: 7

wlAttachLog: Whitelisted rejected Attachments
-- Where to store whitelisted rejected mail+attachments. Recommended: discard folder ( discarded ) & sendAllSpam default: 7

extAttachLog: External rejected Attachments
-- Where to store external rejected mail+attachments. Recommended: discard folder ( discarded ) & sendAllSpam default: 7

SpamVirusLog: Virus Infected
-- Where to store virus infected messages. Recommended: quarantine ( quarantine ) default: 5

spamBombLog: Spam Bombs
-- Where to store spam bombs. Recommended: discard folder ( discarded ) default: 6

scriptLog: Scripts
-- Where to store scripted messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

blDomainLog: Blacklisted Domains
-- Where to store blacklisted domain messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamHeloLog: Blacklisted Helos
-- Where to store spam helo messages. Recommended: discard folder ( discarded ) & sendAllSpam default: 7

forgedHeloLog: Forged Helos
-- Where to store forged helo messages. Recommended: no collection default: 0

invalidHeloLog: Invalid Helos
-- Where to store invalid helo messages. Recommended: discard folder ( discarded ) default: 6

spamBucketLog: Spam Collect Addresses
-- Where to store mails addressed to Spam Collect Addresses. Recommended: spam folder ( spamlog ) default: 1

baysSpamLog: Bayesian Spams
-- Where to store Bayesian spam messages. Recommended: discard folder ( discarded ) & sendAllSpam default: 7

SPFFailLog: SPF Failures
-- Where to store SPF Failure spam messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

RBLFailLog: DNSBL Failures
-- Where to store DNSBL Failure spam messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

URIBLFailLog: URIBL Failures
-- Where to store URIBL Failure spam messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

SRSFailLog: SRS Failures
-- Where to store SRS Failure (not signed bounces) spam messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamPTRLog: Missing/Invalid Pointer
-- Where to store Missing/Invalid Pointer rejected messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamMXALog: Missing MX Record
-- Where to store Missing MX record rejected messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamISLog: Invalid Local Sender
-- Where to store messages from a local domain with an unknown userpart. Recommended: no collection default: 0

spamSBLog: Blocked Country
-- Where to store messages from a blocked country. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamMSLog: Message Limit Blocks
-- Where to store Message Scoring Limit rejected messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

spamPBLog: PenaltyBox Blocks
-- Where to store PB rejected messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

DKIMLog: DKIM failed
-- Where to store DKIM rejected messages. Recommended: spam folder ( spamlog ) & sendAllSpam default: 3

BackLog: Backscatter check failed
-- Where to store backscatter (MSGID-signing, BATV, DNS-Backscatter) rejected messages. Recommended: no collection default: 6

freqNonSpam: Non Spam Collection Frequency
-- Store every n'th non spam message. If you set the value to 10 then every 10th message is logged. These frequency settings are for ASSP users with a mature installation who experience heavy mail or spam volumes. Enter a larger value if the non spam corpus is being refreshed too quickly. Default Value = 1, log every message. Leave it at the default value 1, if you use BlockReports. default: 1

freqSpam: Spam Collection Frequency
-- Store every n'th spam message. The same as for non spam but helps prevent spam corpuses being skewed by flooding. It is recommended that this be set depending on spam volume. Default value = 1, log every message. Leave it at the default value 1, if you use BlockReports.
Notes On Collecting default: 1

Logging

Notify: Notification Email To
-- Email address(es) to which you want ASSP to send a notification email per default, if a matching log entry ( NotifyRe , NoNotifyRe ) is found. Separate multiple entries by comma ",".
NOTICE: that groups are not allowed to be used here! default:

NotifyRe: Do Notify, if log entry matches*
-- Regular Expression to identify loglines for which a notification message should be send.
useful entries are:
Info: new assp version - to get informed about new available assp versions
info: autoupdate: new assp version - to get informed about an autoupdate of the running script
adminupdate: - for config changes
admininfo: - for admin information
option list file: - for option file reload
error: - for any error
warning: - for any warning
restart - to detect a ASSP restart
notification: too many recipients - for local frequency abuse once per day and sender
warning: too many recipients - for every local frequency abuse
MainThread started - to detect a start of ASSP
Admin connection - for GUI logon

You may define a comma separated list (after '=>') of recipients in every line, this will override the default recipient defined in 'Notify'.
for example: adminupdate:=>user1@yourdomain.com,user2@yourdomain.com.
NOTICE: that groups are not allowed to be used for the second parameter!
As third parameter after a second ('=>') you can define the subject line for the notification message.
for example: adminupdate:=>user1@yourdomain.com,user2@yourdomain.com=>configuration was changed
or: adminupdate:=>=>configuration was changed. default:

NoNotifyRe: Do NOT Notify, if log entry matches
-- Regular Expression to identify loglines for which no notification message should be send.
for example:
user root - if root does anything
[root.?] - if root changes the config default:

fileLogging: File name logging
-- Show file names of collected spam/notspam in log. Will be automatically set to on, if inclResendLink is not set to disabled. default:

subjectLogging: Subject logging
-- Show subject of mail in log default: 1

subjectStart: Subject Start Delimiter
-- Start delimiter of subject in log default: [

subjectEnd: Subject End Delimiter
-- End delimiter of subject in log default: ]

regexLogging: Regex Match logging
-- Show matching regex in log, note that all lists (like eg. noprocessing-list) are used as regex. default: 1

WorkerLogging: Worker logging
-- Show Workername in Log. default: 1

ipmatchLogging: IP Matches Logging
-- Enables logging of IP addresses matches in the maillog. Will show a comment instead of the range if there is text after the IP ranges (and before any number sign) eg. 182.82.10.0/24 AOL default:

slmatchLogging: Logging Address Matches
-- Enables logging of address matches in the maillog. default:

AddRegexHeader: Add RegEx Match Header
-- default:

uniqeIDLogging: Unique ID logging
-- Add unique string to log default: 1

uniqueIDPrefix: Prepend Unique ID logging
-- Prepend ID. For example: m1- default: m1-

tagLogging: Spam Tag Logging
-- Add spam tag to log. default: 1

replyLogging: SMTP Status Code Reply Logging
-- default: 1

expandedLogging: Logging Records include IP & MailFrom
-- default: 1

sysLog: SYSLOG Centralized Logging
-- Enables logging to UNIX or Network Syslog.
Needs the Perl module Sys::Syslog for local UNIX/LINUX or Windows Eventlog logging.
If enabled and useSysSyslog is enabled and any of sysLogIp or sysLogPort is not set, local UNIX/LINUX or Windows Eventlog logging is used. It is not recommended to log to the Windows Eventlog! default:

sysLogPort: Syslog Port (UDP)
-- Port for Network Syslog logging. default: 514

SysLogFac: Syslog Facility
-- Syslog Facility. Valid are kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6 default: mail

sysLogIp: Syslog IP
-- IP Address or hostname of your Network Syslog Daemon for Syslog logging. default:

asspLog: ASSP local logging
-- ASSP manages local logging. The logs (logfile) are stored inside the directory where ASSP is installed. default: 1

LogRollDays: Roll the Logfile How Often?
-- ASSP closes and renames the log file after this number of days. Leave this at the default value 1, if you use BlockReporting. default: 1

LogNameDate: LogName Date Format
-- The standard name for the logfile is YY-MM-DD.maillog.txt, use this option to set it to your needs.
possible values are:
YY-MM-DD (default)
YYYY-MM-DD
MM-DD default: YY-MM-DD

LogDateFormat: Date/Time Format in LogDate
-- Use this option to set the logdate. The default value is 'MMM-DD-YY hh:mm:ss'. The following (case sensitive !) replacements will be done:

YYYY - year four digits
YY - year two digits
MMM - month (three characters) alpha numeric - like Oct Nov Dec
MM - month numeric two digits
DDD - day (three characters) alpha numeric - like Mon Tue Fri
DD - day numeric two digits
hh - hour two digits
mm - minute two digits
ss - second two digits

NOTICE: If you change this value, BlockReports and Griplist-uploads will not work for log entries in the past (from now)!
A value has to be defined for every part of the date/time, the date must be the first part. Allowed separators in date part are ' -./' - in time part '-.:' . default: MMM-DD-YY hh:mm:ss

LogDateLang: Date/Time Language
-- Select the language for the day and month if LogDateFormat contains DDD and/or MMM.
NOTICE: If you change this value, BlockReports and Griplist-uploads will not work for log entries in the past (from now)! default: 0

silent: Silent Mode
-- Checked means don't print log messages to the console. AsADaemon overrides this. default:

debug: General Debug Mode
-- Checked sends debugging info to a .dbg file. Debug is enabled for all Threads, all the time! debugIP and debugRE will be ignored!
Leave this unchecked unless there is a program error you are trying to track down. default:

debugIP: Debug these IPs*
-- Enter IP addresses that you want to be debugged, separated by pipes (|). The local and the remote IP of the connection will be checked!
Not blank sends debugging info to a .dbg file. Leave this blank unless there is a program error you are trying to track down.
This can be IP address of the SMTP service monitoring agent. For example: 127.0.0.1|172.16. default:

debugRe: Regular Expression to Identify Debug-Messages*
-- Put anything here to identify messages that you want to be debugged. Not blank sends debugging info to a .dbg file. Leave this blank unless there is a program error you are trying to track down. default:

debugCode: Run this Code to switch on Debug
-- Put a code line here, to detect messages that you want to debug. The code line has to return 0 or 1. A return of 1 will switch on debug.
for example:

$Con{$fh}->{isbounce}
This code line will switch on debug for all bounce messages.

($Con{$fh}->{relayok} && $Con{$fh}->{isbounce})
This code line will switch on debug for all outgoing bounce messages.

($Con{$fh}->{ispip} && $Con{$fh}->{cip} =~ /^193.2.1./)
This code line will switch on debug if the messages is from ISP and the IP of the server that was connected to the ISP begins with 193.2.1. .

To use this option, you need to know the internal ASSP variables and their usage! default:

debugNoWriteBody: Do not write Body to Debug
-- If selected, the sent message body data will not be written to the debug file. default:

DataBaseDebug: Database Connection Debug Mode
-- Select to debug the database connections! default:

ConTimeOutDebug: Connection Timeout Debug Mode
-- Select to debug SMTP connections that are running in to timeout! default:

IgnoreMIMEErrors: Ignore MIME Errors
-- If selected - Errors, based on wrong email MIME contents, will not be written to log! default: 1

noLog: Don't Log these IPs*
-- Enter IP addresses that you don't want to be logged, separated by pipes (|). The local and the remote IP of the connection will be checked!
This can be IP address of the SMTP service monitoring agent. For example: 127.0.0.1|172.16. default:

noLogRe: Regular Expression to Identify NoLog-Messages*
-- Put anything here to identify messages that you don't want to be logged. default:

allLogRe: Regular Expression to Identify Messages from/to Problematic Addresses *
-- Put anything here to identify messages from/to addresses you want to look at for problem solving. Messages identified will also be set to StoreCompleteMail. default:

noLogLineRe: Regular Expression to Identify skipped Log Lines*
-- Put anything here to identify log Lines that you don't want to be logged. default:

ConnectionLog: Connections Logging
-- default: 0

SessionLog: Session Limit Logging
-- default: 1

denySMTPLog: Enables Logging for 'Deny SMTP Connections From'
-- default: 1

RWLLog: Enable RWL logging
-- default: 1

LDAPLog: Enable LDAP logging
-- ATTENTION: diagnostic will possibly write credential information in clear text to the log! default: 1

VRFYLog: Enable VRFY logging
-- default: 1

ValidateUserLog: Enable User Validation logging
-- default: 1

PenaltyLog: Enable PenaltyBox logging
-- default: 1

PenaltyExtremeLog: Enable PenaltyBox logging
-- default: 1

MessageLog: Enable Message Scoring logging
-- default: 1

MSGIDsigLog: Enable Message-ID signing logging
-- default: 1

BacksctrLog: Enable DNS-Backscatter detection logging
-- default: 1

BATVLog: Enable BATV logging
-- default: 1

ValidateSenderLog: Enable Validate Sender Logging
-- default: 1

SenderBaseLog: Enable SenderBase Logging
-- default: 1

DelayLog: Enable Greylisting/Delaying logging
-- default: 1

BombLog: Enable Bomb logging
-- If set to verbose, the reporting to the logfile and the X-ASSP- scoring header will show the complete list of all hits. Otherwise only the highest match will be shown. default: 1

AttachmentLog: Enable Attachment logging
-- default: 1

SPFLog: Enable SPF logging
-- default: 1

RBLLog: Enable DNSBL logging
-- default: 1

URIBLLog: Enable URIBL logging
-- default: 1

ScanLog: Enable ClamAV logging
-- default: 1

DKIMlogging: Enable DKIM logging
-- default: 1

WorkerLog: Enable thread action logging
-- default: 0

SignalLog: Enable central Perl-signal logging
-- nolog will handle the Perl signals without any output (this should be never set!!!), standard will write a message to log, verbose will write a message to log and to file debugSignal.txt default: 1

BayesianLog: Enable Bayesian Logging
-- Enables verbose logging of Bayesian checks in the maillog. default: 1

ConvLog: Enable Conversion logging
-- default: 1

MaintenanceLog: Enable Maintenance logging
-- default: 1

PerformanceLog: Enable Performance logging
-- default: 1

ReportLog: Enable Report logging
-- default: 1

ScheduleLog: Enable Scheduler logging
-- default: 1

SNMPLog: Enable SNMP logging
-- default: 1

Showmaxreplies: Show All Possible Hits
-- Show hits until maxreplies instead of stopping at maxhits (RBL,URIBL,RWL). default:

RegExLength: RegEx Length in Log
-- Defines how many bytes of a matching Regular Expression will be shown in the log
Some matching Regular Expressions are too long for one line. Default: 32 default: 32

sendNoopInfo: Send NOOP Info
-- Checked means you want ASSP to send a "NOOP Connection from IP" message to your SMTP server.

Notes On Logging
default:

LDAP Setup

LDAPHost: LDAP Host(s)
-- Enter the DNS-name(s) or IP address(es) of the server(s) that run(s) the LDAP database. Second entry is backup. For example: localhost. Separate entries with pipes: LDAP-1.domain.com|LDAP-2.domain.com . To use a different than the default LDAP port, define host:port. default: localhost

DoLDAPSSL: Use SSL with LDAP (ldaps)
-- ASSP will use 'ldaps (SSL port 636)' instead of ldap (port 389) or 'ldaps (TLS over port 389)'. The Perl module IO::Socket::SSL must be installed to use SSL or TLS! default: 0

LDAPtimeout: LDAP Query Timeout
-- timeout when connecting to the remote server. The default is 15 seconds. default: 15

LDAPLogin: LDAP Login
-- Most LDAP servers require a login and password before they allow queries.
Enter the DN specification for a user with sufficient permissions here.
For example: cn=Administrator,cn=Users,DC=yourcompany,DC=com default:

LDAPPassword: LDAP Password
-- Enter the password for the specified LDAP login here. default:

LDAPVersion: LDAP Version
-- Enter the version for the specified LDAP here. default: 3

ldLDAPRoot: LDAP Root container for Local Domains
-- The LDAP lookup will use this container and all sub-containers to match the local domain query.
The literal DOMAIN is replaced by the domain part of SMTP recipient (eg. domain.com) during the search.
For example: DC=yourcompany,DC=com.
If you use DOMAIN here, you must check "LDAP failures return false" below or non local domains will be treated as local. If not defined, LDAPRoot will be used. default:

ldLDAPFilter: LDAP Filter for Local Domains
-- This filter is used to query the LDAP database. This strongly depends on the LDAP structure.
The filter must return an entry if the domain must be relayed.
The literal DOMAIN is replaced by the domain name during the search.
for example: (&(|(|(|(|(&(objectclass=user)(objectcategory=person))(objectcategory=group))(objectclass=publicfolder))(!(objectclass=contact)))(objectclass=msExchDynamicDistributionList))(proxyaddresses=smtp:*@DOMAIN)) default:

LDAPRoot: LDAP Root container for Local Addresses
-- The LDAP lookup will use this container and all sub-containers to match the local email address query.
The literal DOMAIN is replaced by the domain part of SMTP recipient (eg. domain.com) during the search.
For example: DC=yourcompany,DC=com.
If you use DOMAIN here, you must check "LDAP failures return false" below or non local domains will be treated as local. default:

LDAPFilter: LDAP Filter for Local Addresses
-- This filter is used to query the LDAP database. This strongly depends on the LDAP structure.
The filter must return an entry if the recipient address matches with that of any user.
The literal EMAILADDRESS is replaced by the fully qualified SMTP recipient (eg. user@domain.com) during the search.
The literal USERNAME is replaced by the user part of SMTP recipient (eg. user) during the search.
The literal DOMAIN is replaced by the domain part of SMTP recipient (eg. domain.com) during the search.
For example: (proxyaddresses=smtp:EMAILADDRESS) or (|(mail=EMAILADDRESS)(mailaddress=EMAILADDRESS)) or
(&(|(|(|(|(&(objectclass=user)(objectcategory=person))(objectcategory=group))(objectclass=publicfolder))(!(objectclass=contact)))(objectclass=msExchDynamicDistributionList))(proxyaddresses=smtp:EMAILADDRESS)) default:

LDAPcrossCheckInterval: Clean Up local LDAP/VRFY Database ^s
-- Delete outdated entries from the LDAP/VRFY cache. Check the LDAP cache to the LDAP server and/or VRFY-MTA and delete not existing entries.
Defaults to 12 hours. Is only used, if ldaplistdb is defined in the database section! default: 12

LDAPShowDB: Show local LDAP Database
-- The directory/file with the LDAP cache database file. If you change ldaplistdb in section Filepath you must change it here too. default: file:ldaplist

forceLDAPcrossCheck: force to run LDAP/VRFY-CrossCheck - now.
-- ASSP will force to run an LDAP/VRFY-CrossCheck now!
default:

MaxLDAPlistDays: Max LDAP/VRFY cache Days
-- This is the number of days an address will be kept on the local LDAP/VRFY cache without any email to this address. default: 30

ldapLocalIPAddress: LDAP - Destination to Local IP-address Mapping
-- You need to use the "file: ..." option for this parameter!
On windows systems at least Vista/2008 is required!
On multihomed systems with multiple default gateways, it could be required to define the local IP address (source) used for outgoing LDAP connections.
This parameter allows to define local IP addresses used for specific targets (IP's or hosts) - based on the local address, the system will use the right gateway/interface.
Define one entry per line, comments (#) are allowed. The syntax for an entry is 'target=>local-IP'.
target could be any of: IP(4/6) network, IP(4/6) address, hostname, domain-name with wildcard ().

NOTICE: assp will NOT check, that the local IP address is available and bound to a local interface! It will also NOT check the system routing table! YOU SHOULD KNOW WHAT YOU DO! default:

LDAPFail: LDAP/VRFY failures return false
-- If checked, when an error occurs in LDAP or VRFY lookups, the test fails.Notes On LDAP default:

DNS Setup

UseLocalDNS: Use Local DNS
-- Use system default local DNS Name Servers. To use system default local DNS Servers and the configured DNSServers (below), unselect this option and define the system default local DNS Servers in addition below!
To debug the DNS queries, switch on DebugSPF, even you don't use the SFF-check.
All configured or local DNS Name Servers will be checked this may take some time if the servers are responding slow- please wait after apply changes! default: 1

DNSReuseSocket: Reuse DNS UDP Sockets
-- If selected, assp will try to reuse DNS-UDP sockets as long as this is possible. Otherwise each DNS-query will create a new UDP socket for each DNS-Server. It is recommended to set this to on, because assp could use DNS-queries very extensive, which possibly forces the assp system and/or your DNS-servers to run out of available UDP sockets. default: 1

DNSResponseLog: Show DNS Name Servers Response Time in Log
-- You can use this to arrange DNSServers for better performance. default: 0

DNSServers: DNS Name Servers*
-- DNS Name Servers IP's to use for DNSBL(RBL), RWL, URIBL, PTR, SPF2, SenderBase, NS, and DMARC lookups. Separate multiple entries by "|" or leave blank to use system defaults. At least TWO DNS-servers should be defined or used by the system!
For example: 208.67.222.222|208.67.220.220 (OpenDNS).
An DNS-query for the domain 'sourceforge.net' is used per default to measure the speed of the used DNS-servers. If you want assp to use another domain or hostname for this, append '=>domain.tld' at the end of the line - like: 208.67.222.222|208.67.220.220=>myhost.com
To define the domain if you use the local DNS-servers 'UseLocalDNS' without defining any DNS-servers here, simply write '=>myhost.com'.
To debug the DNS queries, switch on DebugSPF, even you don't use the SFF-check.
NOTICE: don't define any public , ISP or open DNS-Servers (eg 208.67.222.222 208.67.220.220 8.8.8.8 8.8.4.4) , if you use any of the following assp checks: DNSBL(RBL), RWL, URIBL, SenderBase ! It is recommended in EVERY case to install (and to use) at least two local DNS-Servers!
NOTICE: the DNS-server order can be changed by assp. Please read this section completely.
All configured or local DNS Name Servers will be checked this may take some time if the servers are responding slow - please wait after apply changes! default: 208.67.222.222|208.67.220.220

DNSServerLimit: Limit the Number of used DNS-Servers
-- If set to a number > zero, assp will use the defined number of fastest responding nameservers (DNSServers) for DNS queries.
Otherwise, all nameserver are used every time.
Notice: This value is not checked against the number of defined DNSServers - don't set nonsense here! default: 0

host2IPminTTL: Minimum TTL used for config reload
-- Minimum TTL used for config reload options, if hostnames are defined for any IP in regular expressions. default: 300

dnsLocalIPAddress: DNS / WHOIS - Destination to Local IP-address Mapping
-- You need to use the "file: ..." option for this parameter!
On windows systems at least Vista/2008 is required!
On multihomed systems with multiple default gateways, it could be required to define the local IP (source) address used for DNS connections.
This parameter allows to define local IP addresses used for specific targets (IP's or hosts) - based on the local address, the system will use the right gateway/interface.
Define one entry per line, comments (#) are allowed. The syntax for an entry is 'target=>local-IP'.
target could be any of: IP(4/6) network, IP(4/6) address, hostname, domain-name with wildcard ().

for example:
22. => 192.168.1.1 # IP4 Network
2222:333: => FE81::1 # IP6 Network
22.23.24.25 => 10.1.1.1 # host IP4
1:2:3:4:5:6:7:8 => FE94::5 # host IP6
*.domain.com => 10.1.1.1 # domain
host.domain.com => 192.168.1.1 # host
* => 172.16.1.1 # default - if not defined, the system default is used

NOTICE: assp will NOT check, that the local IP address is available and bound to a local interface! It will also NOT check the system routing table! YOU SHOULD KNOW WHAT YOU DO! default:

maxDNSRespDist: Maximum DNS Response Time change
-- Maximum DNS Server response time change in milliseconds. The query order of the used nameservers is changed, if any responds time exceeds this value. Set the value to zero or empty to use a fixed DNS-Server order list. default: 50

DNStimeout: DNS Query Timeout
-- Global DNS Query Timeout for DNSBL, RWL, URIBL, PTR, SPF, MX and A record lookups. The default is 2 seconds. default: 2

DNSretry: DNS Query Retry
-- Global DNS Query Retry. Set the number of times to try the query. The default is 1. default: 1

DNSretrans: DNS Query Retrans
-- Global DNS Query Retransmission Interval. Set the retransmission interval. The default is 1.

Notes On DNS Setup default: 1

Server Setup

ConsoleCharset: Charset for STDOUT and STDERR
-- Set the characterset/codepage for the console output to your local needs. Default is "System Default" - default conversion. To display nonASCII characters on the console screen, setup UseUnicode4MaillogNames . Restart is required! default: 0

normalizeUnicode: Normalize Unicode to NFKC
-- If set (which is the default and recommended), all regular expressions and both, the Bayesian and the HMM engine, are normalizing all characters in there setup and the checked content, according to unicode NFKC.
In addition some extended (assp unique) unicode normalization is done for the unicode blocks "Enclosed Alphanumerics", "Enclosed Alphanumeric Supplement" , "Enclosed CJK Letters And Months" and "Enclosed Ideographic Supplement" - like: ① ② ⑳ ⑴ ⒈ ⓫ ⓵ ⓐ Ⓐ 🄰 ㈉㈵㋋ 🉇. Those characters are decomposed by compatibility, then recomposed by canonical equivalence (eg. to LATIN or CJK).
If this value is changed, it is recommended to run a rebuildspamdb.
This feature requires a Perl version 5.012000 (5.12.0) or higher.
NOTICE: the rebuildspamdb task will take up to double the time, if this feature is enabled and non-LATIN mails are processed! default: 1

enable8BITMIME: Enable the 8BITMIME SMTP Extension
-- If enabled assp offers and supports the 8BITMIME SMTP extension, if the connected peers offers and supports 8BITMIME. (This feature is still experimental!) default:

send250OK: Send 250 OK
-- Set this checkbox if you want ASSP to reply with '250 OK' instead of SMTP error code '554 5.7.1'. This will turn ASSP in some form of tarpit. default:

AsADaemon: Run ASSP as a Daemon
-- In Linux/BSD/Unix/OSX fork and close file handles.
Similar to the command "perl assp.pl &", but better.
If "externally controlled" is selected, ASSP simply ends and you have to restart assp from your daemon or watchdog script
If "run AutoRestartCmd on restart and wait" is selected, assp starts the OS command defined in AutoRestartCmd - assp will NOT ! automatically terminate - the started command has to terminate/kill and to (re)start assp - like "service assp restart"!
If "run AutoRestartCmd on restart and exit" is selected, assp starts the OS command defined in AutoRestartCmd and terminates immediately!
requires ASSP restart default: 0

runAsUser: Run as UID
-- The nix user name to assume after startup (nix only). use the autorestart features careful, because any restart from inside ASSP will be done with the permission of this user! Examples: assp, nobody
requires ASSP restart default:

runAsGroup: Run as GID
-- The nix group to assume after startup (nix only).Examples: assp, nobody
requires ASSP restart default:

ChangeRoot: Change Root
-- The new root directory to which ASSP should chroot (*nix only). If blank, no chroot jail will be used. Note: if you use this feature, be sure to copy or link the etc/protocols file in your chroot jail.
requires ASSP restart default:

setFilePermOnStart: Set ASSP File Permission on Startup
-- If set, ASSP sets the permission of all ASSP- files and directories at startup to full (0777) - without any function on windows systems! default:

checkFilePermOnStart: Check ASSP File Permission on Startup
-- If set, ASSP checks the permission of all ASSP- files and directories at startup - all files must be writable for the running job - the minimum permission is 0600 - without any function on windows systems! default:

AutoRestart: Automatic Restart after Exception
-- If ASSP detects a main exception and it runs not as service or daemon, it will try to restart it self automatically! If running as daemon on nix/MAC , ASSP uses the action defined in AsADaemon to restart. default:

AutoRestartAfterCodeChange: Automatic Restart ASSP on new or changed Script
-- If selected, ASSP will restart it self, if it detects a new or changed running script. An automatic restart will not be done, if ASSP is not running as a service on windows or as daemon on linux/MAC, and AutoRestartCmd is not configured. If running as daemon on linux/MAC ( AsADaemon ) ASSP simply ends - you have to restart assp from your daemon script. Leave this field empty to disable the feature. Possible values are 'immed and 1...23' . If set to 'immed', assp will restart within some seconds after a detected code change. If set to '1...23' the restart will be scheduled to that hour. A restart at 00:00 is not supported. default:

AutoUpdateASSP: Auto Update the Running Script (assp.pl)
-- No action will be done if 'no auto update' is selected. You'll get a hint in the GUI (top) and a log line will be written, if a new version is availabe at the download location.
If 'download only' is selected and a new assp version is available, this new version will be downloaded to the directory c:/assp/download (assp.pl) and the syntax will be checked. The still running script will be saved version numbered to the download directory.
If 'download and install' is selected, in addition the still running script will be replaced by the new version.
Configure ( AutoRestartAfterCodeChange ), if you want the new version to become the active running script.
If this value is changed to 'download and install', the autoupdate procedure will be scheduled immediately.
If set, ASSP (on windows systems with ActivePerl installations) will search for updated Perl modules in all registered PPM repositories
The installation of some modules could require manual configuration and the installation fails or an upgrade is not recommended. In this case put the case sensitive module names (one per line) in the following file.
If this value is set to 'download and install', ASSP will try an autoupdate of the new available modules. It is possible, that some modules could not be installed, because the XS module parts are still in use. In this case follow the instruction - click the "new available perl modules" button above. To disable the automatic Perl module update - set "noModuleAutoUpdate" below.
Click this button to see the log file for the updated modules
The perl module Compress::Zlib is required to use this feature. default: 0

noModuleAutoUpdate: No Automatic Perl Module update
-- If set, ASSP will skip the automatic Perl module update. default:

AutoRestartCmd: OS-shell command for AutoRestart
-- The OS level shell-command that is used to autorestart ASSP, if it runs not as a service or daemon! A possible value for your system is:
cmd.exe /C start "ASSPSMTP restarted" "C:\Perl\bin\perl.exe" "c:\assp\assp.pl" "c:/assp"
Leave this field blank, if ASSP runs inside an external loop (inside the OS like assp.sh or assp.cmd). If running on NIX systems and runAsUser and/or runAsGroup is used, don't forget to switch back to root permissions in the script! default:

RestartEvery: Restart Timeout
-- ASSP will automatically terminate and restart after this many seconds. Use this setting to periodically reload configuration data, combat potential memory leaks, or perform shutdown/startup processes. This will only work properly if ASSP runs as a Windows service or in a script that restarts it after it stops or AutoRestartCmd is configured. Alternative to this field you can use ReStartSchedule, to schedule restarts. default: 0

ReStartSchedule: Schedule Cron time for ASSP Restart ^s
-- If not set to "noschedule" (noschedule is default), ASSP uses scheduled times to shutdown or restart ( AutoRestartCmd )! The syntax is the same like in "Vixie" cron! To disable this Scheduler leave this field blank! Never write quotes in to this field!
This requires an installed Schedule::Cron module in PERL.

Time and Date specification

Entry is the specification of the scheduled time in crontab format,
which contains five mandatory time and date fields.
Entry can be either a plain string, which contains
a whitespace separated time and date specification.

The time and date fields are (taken mostly from "Vixie" cron):

field values

minute 0-59

hour 0-23

day of month 1-31

month 1-12 (or as names)

day of week 0-7 (0 or 7 is Sunday, or as names )

seconds 0-59 (optional) not supported inside ASSP !!!

A field may be an asterisk (*), which always stands for
"first-last".

Ranges of numbers are allowed. Ranges are two numbers
separated with a hyphen. The specified range is
inclusive. For example, 8-11 for an "hours" entry
specifies execution at hours 8, 9, 10 and 11.

Lists are allowed. A list is a set of numbers (or
ranges) separated by commas. Examples: "1,2,5,9",
"0-4,8-12".

Step values can be used in conjunction with ranges.
Following a range with "/" specifies skips of
the numbers value through the range. For example,
"0-23/2" can be used in the hours field to specify
command execution every other hour (the alternative in
the V7 standard is "0,2,4,6,8,10,12,14,16,18,20,22").
Steps are also permitted after an asterisk, so if you
want to say "every two hours", just use "*/2".

Names can also be used for the "month" and "day of
week" fields. Use the first three letters of the
particular day or month (case doesn't matter).

Note:
The day of a command's execution can be specified
by two fields -- day of month, and day of week.
If both fields are restricted (ie, aren't *), the
command will be run when either field matches the
current time. For example, "30 4 1,15 * 5"
would cause a command to be run at 4:30 am on the
1st and 15th of each month, plus every Friday

Examples:

8 0 * * * ==> 8 minutes after midnight, every day

5 11 * * Sat,Sun ==> at 11:05 on each Saturday and Sunday

0-59/5 * * ==> every five minutes

42 12 3 Feb Sat ==> at 12:42 on 3rd of February and on each Saturday in February

32 11 1-15/2 */3 * ==> at 11:32 every two days from the first to the 15. every third month

In addition, ranges or lists of names are allowed.
If you want to define multiple entries separate them by "|" default: noschedule

MemoryUsageLimit: Memory Limit in MB that ASSP could use
-- The memory limit in megabyte the assp process could use at maximum on your system. Set this to empty or zero to disable the feature. The check is done using the schedule defined in MemoryUsageCheckSchedule . If the assp process uses more memory than the limit at a scheduled time and assp is able to restart it self - a restart will be done within 15 seconds. The user running assp must have read access to /proc on nix systems or must have read access to the WMI provider on windows systems! default:

MemoryUsageCheckSchedule: Schedule(s) to check the ASSP process memory usage ^s
-- The schedule(s) that is used to check the current memory usage of the assp process compared to the MemoryUsageLimit. Default value is (0-59/10 * * ), which means every 10 minutes. This requires an installed Schedule::Cron module in PERL. default: 0-59/10 * *

myName: My Name
-- ASSP will identify itself by this name in the email "Received:" header and in the helo when sending report-replies. Usually the fully qualified domain name of the host.Examples: assp.mydomain.com, ASSP.nospam default: ASSP.nospam

myNameAlso: Additional My-Name-Definitions
-- If myName was changed or you use shared folders (multiple ASSP) for the corpus files, define the old or other host names here - separate multiple entries by pipe, space or comma. ASSP will use this host names in addition to myName, to detect the received headerlines while the rebuildspamdb is running and in the mail analyzer. default:

myHelo: My Helo
-- How ASSP will identify itself when connecting to the target MTA.
The values used for incoming and outgoing/local mails are separated by "|" - for example:

SENDERHELO - IP - MYNAME - FQDN | MYNAME

The left part "SENDERHELO - IP - MYNAME - FQDN" is used for incoming mails, the right part "MYNAME" is used for outgoing mails.
If any part is empty or the complete parameter is not defined, the helo of the sending host is used.
Using the "IP" literal, you can tell your local MTA the connected IP address.
Any RFC compatible text can be used. DO NOT define the SMTP command HELO/EHLO, the command used by the sending host will take place!
The following case sensitive literals will be replaced with:

IP - the IP address of the connected host
MYNAME - the value defined in myName
FQDN - the local operating system hostname
SENDERHELO - the helo text received from the connected host
default:

HideIPandHelo: Hide IP and/or Helo
-- Replace any of these information ( ip=127.0.0.1 helo=anyhost.local ) in our received header for outgoing mails. Use the syntax ip=127.0.0.1 and/or helo=anyhost.local . default:

myGreeting: Override the Server SMTP Greeting
-- Send this SMTP greeting (eg. 220 MYNAME is ready - using ASSP VERSION) instead of your MTA's SMTP greeting to the client. If not defined (default), the MTA's greeting will be sent to the client. The literal MYNAME will be replaced with myName and the literal VERSION will be replaced by the full version string of assp. If the starting '220 ' is not defined, assp will add it to the greeting. default:

asspCfg: assp.cfg*
-- For internal use only - it is assp.cfg file. Do not change this value. default: file:assp.cfg

AutoReloadCfg: Automatic Reload ConfigFile
-- If selected and the assp.cfg file is changed externally, ASSP will reload the configuration from the file automatically. default:

asspCfgVersion: assp.cfg version
-- ASSP will identify the assp.cfg file. Do not change this. default:

ConfigChangeSchedule: Schedule Configuration Changes*
-- Use this option to schedule configuration changes. You must use the file option like 'file:files/configchangeschedule.txt' to define schedules - an empty value disables this feature.
Define one schedule per line - comments are not allowed in a schedule definition line!
The line has to start with the schedule string ( see ReStartSchedule ) followed by the variable (or hidden variable ) name to change, followed by ':=', followed by the value to change the variable to - like:

8 0 * * myNameAlso:=otherhost1.mydomain.tld
0 6 * |0 10 * * myNameAlso:=otherhost2.mydomain.tld
0 1 * * debug:=1
0 2 * * debug:=

The schedule string can contain multiple schedule definitions separated by pipe'|'. You will get errors if:
- the schedule definition is wrong
- the variable name is wrong (does not exists)
- the syntax of the value is wrong
Notice - assp will only check the syntax at definition time - the logical correctness of the value will be checked at the scheduled time! So, assp will (for example) not check any dependencies at definition time - if a dependency is wrong, the change request at the scheduled time will fail!
Notice - all configuration changes are done with 'root' permission! For this reason, this configuration parameter is only visible to root and it is stored encrypted!

For advanced users ONLY:
Using the following extension, requires a deep internal knowledge of the assp code!
It is also possible to schedule a call to an internal assp subroutine. The name of the subroutine has to begin with a '&', the parameters that should passed to the subroutine must be in '()' - like:
0 6 * * &subname(var1,var2,..,...)
0 7 * * &subname()
Notice: the subroutine will be called in the MainThread and syntax check will be done at run time - possible errors are shown in the log! default:

proxyserver: Proxy Server
-- The Proxy Server to use when uploading global statistics and downloading the greylist.Examples: 192.168.0.1:8080, 192.168.0.1 default:

proxyuser: Proxy User
-- The Proxy-UserName that is used to authenticate to the proxy. default:

proxypass: Proxy Password
-- The password for Proxy-UserName that is used to authenticate to the proxy. default:

webAdminPort: Web Admin Port
-- The port on which ASSP will listen for http connections to the web administration interface. If you change this, after you click Apply you must change the URL on your browser to reconnect. You may also supply an IP address or hostname to limit connections to a specific interface. Separate multiple entries by pipe "|"!Examples: 55555, 192.168.0.5:12345, myhost:12345, 192.168.0.5:22345|myhost:12345 default: 55555

enableWebAdminSSL: Use https instead of http
-- If selected the web admin interface will be only accessible via https. If you change this, after you click Apply you must change the URL on your browser to reconnect.
This requires an installed IO::Socket::SSL module in PERL.
A server-certificate-file "certs/server-cert.pem" and a server-key-file "certs/server-key.pem" must exist and must be valid!
If you do not have valid certificates, you may generate both files online with www.mobilefish.com or you may use OpenSSL to generate Self-signed SSL certificates! More configuration options are webSSLRequireCientCert, SSLWEBCertVerifyCB and SSLWEBConfigure . default:

webAdminPassword: Web Admin Password - Masterpassword (root)
-- The password for the web administration interface for user root(minimum of 5 characters).
DO NOT use the digits "45" as the first two characters of the password or you will be not able to login ever again!
If root is logged on, no other logins are allowed. Always use the "logoff"-button as root to terminate the session - closing the browser without logoff could cause other session to be disallowed. default: nospam4me

allowAdminConnectionsFrom: Only Allow Admin Connections From*
-- An optional list of IP addresses and/or hostnames from which you will accept web admin connections. Blank means accept connections from any IP address.
Note: if you make a mistake here, you may disable your web administration interface and be forced to manually edit your configuration file to fix it.Examples:
127.0.0.1|172.16. default:

httpRequireCookies: HTTP and HTTPS require enabled browser cookies
-- Cookie based http session ID's are used by assp to handle different requests from the same IP (eg behind NAT). Switch this off, if you are unable to use cookies in your browser. If switched off, a security hole is opened for connection that are using NAT - it could be possible that a second workstation (behind NAT) is able to login to the GUI, without user credentials if the same OS and browser version is used. default: 1

webStatHealthyResp: Status Response Literal for a Healthy State of ASSP
-- This option must be set and it must be different to webStatNotHealthyResp. This literal will be given back in stat requests, if ASSP is working healthy. default: healthy

webStatNotHealthyResp: Status Response Literal for a Not Healthy State of ASSP
-- This option must be set and it must be different to webStatHealthyResp. This literal will be given back in stat requests, if ASSP is working not healthy. default: not healthy

webStatPort: Raw Statistics Port
-- The port on which ASSP will listen for http or telnet connections to the statistics interface. You may also supply an IP address to limit connections to a specific interface. Only one value is supported!
The stats are available via browser or telnet (or telnet similar socket). Using telnet, press ENTER two times to get the healthy state (' $webStatHealthyResp [CRLF]' or ' $webStatNotHealthyResp [CRLF]' in a single line), this is the recommended methods to get the 'UP'-state of assp from nagios or any other external script.
Type 'stat[ENTER][ENTER]' to get the STATS in raw text where each line is terminated with '[CR]LF' (CR is send in any case, if the request contains CR).
The HTML output are LF terminated STAT lines.Examples: 55553, 192.168.0.5:12345 default: 55553

enableWebStatSSL: Use https instead of http
-- The web stat interface will be only accessible via https.
This requires an installed IO::Socket::SSL module in PERL.
A server-certificate-file "certs/server-cert.pem" and a server-key-file "certs/server-key.pem" must exits and must be valid! More configuration options are statSSLRequireClientCert, SSLSTATCertVerifyCB and SSLSTATConfigure . default:

allowStatConnectionsFrom: Only Allow Raw Statistics Connections From*
-- An optional list of IP addresses from which you will accept raw statistical connections. Blank means accept connections from any IP address. Examples:
127.0.0.1|172.16. default: 127.0.0.1

EnableHTTPCompression: Enable HTTP Compression in GUI
-- Enable HTTP Compression for faster web administration interface loading. The perl module Compress::Zlib is required to use this feature. default: 1

httpLocalIPAddress: HTTP - Destination to Local IP-address Mapping
-- You need to use the "file: ..." option for this parameter!
On windows systems at least Vista/2008 is required!
On multihomed systems with multiple default gateways, it could be required to define the local IP address (source) used for outgoing HTTP connections.
This parameter allows to define local IP addresses used for specific targets (IP's or hosts) - based on the local address, the system will use the right gateway/interface.
Define one entry per line, comments (#) are allowed. The syntax for an entry is 'target=>local-IP'.
target could be any of: IP(4/6) network, IP(4/6) address, hostname, domain-name with wildcard ().

NOTICE: assp will NOT check, that the local IP address is available and bound to a local interface! It will also NOT check the system routing table! YOU SHOULD KNOW WHAT YOU DO! default:

EnableFloatingMenu: Enable Floating Menu Panel in GUI
-- Allow the left menu panel on the web administration interface to float. default:

hideAlphaIndex: Hide the Alpha Index Menu Panel in GUI
-- Removes the index panel on the left side in the GUI, but the index is acceddible by clicking on "Sorted". default:

IndexSlideSpeed: Sliding Speed of the Alpha Index Menu Panel in GUI
-- Adjust the sliding speed of the Alpha Index Menu Panel in GUI to your needs. default: 10

RememberGUIPos: Remember the last GUI position
-- If selected, the GUI will remember the last topic of the main menu, that had the focus, was changed, that were jumped to or that were clicked on. default: 1

EnableInternalNamesInDesc: Show Internal Names in the GUI
-- Show the internal names in the web interface. The internal names are used in the configuration file (assp.cfg), in the application code, and in the menu bar on the left side of the GUI. default: 1

MaillogTailJump: Jump to the End of the Maillog
-- Causes the browser window to jump to the bottom of the maillog instead of sitting at the top of the display. default:

MaillogTailBytes: Maillog Tail Bytes
-- The number of bytes that will be shown when the end of the maillog is viewed. The default value is 10000. default: 10000

CleanCacheEvery: Cache Cleaning Interval ^s
-- This period (in hours) determines how frequently ASSP does cache-housekeeping. default: 6

SaveStatsEvery: Statistics Save Interval ^s
-- This period (in minutes) determines how frequently ASSP statistics are written to a local file. default: 30

totalizeSpamStats: Upload Consolidated Spam Statistics
-- ASSP will upload its statistics to be consolidated with the global ASSP totals. This is a great marketing tool for the ASSP project — please do not disable it unless you have a good reason to do so. No private information is being disclosed by this upload. default: 1

enableGraphStats: Enable Graphical Statistics Collection
-- ASSP will collect statistical data in files located in the '/logs' folder (scoreGraphStats-YYYY-MM.txt , statGraphStats-YYYY-MM.txt). If data are collected and the module lib/ASSP_SVG.pm is installed and the files images/stat.gplot, images/svg_style.css, images/svg_defs.svg and images/svg.js are installed and your browser supports SVG, assp will show graphical statistic data, if you click on a line in the 'Info and Stats' view.
If baysConf is configured, assp will also collect statistical data about the Bayesian and HMM confidence distribution - the file names are confidenceGraphStats-YYYY-MM.txt.
It is recommended to set 'SaveStatsEvery' to a value of 5 or 10 minutes, if this option is enabled!
Keep in mind that assp will NOT delete any of the '*GraphStats...txt'-files. If you don't need some of that files anymore, remove them manually! default: 0

ReloadOptionFiles: Reload Option Files Interval ^s
-- If set not to zero, ASSP reloads configuration option files (file:.....) every this many seconds if they have changed. It is not recommended (and could make ASSP unavailable) to use rsync or any external tool to snychronize caches and list permanently. If you need to snychronize data between ASSP installations, you better use a database of your choice! default: 300

OrderedTieHashTableSize: Ordered-Tie Hash Table Size
-- The number of entries allowed in the hash tables used by ASSP. This only belongs to Griplist if useDB4IntCache is not set. Larger numbers require more RAM but result in fewer disk hits. The default value is 10000. Adjust down to use less RAM. default: 10000

OutgoingBufSizeNew: Size of TCP/IP Buffer
-- The default is 10240000 byte. Even more is better... default: 10240000

useDB4IntCache: Use BerkeleyDB for Internal Caches
-- ASSP uses some internal caches that could grow to a large number of entries. Switch this on, if you want ASSP to use less memory and be a little slower. The perl module BerkeleyDB version 0.34 or higher and BerkeleyDB version 4.5 or higher is required to use this feature. default:

ALARMtimeout: Module Call Timeout
-- Global Timeout for SPF checks. The default is 10 seconds.
Thread Control - be careful changing the following green options! default: 10

NumComWorkers: Number of SMTP-Threads
-- Number of SMTP-Threads to be used! Typical and default is 5. 10 should be enough for 200.000 connections a day. 15 should be the absolute maximum. Values above 7 will mostly not increase performance. Configurable values are between 2 and 29. Restart ASSP if you changed this and you are using any database connection! A restart of assp is required if tis value was increased. default: 5

ReservedOutboundWorkers: Reserved Number of Outbound-SMTP-Threads on relayPort
-- Number of SMTP-Threads to be reserved for relayed (outbound) connections on relayPort ! This number of Threads will be exclusive reserved for connections on relayPort . For example: NumComWorkers=7 and ReservedOutboundWorkers=2 - mails on listenPort , listenPort2 and listenPortSSL are using worker 1-5 and mails on relayPort using worker 7-1 ! If you are not using the relayPort, do not reserve any workers. default: 0

autoRestartDiedThreads: automatically restart died threads
-- If defined, a (for any reason) died thread will be automatically restarted! default: 1

MaxFinConWaitTime: Maximum time to wait for SMTP-Workers to finish connections
-- The maximum time in seconds to wait for SMTP-Workers to finish connections, in case of a shutdown or restart of ASSP. Default is 45. Configurable values are 10 to 599. default: 45

MonitorMainThread: Monitor the MainThread
-- If defined, the MainThread will be monitored for healthy by the MaintThread (Worker 10000)! default: 1

EnableHighPerformance: Enable Higher Performance
-- If set, the SMTP-Worker-Threads will get new pending connections much faster - using less wait states. The speed to interrupt the workers by the MainThread is increased. Using this feature will increase the CPU usage of the system! default: 0

ThreadCycleTime: thread cycle time
-- Time in microseconds (for SMTP workers and MainThread) to give each other thread to run in high CPU-workload conditions. Default value is 3000, typical values are between 10 and 9000. You can set this to 0, if your OS honors system-yield-calls (0 is not recommended on Windows OS)! A higher value will reduce CPU usage but cause ASSP to run more slowly! default: 3000

MaintThreadCycleTime: MaintenanceThread cycle time
-- Time in microseconds (for MaintThread) to give each other thread to run in high CPU-workload conditions. Default value is 3000, typical values are between 10 and 9000. You can set this to 0, if your OS honors system-yield-calls (0 is not recommended on Windows OS)! A higher value will reduce CPU usage but cause ASSP to run more slowly! default: 3000

RebuildThreadCycleTime: RebuildSpamDBThread cycle time
-- Time in microseconds (for RebuildSpamDBThread) to give each other thread to run in high CPU-workload conditions. Default value is 30, typical values are between 10 and 1000. You can set this to 0, if your OS honors system-yield-calls (0 is not recommended on Windows OS) and your system is fast enough! A higher value will reduce CPU usage but cause ASSP to run more slowly! default: 30

ThreadStackSize: Stack Size use by every Thread
-- The stack size in MB that is used by every thread. Default is 0, which means to use the default system stack size. 16 MB is the default system stack size on windows platforms. This system value may differ on different platforms. To get the default stack size on linux use the shell command "ulimit -a". Try to increase this value, if you get "out of memory" errors while running assp. Changing this value requires an assp restart to take effect. default: 0

IOEngine: Use This IO Engine
-- Depending on your operating system and your Perl version it could be necessary to use the non default IOEngine 'IO::Select'. Try this if you see unexpected early closed connections in the log. You have to restart ASSP, if you have changed this value! default: 0

MinPollTime: Minimum Poll/Select Wait Time
-- The time in milliseconds that ASSP will at least wait for IO::Poll/IO::Select events! A higher value will reduce CPU usage but cause ASSP to run more slowly! Default is 2. default: 2

WorkerCPUPriority: CPU priority for SMTP-Threads
-- Set the priority for the Workers in relation to all other processes/threads on the system. Than higher the value - than lower the priority. Default is 0 (system default is 0). Possible values are 0,1 and 2. This requires installed Thread::State module. It is recommended to run the Workers on lower priority, if ASSP has to process most of the time a large number of mails at one moment ( number of mails > NumComWorkers ). default: 0

asspCpuAffinity: Cpu Affinity for assp
-- Set the Cpu Affinity for all threads . Default is -1 (for use all CPU's). Possible values are comma or space separated CPU numbers starting with zero (0) or -1 for all CPU's. This requires installed Sys::CpuAffinity module. This feature will possibly not work on MacOS and OpenBSD and on any OS, if the system contains more than 32 CPU's. default: -1

PreAllocMem: pre allocate memory for every mail
-- ASSP pre-allocates this number of bytes in mainstorage two times (in/out) for every mail to avoid memoryfracmentation (particularly in ASSP long run conditions). The memory will be allocated, if the DATA command is received from the server. Default is 100000 - this is enough for most of the mails. If ASSP receives the SIZE command from the server, the pre-allocation-memory will be calculated on that value. Question: Is it better to increase this value? Answer: Yes, it is - but be careful, this may cause ASSP running in out of memory errors! default: 100000

FreeupMemoryGarbage: Freeup Memory Garbage
-- If defined, all Threads will try to recover memory every five minutes! default: 1

ConnectionTransferTimeOut: Connection Transfer Timeout
-- Global Timeout for MainThread to transfer a connection to any Worker. If no Worker is able to take the new SMTP-connection (for any reason), the new connection will be dropped! The default is 30 seconds. default: 30

ShowPerformanceData: Show Performance DATA in SMTP Connection screen
-- If defined, performance data will be shown in top of the SMTP connection screen!
end of Thread Control default: 1

UseLocalTime: Use Local Time
-- Use local time and timezone offset rather than UTC time in the mail headers.

Notes On Server Setup default: 1

Rebuild Spamdb

RebuildSchedule: Schedule Cron time for RebuildSpamdb
-- If not set to "noschedule" (noschedule is default) , ASSP uses scheduled times to run the RebuildSpamdb! The syntax is the same like in "Vixie" cron! To disable the Scheduler write "noschedule"! Never write quotes in to this field!
This requires an installed Schedule::Cron module in PERL.
It is possible to define more than one scheduled time per day to keep the Bayesian and HMM databes up to date, but this is not required - use 'newReportedInterval' instead.
If a file c:/assp/rebuilddebug.txt exists, the rebuild task will write the debug output to this file.

Time and Date specification

The time and date fields are (taken mostly from "Vixie" cron):

field values

minute 0-59

hour 0-23

day of month 1-31

month 1-12 (or as names)

day of week 0-7 (0 or 7 is Sunday, or as names )

seconds 0-59 (optional) not supported inside ASSP !!!

A field may be an asterisk (*), which always stands for
"first-last".

Ranges of numbers are allowed. Ranges are two numbers
separated with a hyphen. The specified range is
inclusive. For example, 8-11 for an "hours" entry
specifies execution at hours 8, 9, 10 and 11.

Lists are allowed. A list is a set of numbers (or
ranges) separated by commas. Examples: "1,2,5,9",
"0-4,8-12".

Names can also be used for the "month" and "day of
week" fields. Use the first three letters of the
particular day or month (case doesn't matter).

Examples:

8 0 * * * ==> 8 minutes after midnight, every day

5 11 * * Sat,Sun ==> at 11:05 on each Saturday and Sunday

0-59/5 * * ==> every five minutes

42 12 3 Feb Sat ==> at 12:42 on 3rd of February and on each Saturday in February

32 11 * * * 0-30/2 ==> 11:32:00, 11:32:02, ... 11:32:30 every day

In addition, ranges or lists of names are allowed.
If you want to define multiple entries separate them by "|" default: noschedule

useDB4Rebuild: Use BerkeleyDB/DB_File or orderedtie for the RebuildSpamDB Internal Caches
-- The RebuildSpamDB thread uses some internal caches that could grow to a large number of entries. Switch this on, if you want this thread to use less memory and be a little slower.
Adjust RebuildThreadCycleTime to a lower value (between 0 and 30) to speed up the RebuildSpamDB thread.
The perl module BerkeleyDB version 0.34 or higher and BerkeleyDB version 4.5 or higher is required to use this feature. DB_File (Berkeley V1) will be used if BerkeleyDB is not available. If both BerkeleyDB and DB_File are not available, the rebuild thread will use the internal 'orderedtie' which is up to 1000 times slower than BerkeleyDB. default:

ReplaceOldSpamdb: Replace the old Records in Spamdb and Spamdb.helo
-- If selected, the new created records for Spamdb and Spamdb.helo will replace the old (belongs not to HMM, which is replaced every time). If not seleted, the new records will be added to Spamdb and Spamdb.helo . Default is on. default: 1

doMove2Num: Do move2num Before Rebuild
-- Renames files to numbers before the rebuild is started. If this is done, some other features like 'MailLogTail' and 'Block-Report' will be unable to find the files! default:

newReportedInterval: Interval for processing new Reported Mails
-- File count and interval definition (count minutes) for processing new reported mails (correctedspam , correctednotspam) - process if at least 'first value' mails are reported but every 'second value' minutes. defaults to '10 5'
Set the first value to zero to disable this feature.
If enabled, new reported mails or files moved in to the corpus via GUI are used, to immediately update the Spamdb and HMMdb with the new information.
This will keep the databases continuously uptodate and the RebuildSchedule interval could be increased, if there are enough files in the corpus and your corpus norm is fine.
If you need to copy/move several files from outside assp in to the corpus and you want assp to process them immediately, copy/move the files in to the subfolder "error/.../newManuallyAdded". default: 10 5

MaxKeepDeleted: Max Days of Keep Deleted
-- The maximum number in days deleted files in the bayesian collection folders ( spamlog , notspamlog ) will be kept. This is necessary when EmailBlockReport is used to handle the file and the file is meanwhile deleted. The list of files that are maked for deletion is stored in trashlist.db . default: 0

autoCorrectCorpus: Automatic Corpus Correction
-- (Syntax: a.a[a]-b.b[b]-cccc-dd or empty - default is "0.6-1.4-4000-14") If the corpus norm (the weight between spamwords/hamwords) is less than "a" (0.6 - too much ham) or greater than "b" (1.4 - too much spam), assp will delete the excess (oldest) files from the corresponding folder ( spamlog , notspamlog ). ASSP will keep a minimum of "c" (4000) files in the folder and will never delete files that are younger than "d" (14) days. This cleanup will run at the end of the rebuildspamdb task. So the corrected file corpus will take effect at the next rebuildspamdb!
If this value is defined, assp will use the middle value of "a" and "b" ((a+b)/2) as target corpusnorm and will try to reach this value, using (as many as possible) but only such a count of files in the folders spamlog and notspamlog as required! default: 0.6-1.4-4000-14

RebuildFileTimeLimit: File Processing time Limit
-- (Syntax: a[.aa] b[.bb] - default is "1 5")
Define one, or two space or comma separated values.
If the first value is not zero and the processing time of a single corpus file exceeds the first value in seconds, this will be shown in the rebuild log.
If the second value is not zero and the processing time of a single corpus file exceeds the second value in seconds, the file will be moved to the folder "$base/rebuild_error" to prevent future runtime penalties. default: 1 5

RebuildNotify: Notification Email To
-- Email address(es) to which you want ASSP to send a notification email after the rebuild task is finished. The file rebuildrun.txt is included in this notification. Separate multiple entries by "|". default:

RebuildTestMode: Run the Rebuild in Test Mode
-- If selected, all rebuildspamdb tasks will not populate the spamdb and hmmdb - and no data will be sent to the griplist-Server. default:

forceRebuildDowngrade: Keep rebuildspamdb.pm compatible to assp.pl
-- Keep rebuildspamdb.pm compatible to assp.pl in case of an assp.pl version downgrade. default: 1

RunRebuildNow: Run RebuildSpamdb now
-- If selected, RebuildSpamdb will be started immediately.
Last Result Of Rebuildspamdb
Rebuildspamdb-debug-output - create the file to enable the debug mode - delete the file to stop the debug mode for the rebuildspamdb task
normfile - shows current:
Corpus-Norm , Corrected-SpamFiles , Corrected-NotSpamFiles , Spamlog-Files , NotSpamlog-Files , SpamWords/File , Hamwords/File , Spamwords , Hamwords
Notes On RebuildSpamdb default:

Char Conversions / TNEF

inChrSetConv: inbound charset conversion table*
-- If defined, characterset conversion for inbound mails will be done. For example: if your email server does not understand UTF-8, ASSP will convert the mail parts to the characterset of your choice. The rules specified here are used to convert text parts of inbound mails from one to another characterset.Example:UTF-8=>ISO-8859-1|ISO-8859-15=>ISO-8859-1
This requires an installed Email::MIME module in PERL.
This conversions are done for all (inbound,CC,report ..) mails except relayed mails. The converted mail will be not available on disk except DEBUG. default:

outChrSetConv: outbound charset conversion table*
-- If defined, characterset conversion for outbound mails will be done. For example: if your email server is unable to send mails in UTF-8, ASSP will convert the mail parts to UTF-8. The rules specified here are used to convert text parts of outbound mails from one to another characterset.Example:ISO-8859-1=>UTF-8|ISO-8859-2=>UTF-8|windows-1250=>UTF-8
This requires an installed Email::MIME module in PERL.
This conversions are done only for relayed mails! default:

doInFixTNEF: convert inbound MS-TNEF attachments to MIME
-- convert inbound MS-TNEF attachments like winmail.dat to MIME parts/attachments. If a TNEF-file is attached by other than Exchange (like application/octet-stream) no conversion will be done.
In addition to Email::MIME this requires both installed Convert::TNEF and MIME::Types module in PERL. default:

keepInTNEF: keep the MS-TNEF part in inbound mail
-- keep inbound MS-TNEF attachments like winmail.dat in MIME parts. If unchecked and the conversion is successful, the original attachment will be removed from mail! default: 1

doOutFixTNEF: convert outbound MS-TNEF attachments to MIME
-- convert outbound MS-TNEF attachments like winmail.dat to MIME parts/attachments. If a TNEF-file is attached by other than Exchange (like application/octet-stream) no conversion will be done.
In addition to Email::MIME this requires both installed Convert::TNEF and MIME::Types module in PERL. default:

keepOutTNEF: keep the MS-TNEF part in outbound mail
-- keep outbound MS-TNEF attachments like winmail.dat in MIME parts. If unchecked and the conversion is successful, the original attachment will be removed from mail! default: 1

convertNP: convert NoProcessing mails
-- Set this to on, if noprocessing mails should be converted, which is normally not the case. default:

doDKIMConv: convert DKIM mails
-- DKIM messages could normally not modified. If checked, conversions will be done on DKIM messages - you have to disable the DKIM check on your email server (MTA)! default: 0

TNEFDEBUG: TNEFDEBUG (only in dev)
-- prints TNEF conversion debug info to screen.

Notes On Character Conversions / TNEF default:

SSL Proxy and TLS support

DoTLS: How to Handle STARTTLS Requests
-- If set to "drop TLS", any STARTTLS request will be removed from the protocol stack and no connection will ever go in to any TLS mode!
If set to "TLS to Proxy" and both peers (client and server) supports TLS, both connection will be moved in to a transparent Proxy mode. All data will be encrypted and unreadable to ASSP.
If set to "do TLS", ASSP will be the "man in the middle". ASSP will try to move both connections in to TLS. All data will be readable to ASSP - so all checks could be done. If any of the peers does not support TLS, ASSP will fake this (250-STARTTLS) to the other peer. So it could be possible, that the connection to the client is going in to TLS mode, even if TLS is not supported by the server. If a client does not request TLS (STARTTLS) even it has got the (250-STARTTLS), ASSP tries to start a TLS session to server, if he has sent (250-STARTTLS)! This behavior belongs to incoming and outgoing messages. This option requires the installed perl module IO::Socket::SSL!
For "do TLS" a server-certificate-file " SSLCertFile " and a server-key-file " SSLKeyFile " must exist and must be valid!
If you do not have valid certificates, you may generate both files online with www.mobilefish.com or you may use OpenSSL to generate Self-signed SSL certificates! If you have installed OpenSSL (must be in PATH) and installed and enabled IO::Socket::SSL and ASSP is unable to find valid certificates - ASSP will try to create them at startup!
default: 0

SSL_version: SSL version used for transmission
-- Sets the version of the SSL protocol used to transmit data. The default is SSLv2/3:!SSLv3:!SSLv2.
The IO::Socket::SSL POD explains:
Sets the version of the SSL protocol used to transmit data.
'SSLv23' uses a handshake compatible with SSL2.0, SSL3.0 and TLS1.x, while
'SSLv2', 'SSLv3', 'TLSv1', 'TLSv1_1' or 'TLSv1_2' restrict handshake and
protocol to the specified version.
All values are case-insensitive. Instead of 'TLSv1_1' and 'TLSv1_2' one can
also use 'TLSv11' and 'TLSv12'. Support for 'TLSv1_1' and 'TLSv1_2' requires
recent versions of Net::SSLeay and openssl.

Independent from the handshake format you can limit to set of accepted SSL
versions by adding !version separated by ':'.

The default SSL_version is 'SSLv23:!SSLv3:!SSLv2' which means, that the
handshake format is compatible to SSL2.0 and higher, but that the successful
handshake is limited to TLS1.0 and higher, that is no SSL2.0 or SSL3.0 because
both of these versions have serious security issues and should not be used
anymore.
You can also use !TLSv1_1 and !TLSv1_2 to disable TLS versions 1.1 and 1.2 while
still allowing TLS version 1.0.

Setting the version instead to 'TLSv1' might break interaction with older
clients, which need a SSL2.0 compatible handshake. On the other
side, some clients just close the connection when they receive a TLS version 1.1
request. In this case setting the version to
'SSLv23:!SSLv2:!SSLv3:!TLSv1_1:!TLSv1_2' might help. default: SSLv2/3:!SSLv3:!SSLv2

SSL_cipher_list: SSL key cipher list
-- If this option is set, the cipher list for the connection will be set to the given value, e.g. something like 'ALL:!LOW:!EXP:!ADH' or 'DEFAULT:!aNULL:!RC4:!MD5'. Look into the OpenSSL documentation (http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS) for more details. Setting this value causes the 'SSL_honor_cipher_order' flag to be switched on (BEAST vulnerable)
If this option is not used (default) the openssl builtin default is used which is suitable for most cases. default:

NoTLSlistenPorts: Disable SSL support on listenPorts
-- This disables TLS/SSL on the defined listenPorts, if DoTLS is set to "do TLS". All other SMTP listeners will support TLS/SSL, if DoTLS is set to "do TLS". This option works for listenPort , listenPort2 and relayPort . The listener definition here has to be the same like in the port definitions. Separate multiple entries by "|".Examples: 25, 127.0.0.1:25, 127.0.0.1:25|127.0.0.2:25 default:

TLStoProxyListenPorts: Force TLS to Proxy on this Ports
-- If a STARTTLS command is received on a port that is defined here, the connection will be moved in to the transparent proxy mode every time - independent from the setting of DoTLS . This option works for listenPort , listenPort2 and relayPort . The listener definition here has to be the same like in the port definitions. Separate multiple entries by "|".Examples: 25, 127.0.0.1:25, 127.0.0.1:25|127.0.0.2:25 default:

SSLCertFile: SSL Certificate File (PEM format)
-- Full path to the file containing the server's SSL certificate or certificate-chain, for example : /usr/local/etc/ssl/certs/assp-cert.pem or c:/assp/certs/server-cert.pem. A general cert.pem file is already provided in 'assp/certs/server-cert.pem'. default: c:/assp/certs/server-cert.pem

SSLKeyFile: SSL Key File (PEM format)
-- Full path to the file containing the server's SSL private key, for example: /usr/local/etc/ssl/certs/assp-key.pem or c:/assp/certs/server-key.pem. A general key.pem file is already provided in 'assp/certs/server-key.pem' default: c:/assp/certs/server-key.pem

SSLPKPassword: SSL Private Key Password
-- Optional parameter. If your private key ' SSLKeyFile ' is password protected, assp will need this password to decrypt the server's SSL private key file. default:

SSLCaFile: SSL Certificate Authority File
-- Optional parameter to enable chained certificate validation at the client side. Full path to the file containing the server's SSL certificate authority. If you provide the ca-certificate or certificate-chain together with the certificate file in the SSLCertFile parameter, leave this field blank. For example : /usr/local/etc/ssl/certs/assp-ca.crt or c:/assp/certs/server-ca.crt. A general ca.crt file is already provided in 'c:/assp/certs/server-ca.crt'. The default value is empty and leave it empty as long as you don't know, how this parameter works. default:

noTLSIP: Exclude these IP's from TLS*
-- Enter IP's that you want to exclude from starting SSL/TLS, separated by pipes (|). For example, put all IP's here, that making trouble to switch to TLS every time, what will prevent ASSP from getting mails from this hosts. default:

banFailedSSLIP: Ban Failed SSL IP
-- If set (recommended is 'both'), an IP that fails to connect via SSL/TLS will be banned for 12 hour from using SSL/TLS.
Privat IP's and IP addresses listed in 'acceptAllMail' will get one more try to correct the mistake.
This is done per default ('both'), to prevent possible DoS attacks via SSL/TLS.
Those IP's are stored in the SSLfailed cache. This cache is cleaned up at startup.
disable - disables this feature, which is highly NOT recommended
private only - only private IP's and IP's in acceptAllMail will be banned (they have two tries)
public only - only public IP's will be banned
both - private and public IP's will be banned
default: 3

noBanFailedSSLIP: Exclude these IP's from SSLfailed Cache*
-- Enter IP's that you want to exclude from being added to the SSLfailed-Cache, separated by pipes (|). default:

sendEHLO: Send EHLO
-- If selected, ASSP sends an EHLO even if the client has sent only a HELO. This is useful to force the usage of TLS to the server or to satisfy XCLIENT/XFORWARD helo offers, because EHLO is needed before STARTTLS or XCLIENT/XFORWARD could be used. default:

SSLRetryOnError: Retry SSL on "SSL want a read first" error
-- If selected, ASSP retries one time to establish a SSL connection with one second delay, if the peer was not ready after STARTTLS because of a "SSL want a read/write first" error. default:

SSLtimeout: SSL Timeout (0-999)
-- SSL/TLS negotiation will timeout after this many seconds. default is : 5 seconds. default: 5

SSLDEBUG: Debug Level for SSL/TLS
-- Set the debug-level for SSL/TLS. Than higher the level, than more information are written to STDOUT! default: 0

webSSLRequireCientCert: Client requires valid SSL Certificate for GUI Requests
-- If enabled and enableWebAdminSSL is set to ON, each browser session is forced to provide a valid SSL client certificate. If no certificate is provided by the client, the connection will fail! To extend the verification of the certificate, use SSLWEBCertVerifyCB . Per default are used 'SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE'
To create a PKCS12 from the PEM formated cert- and key file you can use openssl, like :
openssl pkcs12 -export -clcerts -in client.pem -inkey client.key -out client.p12
The file client.p12 could now be imported in to your browser.
!!! Install a valid certificate in to your browser BEFORE you enable this option - otherwise the GUI will get inaccessible !!!
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLWEBCertVerifyCB: CallBack to Verify Client Certificates for GUI Connections
-- If used, assp will call the defined subroutine as SSL->SSL_verify_callback in an eval closure submitting the original ARRAY of parameters (see the IO::Socket::SSL documentation).
The subroutine has to return 1 on certificate verification success - otherwise 0.
You can use/modify the module lib/CorrectASSPcfg.pm to implement your code. For example

sub checkWebSSLCert {
my ($OpenSSLSays,$CertStackPtr,$DN,$OpenSSLError, $Cert)=@_;
my $subject = Net::SSLeay::X509_NAME_oneline(Net::SSLeay::X509_get_subject_name($Cert));
my $chain = Net::SSLeay::PEM_get_string_X509($Cert);
...any code...;
my $success = eval{verify($Cert);};
return $OpenSSLSays if $@;
my $user = eval{get_owner($Cert);};
return $OpenSSLSays if $@;
my $pass = get_pass($user);};
@main::ExtWebAuth = ($user,$pass)
return $success;
}

Now, if you set this parameter to 'CorrectASSPcfg::checkWebSSLCert' - assp will call
CorrectASSPcfg::checkWebSSLCert->(@_);
The variable '@main::ExtWebAuth' could be used to authenticate the user to the GUI related to the used certificate. The username must be provided as first element of the array. The password could be provided as second element of the array - this is not recommended and it is not required! If the used certificate is valid and a known adminusername (root is provided) is stored as first element in '@main::ExtWebAuth', the user will be automatically logged on to the GUI.
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLWEBConfigure: Call to Configure SSL-Listener-Parameters for GUI Connections
-- If used, assp will call the defined subroutine in an eval closure submitting a reference to the assp predefined SSL-Socket-Configuration-HASH.
The HASH could be modified in place to your needs - please read the documentation of IO::Socket::SSL, Net::SSLeay and OpenSSL. Return values are ignored.
You can use/modify the module lib/CorrectASSPcfg.pm to implement your code. For example

sub configWebSSL {
$parms = shift;
$parms->{timeout} = 10;
$parms->{'SSL_check_crl'} = 1;
$parms->{'SSL_crl_file'} = '/assp/certs/crl/crllist.pem';
return;
}

Now, if you set this parameter to 'CorrectASSPcfg::configWebSSL' - assp will call
CorrectASSPcfg::configWebSSL->(\%sslparms);
NOTICE: This option will possibly not work if you use any self signed certificate! default:

statSSLRequireClientCert: Client requires valid SSL Certificate for STAT Requests
-- If enabled and enableWebStatSSL is set to ON, each session is forced to provide a valid SSL client certificate. If no certificate is provided by the client, the connection will fail! To extend the verification of the certificate, use SSLSTATCertVerifyCB . Per default are used 'SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE'
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLSTATCertVerifyCB: CallBack to Verify Client Certificates for STAT Connections
-- Please read the description of SSLWEBCertVerifyCB .
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLSTATConfigure: Call to Configure SSL-Listener-Parameters for STAT Connections
-- If used, assp will call the defined subroutine in an eval closure submitting a reference to the assp predefined SSL-Socket-Configuration-HASH.
Please follow the description for SSLWEBConfigure .
NOTICE: This option will possibly not work if you use any self signed certificate! default:

smtpSSLRequireClientCert: Client requires valid SSL Certificate for SMTP SSL Connections
-- If enabled, each client or server requesting a connection at the listenPortSSL requires a valid SSL client certificate. If no certificate is provided by the client, the connection will fail! To extend the verification of the certificate, use SSLSMTPCertVerifyCB . Per default are used 'SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE'
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLSMTPCertVerifyCB: CallBack to Verify Client Certificates for SMTP Connections
-- Please read the description of SSLWEBCertVerifyCB .
NOTICE: This option will possibly not work if you use any self signed certificate! default:

SSLSMTPConfigure: Call to Configure SSL-Listener-Parameters for SMTP Connections
-- If used, assp will call the defined subroutine in an eval closure submitting a reference to the assp predefined SSL-Socket-Configuration-HASH.
Please follow the description for SSLWEBConfigure .
NOTICE: This option will possibly not work if you use any self signed certificate! default:

ProxyConf: Transparent TCP Proxy Table*
-- Define transparent Port Proxy here. ASSP will forward incoming packets to a specific destination.
For example: if you want incoming connections on port 465 (SMTP-SSL) to be forwarded to your email server.
Example:0.0.0.0:465=>192.168.1.25:465192.168.1.23:25forwardIP:forwardPORT<=allowfromIP1,allowfromIP2,...|next Proxy configuration|....
You have to configure the IP-address and IP-port for both - local and forward values. AllowfromIP are comma separated values of IP-addresses from where connections are allowed. If there is no allow value defined, all connections will be allowed!
SSL Proxy and TLS support default:

Global PenaltyBox

globalClientName: client registration name
-- The Name of this global-client for registration on the global-server. This entry has to be the full qualified DNS-Name of the IP-address over which ASSP is doing HTTP-requests! If you are using a HTTP-Proxy, this should be the public IP-address of the last Proxy in chain! This DNS-Name has to be resolvable worldwide and the resolved IP-address has to match the ASSP-HTTP-connection-IP-address. It is not possible to use an IP-address in this field! Dynamic DNS-Names like "yourdomain.dyndns.org" are supported!
To become a member of the exclusive global-penalty-box-users, you will need a subscription and you will have to pay a yearly maintenance fee. To get registered and/or to get more information, please send an email with your personal/company details and the globalClientName to "assp.globalpb@thockar.com".
The name of this client has to be known by the global server before it could be registered from here. Please wait until you have confirmation that your client name is known by the global server.
In addition to Compress::Zlib this requires an installed LWP::UserAgent module in PERL. default:

globalClientPass: client registration password
-- If the global client is registered on the global-server, you will see a number of "*" in this field. This field is readonly. default:

globalClientLicDate: client subscription expiration date
-- The date of license/subscription expiration for this global client. If this date is exceeded, no upload and download of global PB will be done! This field is readonly. default:

DoGlobalBlack: Enable the Global-Black-Penalty
-- Enables the merge of the Black-Penalty-Box-Entries, if the client is registered on the global-PB-server. Upload and download of the black penalty entries are done independent from this setting as long as any of GPBDownloadLists or GPBautoLibUpdate is activated. default:

globalValencePB: Value for Global-Black-PB Entries +
-- This penalty-value will be given to downloaded Black-Penalty-Box-Entries. As long as entries have the "GLOBALPB" state, they will never become extreme-Black. It is recommended to set this value above PenaltyLimit! default: 20

globalBlackExpiration: Expiration for Global-PB-Black Records
-- Global-Black-Penalties will expire after this number of hours. default: 48

DoGlobalWhite: Enable the Global-White-Penalty
-- Enables the merge of the White-Penalty-Box-Entries, if the client is registered on the global-PB-server. Upload and download of the white penalty entries are done independent from this setting as long as any of GPBDownloadLists or GPBautoLibUpdate is activated. default:

globalWhiteExpiration: Expiration for Global-PB-White Records(days)
-- Global-White-Penalties will expire after this number of days. default: 7

GPBDownloadLists: Download List and Regex Updates from GPB-Server
-- Select, if assp should download updates for lists and regular expressions from the global penaltybox server. Downloads will be done to the 'download' folder. If install is selected, the downloaded lines will merged in to the defined files (file:...). If you want to disable a specific line in any of your files, do not delete the line, instead comment it out - putting a '#' or ';' in front of the line. If any list is not configured using the 'file:...' option, only the download will be done, even if install is selected. To disable a line that was added by the GPB-server to your file - simply commend the line out (# or ;). If you remove such a line, it could be possibly added again by the next GPB check. To change a line that was added by the GPB-server to your file - disable the line and customize a copied line to your needs. default: 2

GPBautoLibUpdate: Download Plugin and Library Updates from GPB-Server
-- Select, if assp should download updates for Plugins or Library-Files (../lib) from the global penaltybox server. Downloads will be done to the 'download' folder. If install is selected, the downloaded Plugins and/or modules will be installed in to there original location, if an older version of the file still exists. If an older version is not found, only the download will be done. To activate updated Plugins or modules a restart of assp is required. This feature will not force an automatic restart of assp!.
Notes On Global Penalty Box default: 2

Block Reporting

ExtraBlockReportLog: Enable extra Logging for BlockReports
-- Maillogs could grow to a very large size. Enable this feature to log only loglines with blocking information to an extra file. These files will be named as "b" + logfile . Using this option will speed up Block Reporting. Before you switch on this option, you should run "grep"[linux/MacOS] or "find"[Windows] to create the "b" - file from the maillogs.
linux/MacOS - grep "[spam found]" maillog.txt > bmaillog.txt
Windows - find "[spam found]" maillog.txt > bmaillog.txt default: 1

EmailBlockReport: Request Block Report
-- Any mail sent by local/authenticated users to this username will be interpreted as a request to get a report about blocked emails. Do not put the full address here, just the user part. For example: asspblock
Leading digits/numbers in the mail subject will be interpreted as "report request for the last number of days". If the number of days is not specified in the mail subject, a default of 5 days will be used to build the report.
All characters behind the "number of days" will be interpreted as a regular expression to overwrite the BlockReportFilter - leading and trailing white spaces will be ignored.
Users defined in EmailBlockTo, EmailAdmins, BlockReportAdmins and EmailAdminReportsTo are 'Admins' and can request a report for multiple users. They have to use a special syntax with '=>' in the body of the report request. The syntax is:
QueryAddress=>ReportRecipient=>ReportDays - there are many possible combinations of this three parameters. For example:
user@domain and user@domain=>user@domain - will send a report for this user to this user
@domain (better use) @domain=> - will send a report for every blocked user in this domain to this user
user@domain=>recipient@any-domain - will send a report for user@domain to recipient@any-domain
@domain=>recipient@any-domain - will send a report for every blocked user in this domain to recipient@any-domain
It is possible to define a group ( Groups ) in the first parameter like:
[user@domain]=>recipient@any-domain
The group name must be a lower case email address of a local domain without any wildcard. This will create a combined block report for all email addresses defined in this group - useful, if someone has multiple email addresses and wants to get a single report.
If the group name is equal to a real existing email address of a user, and this user requests a block report using this email address (MAIL FROM:), a combined block report for the group will be generated.
A third parameter is possible to set, which defines the number of days for which the report should be created. The default (if empty or not defined) is one day. This value is used to calculate the 'next run date'. For example:
@domain=>recipient@any-domain=>2 - creates a report for two days.
@domain=>=>14 - creates a report for 14 days.
user@domain=>=>3 or user@domain=>=>3 - creates a report for three days. The second parameter is here empty or .
To overwrite the defined BlockReportFilter, you can define a fourth parameter, which contains the regular expression to use.
@domain=>=>14=>virus|newsletter - creates a report for 14 days and skips all lines that contains the words 'virus' or 'newsletter'.
If an admin emails a block report request and specifies a filter in the subject of the email and a fourth parameter in the body, both regular expressions will be merged in to a single regex for each line.
If you or a user want the default BlockReportFilter to become part of the overwrite regex, the literal '$BRF' should be included in the regex like:
@domain=>=>14=>virus|$BRF|newsletter - or even in the subject of the email
In this case the literal '$BRF' will be replaced by the BlockReportFilter.
Only Admins are able to request blockreports for non local email addresses. For example:
user@non_local_domain=>recipient@any-domain=>4
@non_local_domain=>recipient@any-domain=>4
This will result in an extended blockreport for the non local address(es). Replace 'non_local_domain' with the domain name you want to query for.
It is possible to change the complete design of the BlockReports to your needs, using a html-css file. A default css-file 'blockreport.css' is in the image folder as is a default icon file 'blockreporticon.gif' and a default header-image-file 'blockreport.gif'. These are optional files - If assp can not find these files in its
image folder, it will use the default hardcoded css and icon. If the file 'blockreport.gif' is not found 'logo.gif' will be used.
To change any content, use the Blockreport::modify module in the lib folder. You'll need some Perl skills to do that.

default: asspblock

EmailBlockReportDomain: Request Blocked Email Domain
-- Set this to the domain to which the users can send a request to receive blocked messages. For example: @assp.local. Notice the leading required '@'! default: @assp.local

EmailBlockReply: Reply to Block-Report Request
-- default: 1

QueueUserBlockReports: Queue User Block Report Requests
-- How to process block report requests for users ( not EmailBlockTo, EmailAdmins, BlockReportAdmins, EmailAdminReportsTo ).
'run instantly' - the request will be processed instantly (not stored).
'store and run scheduled' - (deprecated) the request will be stored/queued, runs permanently scheduled at BlockReportSchedule until it will be removed from queue - a '+' in the subject is not needed
To add a request to queue, the user has to send an email to EmailBlockReport. Leading digits/numbers in the mail subject will be interpreted as "report request for the last number of days". If the number of days is not specified in the mail subject, a default of 5 days will be used to build the report.
If 'run instantly' is selected, but a user wants to schedule a permanent request, a leading '+' before the digits in subject is required.
To remove a request from queue the user has to send an email to EmailBlockReport with a leading '-' in the subject.
default: 0

QueueSchedule: Runtime for Queued Requests ^s
-- Runtime hour for reports in QueueUserBlockReports. Set a number between 0 and 23. 0 means midnight and is default default: 0

BlockRepForwHost: Forward The Blockreportrequest to other ASSP
-- If you are using more than one ASSP (backup MX), define the IP-address and relayPort (x.x.x.x:ppp - for SSL use SSL:x.x.x.x:ppp) of the other ASSP here (separate multiple entries by "|"). The Blockreportrequest will be forwarded to this ASSP and the user will get a blockreport from every ASSP. The forwarded request has the same sender and recipient like the original request. So EmailBlockReport and EmailBlockReportDomain have to be configured identically on all ASSP!!!! Resend requests are automatic forwarded to the right (or next) host, if ASSP finds the hostname in the subject of the request. If you have more than two ASSP, the logical sending structure must be a star. If ASSP(A) (the sun) is in the middle and you have also ASSP(B), ASSP(C) and ASSP(D) (satellites), ASSP(A) should know C,B and D, and B,C and D should only know A.
If a forward host is unreachable, the forward request will be queued for a maximum of 24 hours and the user will be informed sending the 'reports/blockreportforwarderror.txt' file.
The perl module Net::SMTP is required to use this feature (for SSL - Net::SMTP::SSL is required). default:

EmailBlockTo: Send Copy of Block-Reports TO
-- Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com default:

BlockReportAdmins: BlockReport Admins
-- A list of local addresses, which have the same rights like EmailAdmins, but only for all BlockReport functions (nothing else). Leave this field blank (default), to disable this feature.
This is useful, if a user must request BlockReports or resend mails for other users like an EmailAdmin and BlockReportAdmin can do it, but should not have other extended rights to use the EmailInterface.
Accepts specific addresses (user@domain.com), user parts (user). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna default:

EmailAdminDomains: Email Admin BlockReport User and Domain Restrictions
-- Use this parameter to restrict users registered in EmailAdmins, BlockReportAdmins, EmailAdminReportsTo and EmailBlockTo to a list of domains or users, for which they can request BlockReports.
It is possible to use defined GROUPS on both sites. The file: option is required. Use the following syntax to define an entry (one per line):
EmailAdminAddress=>@domain1,@domain2,user@domain3,...
EmailAdminAddress1|EmailAdminAddress2=>@domain1,@domain2,user@domain3,...
[group_of_EmailAdminAddresses]=>@domain1,@domain2,user@domain3,...
[group_of_EmailAdminAddresses]=>[group_of_domains],...
Wildcards are allowed to be used only in the domain definition - like @*.domain.tld - separate multiple domains by comma.
If an address of an EmailAdmin or BlockReportAdmin is defined multiple times, all entries are used in an "AND" logic.
If a BlockReport is requested for a not allowed email address, the complete BlockReport request will be ignored.
If an EmailAdmins or BlockReportAdmins address is not registered in this parameter, he/she is able to request BlockReports for all domains. default:

EmailResendRequester: Blocked Email Resend Requester
-- A list of local addresses, which are allowed to request a resend of blocked emails for other users, even they are not EmailAdmins or BlockReportAdmins . Leave this field blank (default), to disable this feature.
This is useful, if a user gets automatic generated BlockReports (e.g via BlockReportFile ) for a group of users and should be able to manage resends for them. Added here, the user is not allowed to request BlockReports for other users - in this case use EmailAdmins, BlockReportAdmins and EmailAdminDomains instead.
The resend is done to the recipient stored in the X-Assp-Intended-For: ( requires AddIntendedForHeader ) header field and the requester, if the address was found in a TO: header field.
Accepts specific addresses (user@domain.com), user parts (user). Wildcards are supported (fribo@domain.com).
For example: fribo*@thisdomain.com|jhanna default:

BlockReportFile: File for Blockreportrequest
-- A file with BlockReport requests. ASSP will generate a block report for every line in this file (file:files/blockreportlist.txt - file: is required if defined!) every day at midnight for the last day. The perl modules Net::SMTP and Email::MIME are required to use this feature. A report will be only created, if there is at least one blocked email found! The syntax is:
QueryAddress=>ReportRecipient=>ReportDays - there are many possible combinations of this three parameters. For example:
user@domain and user@domain=>user@domain - will send a report for this user to this user
@domain (better use) @domain=> - will send a report for every blocked user in this domain to this user
@ - creates a report for all local users in all local domains
user@domain=>recipient@any-domain - will send a report for user@domain to recipient@any-domain
@domain=>recipient@any-domain - will send a report for every blocked user in this domain to recipient@any-domain
It is possible to define a group ( Groups ) in the first parameter like:
[user@domain]=>recipient@any-domain
The group name must be a lower case email address of a local domain without any wildcard. This will create a combined block report for all email addresses defined in this group - useful, if someone has multiple email addresses and want's to get a single report.
An optional third parameter can define the number of days for which the report should be created. The default (if empty or not defined) is one day. This value is used to calculate the 'next run date'. For example:
@domain=>recipient@any-domain=>2 - creates a report for two days.
@domain=>=>14 - creates a report for 14 days.
user@domain=>=>3 or user@domain=>=>3 - creates a report for three days. The second parameter is here empty or !
To overwrite the defined BlockReportFilter, you can define a fourth parameter, which contains the regular expression to use.
@domain=>=>14=>virus|newsletter - creates a report for 14 days and skips all lines that contains the words 'virus' or 'newsletter'.
A fifth parameter could be used to schedule (cron) a BlockReport. If this parameter is used, the line will be ignored at BlockReportSchedule. For the syntax of the cron entry, please read RebuildSchedule . Multiple schedules in one line could be separated by pipe (|).
@domain=>it_dep@domain=>7=>virus|newsletter=>0 0 * 0 - creates a report every Sunday at 00:00 for the last seven days
@domain=>it_dep@domain=>2=>virus|newsletter=>0 0 * 2,4,6|0 12 * 1 - creates a report every Tuesday,Thursday,Saturday at 00:00 and at every Monday at 12:00 for the last two days
Only Admins are able to request blockreports for non local email addresses. For example:
user@non_local_domain=>recipient@any-domain=>4
*@non_local_domain=>recipient@any-domain=>4
This will result in an extended blockreport for the non local address(es). Replace 'non_local_domain' with the domain name you want to query for. default:

BlockReportSchedule: Runtime BlockReportFile ^s
-- Runtime hour for reports in BlockReportFile. Set a number between 0 and 23. 0 means midnight and is default. default: 0

BlockReportNow: Generate a BlockReport from BlockReportFile Now
-- If selected, ASSP will generate a block report from BlockReportFile now. default:

BlockMaxSearchTime: Max Search time per log File
-- The maximum time in seconds, the Blockreport feature spends on searching in one log file. If this value is reached, the next log file will be processed. Default is 0. A value of 0 disables this feature and all needed log files will be fully processed. default: 0

BlockReportFormat: The format of the Report Email
-- Block reports will be sent as multipart/alternative MIME messages. They normally contains two parts, a plain text part and a html part. Select "text only" or "html only" if you want to skip any of this parts.
To make it possible to detect a resent email, ASSP will add a header line "X-Assp-Resend-Blocked: myName" to each email! default: 0

BlockReportHTTPName: My HTTP Name
-- The hostname for HTTP(S) links in AdminUsers Blockreports. If not defined the local hostname will be used. default:

BlockReportFilter: Regular Expression to Skip Log Records*
-- Put anything here to identify messages which should not be reported in any Block Report. For example: Virus|BlackDomain.
For individual filter settings, it is possible to overwrite this value in the BlockReportFile for every single line and in every request per email using the subject line ( read EmailBlockReport ). default: Virus|BlackDomain

DoT10Stat: Collect multiple TopTen Statistics
-- enable the top ten statistic count (blocked IP's, blocked senders, blocked recipients) and the output in the GUI and BlockReports for admins. default:

inclResendLink: Include a Resend-Link for every resendable email
-- Block reports will be sent as multipart/alternative MIME messages. They contains two parts, a plain text part and a html part. If a blocked email is stored in any folder, it is possible to include a link for each email in to the report. Define here what you want ASSP to do. Default is "in both". If set to not to disabled " fileLogging " will be automatically set to on. default: 3

BlockResendLink: Which Link Should be included
-- If HTML is enabled in inclResendLink, two links (one on the left and one on the right site) will be included in the report email by default. Depending on the used email clients it could be possible, that one of the two links will not work for you. Try out what link is working and disable the other one, if you want. default: 0

BlockResendLinkLeft: User which get the Left link only*
-- List of users and domains that will get the left link only. The setting for BlockResendLink will be ignored for this entries! default:

BlockResendLinkRight: User which get the right link only*
-- List of users and domains that will get the right link only. The setting for BlockResendLink will be ignored for this entries! default:

DelResendSpam: Delete Mails in Spam Folder
-- If selected, a user request to resend a blocked email will delete the file in the spamlog folder - an admin request will move the file to the correctednotspam folder. default: 1

autoAddResendToWhite: Automatic add Resend Senders to Whitelist
-- If a BlockReport resend request is made by any of the selected users, the original sender of the resent mail will be added to whitelist, also a copy file to the resend folder will do that.
Notes On Block Reporting
default: 0

SNMP Configuration

SNMP: Enable the ASSP-SNMP Interface
-- This enables the AgentX registration of assp to a SNMP master-AgentX. ASSP will be registered to the master-AgentX as 'assp_myName', the possible configuration file name will be assp_myName.conf . This option requires the installed perl module NetSNMP::agent. The product and needed librarys could be downloaded at net-snmp.org.
All configuration values are accessed using the SNMPUser account. The SNMP-permission and visibility is used from the configured user GUI-permissions.

The following OIDs (relative to the SNMPBaseOID) are available for SNMP-queries. The configuration values are changeable via snmp. The file mib/ASSP-MIB could be used in SNMP browsers to get a human readable view of the OID's (copy it to the net-snmp MIB file location - eg: [C:]/usr/share/snmp/mibs and the MIB location of your SNMP browser). Please keep in mind, that an extensive usage of SNMP queries will slow down assp.

.1 - runtime information
.1.0 - assp healthy status boolean 0/1
.1.1 - assp healthy status text
.1.2 - ASSP runtime status boolean 0/1 0=shutdown in progress - 1=running
.1.3 - ASSP runtime status text
.1.4 - ASSP version string
.1.5 - ASSP script name
.1.6 - Perl version string
.1.7 - Perl executable name
.1.8 - operating system name
.1.9 - hostname where ASSP is running on
.1.10 - IP-host where ASSP is running on
.1.11 - myName
.1.12 - URL to new ASSP version download
.1.13 - currently running tasks
.1.14 - current assp memory usage in MB
.1.20 - schedule information
.1.20.1 - next BerkeleyDB sync
.1.20.2 - next scheduled Config reload
.1.20.3 - next BATVTag cache cleaning
.1.20.4 - next general cache cleaning
.1.20.5 - next IP-per-Domain cache cleaning
.1.20.6 - next DelayDB cache cleaning
.1.20.7 - next Penaltybox cache cleaning
.1.20.8 - next Database Backup
.1.20.9 - next Database Connection Check
.1.20.10 - next DNS Connection Check
.1.20.11 - next hourly job runs (at)
.1.20.12 - next Database Export
.1.20.13 - next upload for Global-Black
.1.20.14 - next upload for Global-White
.1.20.15 - next Hash-File-Check (option files)
.1.20.16 - next LDAP-cross-Check
.1.20.17 - next RebuildSpamDB
.1.20.18 - next ResendMail
.1.20.19 - next ASSPFileDownload (assp.pl)
.1.20.20 - next Version File Download (version.txt)
.1.20.21 - next BackDNS File Download
.1.20.22 - next Code Change Check
.1.20.23 - next Droplist Download
.1.20.24 - next Griplist Download
.1.20.25 - next POP3Collect
.1.20.26 - next Save Stats
.1.20.27 - next TLDlist Download
.1.20.28 - next Sync Config
.1.20.29 - next Groups File Reload
.1.20.30 - next BlockReport Schedule
.1.20.31 - next File Age Schedule
.1.20.32 - next BlockReport Queue Schedule

.1.30.X - worker status (boolean) X = worker
.1.30.X.1 - worker time since last loop (text) X = worker
.1.30.X.2 - worker last action (text) X = worker

.1.31.0 - general database status (boolean) 0/1
.1.31.0.1 - general database status (text)
.1.31.X - database table status (boolean) 0/1 - X >= 1
.1.31.X.1 - database table name - X >= 1 related to .1.31.X

.2 - Configuration - X is the internal value number adapted from the language files
.2.H - heading description - H is the internal GUI heading number
.2.H.X - config value

.3 - assp module information - X is a counter up from zero
.3.X - module name
.3.X.1 - installed module version
.3.X.2 - required module version
.3.X.3 - module installation status
.3.X.4 - download URL for the module

.4 - assp runtime status
.4.1 - current stat - X is a counted number
.4.1.X - current stat value

.4.2 - cumulative stat - X is a counted number
.4.2.X - cumulative stat value

.4.3 - current total stat - X is a counted number
.4.3.X - current total value

.4.4 - cumulative total stat - X is a counted number
.4.4.X - cumulative total stat value

.4.5 - current scoring stat - X is a counted number
.4.5.X - current scoring stat value

.4.6 - cumulative scoring stat - X is a counted number
.4.6.X - cumulative scoring stat value

.5.0 - SNMP-API : is writeable - accepts internal subroutine command/call to be executed
.5.1 - the result of the last SNMP-API call (success or error)
default: 0

SNMPBaseOID: SNMP Base OID
-- The Base OID that should be used by assp. This OID will be registered to the master-AgentX. The master-AgentX will then redirect all requests for this OID and sub OID's to assp! The default setting .1.3.6.1.4.1.37058.2 is needed to use the MIB file mib/ASSP-MIB in SNMP browsers. default: .1.3.6.1.4.1.37058.2

SNMPreturnBOOL: How to return Boolean Values
-- How should assp return boolean values for status OIDs. Use another setting than the default ASN_BOOLEAN, if your SNMP application or browser does not understand it! default: ASN_BOOLEAN

SNMPUser: ASSP User Account used for SNMP Requests
-- The Admin Users account used for SNMP requests. If the user does no longer exists, the root account will be used! default: root

SNMPwriteable: Allow Config Changes via SNMP
-- Allow configuration changes via SNMP. Do not forget to setup your SNMP configuration file to secure the access to SNMP. All configuration changes via SNMP are done using the SNMPUser account! default: 1

SNMPAgentXSocket: The Socket use to connect to the master-AgentX
-- How to connect to the master-AgentX. Please read the net-snmp documentation for more details.
Notes On SNMP
default: tcp:localhost:705

POP3 Collecting

POP3ConfigFile: POP3 Configuration File*
-- The file with a valid POP3 configuration. Only the file: option is allowed to use.
If the file exists and contains at least one valid POP3 configuration line and POP3Interval is configured, assp will collect the messages from the configured POP3-servers.
Each line in the config file contains one configuration for one user.
All spaces will be removed from each line.
Anything behind a # or ; is consider a comment.
If the same POP3-user-name is used multiple times, put two angles with a unique number behind the user name. The angles and the number will be removed while processing the configuration.
e.g: pop3user<1> will result in pop3user - or - myName@pop3.domain<12> will result in myName@pop3.domain
It is possible to define commonly used parameters in a separate line, which begins with the case sensitive POP3-username "COMMON:=" - followed by the parameters that should be used for every configured user.
A commonly set parameter could be overwritten in every user definition.
Each configuration line begins with the POP3-username followed by ":=" : e.g myPOP3userName:=
This statement has to followed by pairs of parameter names and values which are separated by commas - the pairs inside are separated by "=".
e.g.: POP3username<num>:=POP3password=pop3_pass,POP3server=mail.gmail.com,SMTPsendto=demo@demo_smtp.local,......
The following case sensitive keywords are supported in the config file:

POP3password=pop3_password
POP3server=POP3-server or IP[:Port]
SMTPsender=email_address
SMTPsendto=email_address or <TO:> or <TO:email_address>
SMTPserver=SMTP-server[:Port]
SMTPHelo=myhelo
SMTPAUTHuser=smtpuser
SMTPAUTHpassword=smtppass
POP3SSL=0/1

POP3SSL, SMTPHelo, SMTPsender, SMTPAUTHuser and SMTPAUTHpassword are optional.
If POP3SSL is set to 1 - POP3S will be done! The Perl module IO::Socket::SSL is required for POP3S!
If SMTPsender is not defined, the FROM: address from the header line will be used - if this is not found the POP3username will be used.
If the <TO:> syntax is used for SMTPsendto, the mail will be sent to any recipient that is found in the "to: cc: bcc:" header lines if it is a local one.
If the <TO:email_address> syntax is used for SMTPsendto, the literals NAME and/or DOMAIN will be replaced by the name part and/or domain part of the addresses found in the "to: cc: bcc:" header lines. This makes it possible to collect POP3 mails from a POP3 account, which holds mails for multiple recipients.
For example: TO:NAME@mydomain.com or TO:NAME@subdomain.DOMAIN or TO:central-account@DOMAIN
If the <TO:> or <TO:email_address> syntax is used for SMTPsendto, "localDomains" and/or "localAddresses_Flat" must be configured to prevent too much error for wrong recipients defined in the "to: cc: bcc:" header lines. The POP3collector will not do any LDAP or VRFY query!
If you want assp to detect SPAM, use the listenPort or listenPort2 as SMTP-server.
To use this feature, you have to install the perl script "assp_pop3.pl" in the assp- base directory. default: file:files/pop3cfg.txt

POP3Interval: POP3 Collecting Interval ^s
-- The interval in minutes, assp should collect messages from the configured POP3-servers. A value of zero disables this feature. default: 0

POP3fork: POP3 Collector forks to a new Process
-- If selected, the POP3 collection will be started in a new process (fork). This prevents the MaintThread from waiting until the POP3 collection has finished. Do not select this option, if you are testing the POP3 collection - to get all output from the collector! It is recommended to set this option after you've verified that the POP3 collector is running well. default:

POP3KeepRejected: POP3 Keep Rejected Mails on POP3 Server
-- If selected, any collected POP3 mail that fails to be sent via SMTP (because of being SPAM - in case rejected by the SMTP server) will be kept on the POP3 server. default:

POP3debug: POP3 debug
-- If selected, the POP3 collection will write debug output to the log file. Do not use it, unless you have problems with the POP3 collection!
Notes On POP3 collecting
default:

Module Setup

useASSP_FC: Use Module ASSP_FC
-- If selected, the perl module ASSP_FC will be loaded if it is installed. If not selected, ASSP will not load the perl module ASSP_FC even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useASSP_SVG: Use Module ASSP_SVG
-- If selected, the perl module ASSP_SVG will be loaded if it is installed. If not selected, ASSP will not load the perl module ASSP_SVG even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for enableGraphStats and maybe some other features. default: 1

useASSP_WordStem: Use Module ASSP_WordStem
-- If selected, the perl module ASSP_WordStem will be loaded if it is installed. If not selected, ASSP will not load the perl module ASSP_WordStem even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useAsspSelfLoader: Use Module AsspSelfLoader
-- If selected, the perl module AsspSelfLoader will be loaded if it is installed. If not selected, ASSP will not load the perl module AsspSelfLoader even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useAuthenSASL: Use Module Authen::SASL
-- If selected, the perl module Authen::SASL will be loaded if it is installed. If not selected, ASSP will not load the perl module Authen::SASL even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for relayAuthUser and maybe some other features. default: 1

useBerkeleyDB: Use Module BerkeleyDB
-- If selected, the perl module BerkeleyDB will be loaded if it is installed. If not selected, ASSP will not load the perl module BerkeleyDB even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for DoHMM HMMusesBDB downloadBackDNSFile spamdb useDB4griplist DBdriver importDBDir useDB4IntCache useDB4Rebuild SNMP and maybe some other features. default: 1

useCompressZlib: Use Module Compress::Zlib
-- If selected, the perl module Compress::Zlib will be loaded if it is installed. If not selected, ASSP will not load the perl module Compress::Zlib even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for AutoUpdateASSP EnableHTTPCompression globalClientName and maybe some other features. default: 1

useConvertTNEF: Use Module Convert::TNEF
-- If selected, the perl module Convert::TNEF will be loaded if it is installed. If not selected, ASSP will not load the perl module Convert::TNEF even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for doInFixTNEF doOutFixTNEF and maybe some other features. default: 0

useDB_File: Use Module DB_File
-- If selected, the perl module DB_File will be loaded if it is installed. If not selected, ASSP will not load the perl module DB_File even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for useDB4Rebuild and maybe some other features. default: 0

useDigestMD5: Use Module Digest::MD5
-- If selected, the perl module Digest::MD5 will be loaded if it is installed. If not selected, ASSP will not load the perl module Digest::MD5 even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for DelayMD5 and maybe some other features. default: 1

useDigestSHA1: Use Module Digest::SHA1
-- If selected, the perl module Digest::SHA1 will be loaded if it is installed. If not selected, ASSP will not load the perl module Digest::SHA1 even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for DoMSGIDsig DoBATV and maybe some other features. default: 1

useEmailMIME: Use Module Email::MIME
-- If selected, the perl module Email::MIME will be loaded if it is installed. If not selected, ASSP will not load the perl module Email::MIME even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for ValidateURIBL DoBlockExes EmailSpam EmailHam EmailAnalyze UseUnicode4MaillogNames UseUnicode4SubjectLogging inChrSetConv outChrSetConv doInFixTNEF doOutFixTNEF BlockReportFile and maybe some other features. default: 1

useEmailSend: Use Module Email::Send
-- If selected, the perl module Email::Send will be loaded if it is installed. If not selected, ASSP will not load the perl module Email::Send even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for resendmail and maybe some other features. default: 1

useFileReadBackwards: Use Module File::ReadBackwards
-- If selected, the perl module File::ReadBackwards will be loaded if it is installed. If not selected, ASSP will not load the perl module File::ReadBackwards even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useFileScanClamAV: Use Module File::Scan::ClamAV
-- If selected, the perl module File::Scan::ClamAV will be loaded if it is installed. If not selected, ASSP will not load the perl module File::Scan::ClamAV even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for UseAvClamd and maybe some other features. default: 1

useIOSocketINET6: Use Module IO::Socket::INET6
-- If selected, the perl module IO::Socket::INET6 will be loaded if it is installed. If not selected, ASSP will not load the perl module IO::Socket::INET6 even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for enableINET6 and maybe some other features. default: 1

useIOSocketSSL: Use Module IO::Socket::SSL
-- If selected, the perl module IO::Socket::SSL will be loaded if it is installed. If not selected, ASSP will not load the perl module IO::Socket::SSL even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for syncUsesSSL smtpDestination smtpDestinationSSL smtpAuthServer relayHost EmailReportDestination DoLDAPSSL enableWebAdminSSL enableWebStatSSL DoTLS SSL_version SSLWEBCertVerifyCB SSLWEBConfigure POP3ConfigFile and maybe some other features. default: 1

useLWPSimple: Use Module LWP::Simple
-- If selected, the perl module LWP::Simple will be loaded if it is installed. If not selected, ASSP will not load the perl module LWP::Simple even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useMIMETypes: Use Module MIME::Types
-- If selected, the perl module MIME::Types will be loaded if it is installed. If not selected, ASSP will not load the perl module MIME::Types even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for doInFixTNEF doOutFixTNEF and maybe some other features. default: 1

useMailDKIMVerifier: Use Module Mail::DKIM::Verifier
-- If selected, the perl module Mail::DKIM::Verifier will be loaded if it is installed. If not selected, ASSP will not load the perl module Mail::DKIM::Verifier even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for DoDKIM and maybe some other features. default: 1

useMailSPF: Use Module Mail::SPF
-- If selected, the perl module Mail::SPF will be loaded if it is installed. If not selected, ASSP will not load the perl module Mail::SPF even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for ValidateSPF SPF2 LocalPolicySPF and maybe some other features. default: 1

useMailSPFQuery: Use Module Mail::SPF::Query
-- If selected, the perl module Mail::SPF::Query will be loaded if it is installed. If not selected, ASSP will not load the perl module Mail::SPF::Query even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for SPF2 LocalPolicySPF and maybe some other features. default: 1

useMailSRS: Use Module Mail::SRS
-- If selected, the perl module Mail::SRS will be loaded if it is installed. If not selected, ASSP will not load the perl module Mail::SRS even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for EnableSRS and maybe some other features. default: 0

useNetCIDRLite: Use Module Net::CIDR::Lite
-- If selected, the perl module Net::CIDR::Lite will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::CIDR::Lite even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useNetDNS: Use Module Net::DNS
-- If selected, the perl module Net::DNS will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::DNS even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for ValidateRWL DoReversed DoInvalidPTR ValidateRBL ValidateURIBL DoBackSctr and maybe some other features. default: 1

useNetIP: Use Module Net::IP
-- If selected, the perl module Net::IP will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::IP even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useNetLDAP: Use Module Net::LDAP
-- If selected, the perl module Net::LDAP will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::LDAP even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for ldLDAP DoLDAP and maybe some other features. default: 1

useNetSMTP: Use Module Net::SMTP
-- If selected, the perl module Net::SMTP will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::SMTP even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for enableCFGShare syncUsesSSL localDomains BlockRepForwHost BlockReportFile and maybe some other features. default: 1

useNetSMTPSSL: Use Module Net::SMTP::SSL
-- If selected, the perl module Net::SMTP::SSL will be loaded if it is installed. If not selected, ASSP will not load the perl module Net::SMTP::SSL even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for syncUsesSSL BlockRepForwHost and maybe some other features. default: 1

useNetAddrIPLite: Use Module NetAddr::IP::Lite
-- If selected, the perl module NetAddr::IP::Lite will be loaded if it is installed. If not selected, ASSP will not load the perl module NetAddr::IP::Lite even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useNetSNMPagent: Use Module NetSNMP::agent
-- If selected, the perl module NetSNMP::agent will be loaded if it is installed. If not selected, ASSP will not load the perl module NetSNMP::agent even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for SNMP and maybe some other features. default: 0

usePerlIOscalar: Use Module PerlIO::scalar
-- If selected, the perl module PerlIO::scalar will be loaded if it is installed. If not selected, ASSP will not load the perl module PerlIO::scalar even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useRegexpOptimizer: Use Module Regexp::Optimizer
-- If selected, the perl module Regexp::Optimizer will be loaded if it is installed. If not selected, ASSP will not load the perl module Regexp::Optimizer even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useScheduleCron: Use Module Schedule::Cron
-- If selected, the perl module Schedule::Cron will be loaded if it is installed. If not selected, ASSP will not load the perl module Schedule::Cron even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for ReStartSchedule MemoryUsageCheckSchedule RebuildSchedule and maybe some other features. default: 1

useSysCpuAffinity: Use Module Sys::CpuAffinity
-- If selected, the perl module Sys::CpuAffinity will be loaded if it is installed. If not selected, ASSP will not load the perl module Sys::CpuAffinity even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for asspCpuAffinity and maybe some other features. default: 1

useSysMemInfo: Use Module Sys::MemInfo
-- If selected, the perl module Sys::MemInfo will be loaded if it is installed. If not selected, ASSP will not load the perl module Sys::MemInfo even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useSysSyslog: Use Module Sys::Syslog
-- If selected, the perl module Sys::Syslog will be loaded if it is installed. If not selected, ASSP will not load the perl module Sys::Syslog even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for sysLog and maybe some other features. default: 1

useTextUnidecode: Use Module Text::Unidecode
-- If selected, the perl module Text::Unidecode will be loaded if it is installed. If not selected, ASSP will not load the perl module Text::Unidecode even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for DoTransliterate and maybe some other features. default: 1

useThreadState: Use Module Thread::State
-- If selected, the perl module Thread::State will be loaded if it is installed. If not selected, ASSP will not load the perl module Thread::State even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for WorkerCPUPriority and maybe some other features. default: 1

useTieRDBM: Use Module Tie::RDBM
-- If selected, the perl module Tie::RDBM will be loaded if it is installed. If not selected, ASSP will not load the perl module Tie::RDBM even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for myhost and maybe some other features. default: 1

useUnicodeGCString: Use Module Unicode::GCString
-- If selected, the perl module Unicode::GCString will be loaded if it is installed. If not selected, ASSP will not load the perl module Unicode::GCString even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useWin32APIOutputDebugString: Use Module Win32::API::OutputDebugString
-- If selected, the perl module Win32::API::OutputDebugString will be loaded if it is installed. If not selected, ASSP will not load the perl module Win32::API::OutputDebugString even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 0

useWin32Daemon: Use Module Win32::Daemon
-- If selected, the perl module Win32::Daemon will be loaded if it is installed. If not selected, ASSP will not load the perl module Win32::Daemon even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart! default: 1

useWin32Unicode: Use Module Win32::Unicode
-- If selected, the perl module Win32::Unicode will be loaded if it is installed. If not selected, ASSP will not load the perl module Win32::Unicode even it is installed and several features of ASSP will not be available! It is recommended to disable installed but unused modules to reduce the required memory. Requires ASSP restart!
This module is possibly used for UseUnicode4MaillogNames and maybe some other features. default: 1

ASSP_AFC-Plugin

DoASSP_AFC: Do the ASSP_AFC Plugin
-- This plugin is an addon to the default attachment- and ClamAV- engine of ASSP. The default engines only scannes the first MaxBytes/ClamAVBytes of an email. If you enable this plugin, the complete mail will be scanned for bad attachments and/or viruses!
The default engine(s) will be disabled by this enhanced version. Before you enable this plugin, please go to the configuration section(s) and configure the values for attachments and/or ClamAV! This plugin requires an installed Email::MIME module in PERL.
This plugin is designed for- and running in call/run level 'complete mail'! default: 0

ASSP_AFCSelect: Select the ASSP_AFC Plugin Action
-- If you enable one or both options of this plugin, the complete mail will be scanned for bad attachments and/or viruses! default: 3

ASSP_AFCPriority: the priority of the Plugin
-- Sets the priority of this Plugin within the call/run-level 'complete mail'. The Plugin with the lowest priority value is processed first! default: 6

Those definitions (leading zip:) are only used inside compressed files.
The extension 'crypt-zip' could be used to allow or deni encrypted compressed attachments for users at any compression level.
The extension 'encrypt' could be used to allow or deni encrypted (eg. aes) for users.
The following compression formats/extensions are supported: tar.gz,tgz,gz,tar,zip,jar,ear,war,par,tbz,tbz2,tar.bz,tar.bz2,bz2,Z,lzma,txz,tar.xz,xz.
The detection of compressed files is done content based not filename extension based.
Depending on your Perl distribution, it could be possible that you must install additionaly 'IO::Compress::...' (for example: IO::Compress:Lzma) modules to support the compression methodes.
default: 0

ASSP_AFCMaxZIPLevel: Maximum Decompression Level
-- The maximum decompression cycles use on a compressed attachment (eg: zip in zip in zip ...). Default value is 10 - zero is not allowed to be used! default: 10

ASSP_AFCReplBadAttach: Replace Bad Attachments
-- If set and AttachmentBlocking is set to block, the mail will not be blocked but the bad attachment will be replaced with a text! default: 0

ASSP_AFCReplBadAttachText: Replace Bad Attachments Text
-- The text which replaces the bad attachment. The litteral FILENAME will be replaced with the name of the bad attachment! default: The attached file (FILENAME) was removed from this email by ASSP for policy reasons!

ASSP_AFCReplViriParts: Replace Virus Parts
-- If set and virus scanning (UseClamAV) is enabled, the mail will not be blocked but the bad attachment or mail part will be replaced with a text! default: 0

ASSP_AFCReplViriPartsText: Replace Virus Parts Text
-- The text which replaces the bad mailparts that contains a virus. The litteral FILENAME will be replaced with the name of a bad attachment! default: There was a virus removed from this email (attachment FILENAME) by ASSP!

ASSP_AFCMSGSIZEscore: Increase MSG-Score on MSG Size
-- You can increase the message score of a mail because of its size (in byte). Define the size and scores in a comma separated list using the syntax 'size=>score[,othersize=>otherscore]'. The list will be processed in reversed numerical order of the size value. If the size of a mail is equal or higher as the defined size, the associated message score will be added. An possible definition could be:

500000=>10,1000000=>5,1500000=>0

which meens:
if the message size is >= 1500000 byte no score will be added
if the message size is >= 1000000 byte and < 1500000 byte a score of 5 will be added
if the message size is >= 500000 byte and < 1000000 byte a score of 10 will be added
if the message size is < 500000 byte no score will be added.

This feature will not process incomming mails, whitelisted mails and mail that are noprocessing - except mails, that are noprocessing only because of there message size (npSize). default:

ASSP_AFCDetectSpamAttachRe: Detect Spam Attachments*
-- An regular expression used on the "Content-Type" header tag to detect MIME parts that should be checked to be known spam or not. The rebuildspamdb task will build spamdb entries for these attachements and inlines (in assp build 12022 and higher). The plugin will block an email, if a bad attachment is found and was not removed/replaced by any other rule in this plugin. Leave this blank to disable the feature.
for example:

image\/
application\/pd[ft]
application\/zip
default: image\/

ASSP_AFCWebScript: Script to move large attachments to a web server
-- If the size of an undecoded attachment exceeds the ASSP_AFCinsize or ASSP_AFCoutsize parameter, assp will call this script and will replace the attachment with the text returned by this script or executable.
If no text is returned by the script (a warning is written to the maillog.txt) or the returned text begins with the word "error", the attachment will not be replaced.
The script has to write the resulting text or error to STDOUT.
The resulting text could be any of plain text or html code. The MIME-enconding and the Content-Type value of the resulting MIME-part will be set accordingly.
The text should contain the link to download the attachment, possibly some explanation (eg. download life time), web login information or a web-session-identifier - what ever is needed to fit the requirements of your web server.
You have to define the full path to the script and all parameters that should be pass to the script. The literal FILENAME will be replaced with the attachment filename (including the full path) that was stored in the /transfer folder. Any literal starting with an '$', will be replaced by the according connection hash value or the global variable with the name.

for example:
$relayok will be replaced by $Con->{relayok} - which identifies if it is an incoming (1) or outgoing/local (0) mail

So a possible definition of this parameter could be:
'/usr/bin/move_attachment_to_web.sh $relayok FILENAME'
or
'c:/assp/move_attachment_to_web.cmd $relayok FILENAME'

The file has to be removed by the script. If not, assp will warn about this and will remove the file in the /transfer folder.
To keep the filenames unique, the assp message identifier is placed in front of the filename - like: M1-30438-02027_attachmentfilename. Notice: if the filename contains unicode characters, assp will pass this characters in UTF-8 to your script!
Keep in mind, that if this script terminates it's own process - ASSP will die!
default:

ASSP_AFCinsize: Attachment size incoming
-- The size in KB of an attachment in incoming mails that must be reached, to call the ASSP_AFCWebScript. This parameter is ignored if left blank or set to zero. default: 1024

ASSP_AFCoutsize: Attachment size outgoing/local
-- The size in KB of an attachment in outgoing or local mails that must be reached, to call the ASSP_AFCWebScript. This parameter is ignored if left blank or set to zero. default: 1024

ASSP_AFCSMIME: SMIME sign outgoing mails*
-- An SMIME feature license assigned to this host is required to use this feature!

If configured, outgoing mails will be digitaly signed according to the SMIME specifications.
It is possible to configure privat and/or corporate signatures. In any case, the "file:" option must be used - specify one configuration per line.
The domain or user is separated by "=>" from the signing configuration/policy. It is possible to use group definitions of domains and users using the [ Groups ] option. Define one line per domain or user or group.
Configuration entries are separated by comma.
Configuration entry pairs (tag and value) are separated by "=".
File definitions for the certificate and privat key have to include the full path to the file! Certificate and privat key have to be provided in PEM format
If you exchange any certificate or key file, click "Edit file" and save the file again to force a reload of the internal certificate store.
The domain / user part accepts full email addresses , domains and groups - wildcards are supported and must be used for domain definitions.
The domain / user part is compaired to the envelope sender - the first matching entry (in reverse generic order) will be used. Entries starting with a minus sign, explicit exclude the domain/user/group from SMIME processing.

certfile - is required and specifys the full path to the certificate to use. The subject of the certificate has to include a valid email address. In normal case, this email address is specified by the cert-subject-tag "emailAddress". The "FROM:" address in the mail header will be replaced by this email address and a "Reply-To:" line with the original sender is added (or replaced) to the mail header.
If the subject of the certificate specifys the email address in another tag, define this tag (NOT the email address) after "emailaddress=".

keyfile - is required and specifys the full path to the file that contains the privat key

keypass - the tag is required, the value is optional - defines the password required (or not) for the privat key

emailaddress - is optional - please read "certfile"
rcpt - is optional - include/[-]exclude mails to specified users and/or domains (recipients) - to exclude addresses, write a minus in front - separate multiple entries by space

examples:

(1) user@your.domain => certfile=/certs/user_cert.pem, keyfile=/certs/user_key.pem, keypass=, rcpt=-otheruser@other.domain
(2) *your.domain => certfile=/certs/corporate_cert.pem, keyfile=/certs/corporate_key.pem, keypass=mypassword
(3) *@your.domain => certfile=/certs/corporate_cert.pem, keyfile=/certs/corporate_key.pem, keypass= , emailaddress=Email
(4) -user4@your.domain
(5) -@.your.domain
(6) -[no_smime]

The first example specifys a privat signing policy which exclude the recipient otheruser@other.domain, the second and third example specifys a corporate signing policy (with and without subdomains). The fourth example excludes the user "user4@your.domain" from SMIME processing. The fives example excludes all subdomains of "your.domain" from SMIME processing. The last example excludes all domains, subdomains and users defined in the group "[no_smime]" from SMIME processing.

corporate SMIME signing:

Assume we define the following configuration line:
*@your.domain.com => certfile=/certs/corporate_cert.pem, keyfile=/certs/corporate_key.pem, keypass=
Now let's say, the subject of the specified certificate (corporate_cert.pem) contains .../emailAddress=central.office@your.domain.com/...
Your local user "mark.schmitz@your.domain.com" sends a mail to an external recipient. The related mail header is:

From: "Mark Schmitz" mark.schmitz@your.domain.com
Disposition-Notification-To: mark.schmitz@your.domain.com

After SMIME signing the mail, the related mail headers are the following:

From: "Mark Schmitz" central.office@your.domain.com
Disposition-Notification-To: mark.schmitz@your.domain.com
Reply-To: mark.schmitz@your.domain.com

The mail client of the recipient will validate the signature against the "From" address - which corresponds to the email address specified in the subject of the certificate -> VALID
Pressing the "REPLY/ANSWER" button, the mail client will provide "mark.schmitz@your.domain.com" as recipient address using the entry in the "Reply-To:" header.
Notice, that some bad and/or older mail clients are ignoring the "Reply-To:" header tag - in such case an answered mail will go to "central.office@your.domain.com".
ASSP will help you a bit to prevent this. In addition to the required mail header changes, assp will add or enhance the "References:" mail header tag with a value of "assp-corp-smime-EMAILADDRESS" , where EMAILADDRESS is the original sender address.
If assp receives an answered mail, it will look for such an entry in the mail header and will add the found email address to the "To" header, if it is not already found there.
default: file:files/smime_cfg.txt

ASSP_ARC-Plugin

DoASSP_ARC: Do the ASSP_ARC Plugin
-- Enable or disables the archiving of mails.
If this plugin is installed ' StoreCompleteMail ' will be set to 'no limit'!
Only collected mails could be archived!
This Plugin is designed for- and running in call/run level 'complete mail' after the mail is collected!
The archive request is pushed by the SMTP-workers in to the MaintThread, which will copy the collected file in to the archive folder. default: 0

ASSP_ARCPriority: the priority of the Plugin
-- Sets the priority of this Plugin within the call/run-level 'complete mail'. The Plugin with the lowest priority value is processed first! default: 9

ASSP_ARCinPATH: Archive in PATH
-- Where to store the archived files for incoming mails. You can build a folder structure if you want. Read below to get more details. default:

ASSP_ARCoutPATH: Archive out PATH
-- Where to store the archived files for outgoing mails. You can build a folder structure if you want.
The following uppercase literals will be replaced by:

YEAR - year in format yyyy
MONTH - month in the format mm
DAY - day in the format dd
LOG - the folder name defined by ASSP. notspamlog is used if the mail is HAM in every other case spamlog is used
RCPT - the full mail address of the receipient
FROM - the full mail address of the sender
RNAME - the receipient name without @domain
FNAME - the sender name without @domain
RDOMAIN - the recipient domain without @
FDOMAIN - the sender domain without @

The filename (without folders) build by assp will be added to the end of the resulting string. Not existing folders will be created by the plugin.
UNC pathes are supported. For example using a share on windows : \hostname[or IP]/share/[your path definition]. Only in this case it is allowed to use
backslashes in the path definition (only the two at start !!!).
default:

ASSP_ARCSelectCode: Run this Code to select Messages
-- Put a code line here, to detect messages that you want to archive (or not). The code line has to return 0 or 1. A return of 1 will start archiving.
for example:

return $this->{signed} ? 1 : 0;
This code line will switch on archiving for all digital signed messages.

if ($this->{relayok} && ! $this->{isbounce}) {return 1;} else {return 0;}
This code line will switch on archiving for all outgoing not bounce messages.

if ($this->{ispip} && $this->{cip} =~ /^193.2.1./) {return 1;} else {return 0;}
This code line will switch on archiving if the messages is from ISP and the IP of the server that was connected to the ISP begins with 193.2.1. .

sample detection switches are:
- $this->{relayok} - 1 = outgoing
- $this->{noprocessing} 1 = noprocessing
- $this->{whitelisted} 1 = whitelisted
- $this->{isbounce} 1 = bounced message
- $this->{signed} 1 = digital signed
- $this->{ispip} 1 = comes from an ISP
- $this->{spamfound} 1 = "SPAM-found" flag is set
- $this->{error} 1 = blocked message
To use this option, you need to know the internal ASSP variables and there usage! default:

ASSP_ARCZip: Enable Compression for Archive Files
-- All archived files will be compressed (zip) and will get an extension ".gz" to there name. This requires an installed Compress::Zlib module in PERL. default:

ASSP_ARCDoEncrypt: Enable Encyption for Archive Files
-- All archived files will be encrypted using AES-256-CBC algorithm and will get an extension ".aes" to there name. The used encryption-key is available in $this->{ARCCRYPTKEY} - see database section "DB field mapping file". Do not use this option, if your system has a high CPU workload, because the encryption of large files will use 100% of one CPU-core for some seconds. This requires an installed OpenSSL and the 'openssl\bin' directory must be in the systems PATH variable.

To decrypt a archived file use : openssl enc -d -aes-256-cbc -in the_achive_file_name -out the_target_file -pass pass:the_key_from_the_database ! default:

ASSP_ARCmyhost: database hostname or IP
-- The hostname or IP where a record is written for each archived file. The database and the tables must be already created. The type and length of each database field depends on your needs. Mappings between archive variables and database fields are done with the mapping file below! Leave this blank, if do not want to use a database. default:

ASSP_ARCDBdriver: database driver name
-- The database driver used to access your database - DBD-driver. The following drivers are available on your system:
BerkeleyDB, ADO, AnyData, CSV, DBM, ExampleP, File, Gofer, LDAP, Log, MVS_FTPSQL, Mock, Multiplex, ODBC, Oracle, Ovrimos, Pg, PgPP, Proxy, SQLite, Sponge, Sprite, Template, TemplateSS, mysql, mysqlPP
If you can not find the driver for your database in this list, you should install it via cpan or ppm!
- or if you have installed an ODBC-driver for your database and DBD-ODBC, just create a DSN and use ODBC.
Usefull are ADO|DB2|Informix|ODBC|Oracle|Pg|Sybase|mysql|mysqlPP - but any other SQL compatible database should also work.
syntax examples: driver,option1,option2,...,...
ADO,[DSN=mydsn]
DB2
Informix
ODBC,DSN=mydsn|driver={SQL Server},Server=server_name
Oracle,SID=1|INSTANCE_NAME=myinstance|SERVER=myserver|SERVICE_NAME=myservice_name,[PORT=myport]
Pg,[PORT=myport]
Sybase,SERVER=myserver,[PORT=myport]
mysql,[PORT=myport]
mysqlPP,[PORT=myport]

The options for all drivers and there possible or required order depending on the used DBD-driver, please read the drivers documentation, if you do not know the needed option.
The username, password, host and databasename are always used from this configuration page.
Leave this blank, if do not want to use a database. default:

ASSP_ARCmydb: database name
-- This database must exist before archiving is started. Leave this blank, if do not want to use a database. default:

ASSP_ARCmytable: database table name
-- This table must exist before archiving is started. Leave this blank, if do not want to use a database. default:

ASSP_ARCmyuser: database username
-- This user should have CREATE privilege on the database. Leave this blank, if do not want to use a database. default:

ASSP_ARCmypassword: database password
-- default:

ASSP_ARCfieldMap: DB field mapping file*
-- The file which contains the field mapping table DB-field => ArchiveVariable . If set, the value has to begin with file: ! Leave this blank, if do not want to use a database. default: files/arc_default_map_file.txt

ASSP_ARCLog: Enable Plugin logging
-- default: 1

ASSP_DCC-Plugin

DoASSP_DCC: Do the ASSP_DCC Plugin
-- This Plugin uses a service provided by www.rhyolite.com to detect spam on a statistical (checksum) base.
You have to open UDP port 6277 on your firewall for outgoing connections and dccifd must be installed an running. This port is used by dccifd to connect to the DCC-Servers.
Please notice that dccifd is not available on windows systems. To use DCC on windows you must install the DCC components on a second linux system and you have to configure ASSP_DCCdccifd to use an IP socket to connect to the dccifd. Please follow the installation instructions on http://www.rhyolite.com/dcc/INSTALL.html
DCC is a distributed, collaborative, spam detection and filtering network. Through user contribution, DCC establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.
This plugin is designed for- and running in call/run level 'complete mail'! default: 0

ASSP_DCCPriority: the priority of the Plugin
-- Sets the priority of this Plugin within the call/run-level 'complete mail'. The Plugin with the lowest priority value is processed first! default: 8

TestASSP_DCC: Set the Plugin in Testmode
-- Set this Plugin in to Testmode. The Plugin returns true in any case! default:

ASSP_DCCLog: Enable Plugin logging
-- default: 1

ASSP_DCCValencePB: PenaltyBox valance for ASSP_DCC Plugin +
-- Message scoring for ASSP_DCC Plugin default: 15

procWhiteASSP_DCC: process whitlisted mails
-- Whitelisted mails will be processed by this Plugin! default: 1

ASSP_DCCLogTo: location to log the failed mails
-- Where to store rejected mail for this Plugin. Recommended: spamfolder & ccallspam
1 = spamfolder, 2 = notspam folder, 3 = spamfolder & ccallspam, 4 = mailok folder, 5 = attachment folder, 6 = discard, 7 = discard & ccallspam. default: 3

ASSP_DCChomedir: Home Directory of DCC on linux
-- The home Directory of DCC on linux systems. dccifd will listen on a unix socket in this folder. This parameter will be ignored if ASSP_DCCdccifd is configured! default: /var/dcc

ASSP_DCCdccifd: dccifd IP/Host Information
-- If you are running dccifd on a second system, define the IP address or hostname and port of that daemon here. For example: 192.168.0.100:11111 or dccifd.mydomain.com:11111 . If this parameter is configured, the setting of ASSP_DCChomedir will be ignored! default:

ASSP_DCCTimeout: dccifd Socket Timeout
-- Define the maximum time in seconds, assp will wait for an Answer of the dccifd. Recommended setting are between 10 an 16 - default is 16 seconds. default: 16

ASSP_DCCClientIP: DCC Auth Client IP
-- Define the IP address that is used to authenticate assp at the dccifd here. default: empty

ASSP_DCCClientName: DCC Auth Client Name
-- Define the hostname that is used to authenticate assp at the dccifd here. default: empty

ASSP_DCCReportToDCC: Report to DCC-Server
-- Define how the reporting function of DCC should be used. If set to "query only" - no reporting is be done. If set to "report" of the current DCC result will be reported to the DCC servers. If set to "report and known spam" the same behavior like "report" belongs and additionaly - if the mail is still detected as SPAM by assp, this will be reported to the DCC servers. default: 0

ASSP_OCR-Plugin

DoASSP_OCR: Do the ASSP_OCR Plugin
-- This Plugin resolves the ASCII part of attached images.
This Plugin is designed for- and running in call/run level 'complete mail'! default: 2

ASSP_OCRPriority: the priority of the Plugin
-- Sets the priority of this Plugin within the call/run-level 'complete mail'. The Plugin with the lowest priority value is processed first! default: 5

ASSP_OCRLog: Enable Plugin logging
-- default: 1

procWhiteASSP_OCR: process whitelisted mails
-- Whitelisted mails will be processed by this Plugin! default: 1

DoSimpleTextASSP_OCR: extract text from text files
-- The text components of attached text/html or similar files will be extracted! default: 1

DoPDFTextASSP_OCR: extract text from pdf files
-- The text components of attached pdf files will be extracted! default: 1

DoPDFImageASSP_OCR: extract text from images insite pdf files
-- The text components of images insite of attached pdf files will be extracted! default: 1

DoImageASSP_OCR: extract text from attached image files
-- The text components of attached images be extracted! default: 1

ASSP_OCRExec: Full Path to ImageMagick Executable
-- The full path to the ImageMagick executable (convert). For example: c:/progams/ImageMagick/convert or /opt/ImageMagick/convert .
If not defined, ASSP will search for this executable and set this value automaticly, if any of the both Image options is set.
The path to ImageMagic must be defined in the systems PATH variable!
If the executable was not found, this value will be set to "convert not found in path". In this case set your systems PATH variable correct, restart ASSP and clear this value - ASSP will then retry to find convert! default:

ASSP_OCRocrmaxsize: maxsize of the converted images
-- The maximum size of the converted images to scan with tesseract - default is 1024000 default: 1024000

ASSP_OCRocrmaxprocesses: maximum number of allowed concurrent running image processing tasks
-- The maximum number of concurrent running image processing tasks (tesseract / convert). This number should be less than the number of available CPU cores - default is 3. Changing this value requires an ASSP restart! default: 3

ASSP_Razor-Plugin

DoASSP_Razor: Do the ASSP_Razor Plugin
-- This Plugin uses a service provided by www.cloudmark.com to detect spam on a statistical base.
You have to open port 2703 on your firewall for outgoing connections. This port is used by Razor to connect to the Razor-Servers.
Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.
This plugin is designed for- and running in call/run level 'complete mail'! default: 0

ASSP_RazorPriority: the priority of the Plugin
-- Sets the priority of this Plugin within the call/run-level 'complete mail'. The Plugin with the lowest priority value is processed first! default: 7

TestASSP_Razor: Set the Plugin in Testmode
-- Set this Plugin in to Testmode. The Plugin returns true in any case! default: 0

ASSP_RazorLog: Enable Plugin logging
-- default: 1

ASSP_RazorMaxNotSpamConf: Maximum Confidence by Razor for NOT SPAM
-- The Razor-Server will return a confidence/spam level for each mail between 0 and 100, where 0 meens no spam and 100 absolute spam. Under default conditions Razor uses a pre calculated default value, but if you want, you can set this to an absolute value between 0 and 99 or a value relative to the default (use "default-dd" or "default+dd" without quotes - dd must be digits). If the Razor-score is higher than this value, the mail will consider spam. To use the default value (recommended), set the value to the word "default". default: default

ASSP_RazorValencePB: PenaltyBox valence for ASSP_Razor Plugin +
-- Message/IP scoring for ASSP_Razor Plugin default: 15

procWhiteASSP_Razor: process whitlisted mails
-- Whitelisted mails will be processed by this Plugin! default: 1

ASSP_RazorLogTo: location to log the failed mails
-- Where to store rejected mail for this Plugin. Recommended: spamfolder & ccallspam
1 = spamfolder, 2 = notspam folder, 3 = spamfolder & ccallspam, 4 = mailok folder, 5 = attachment folder, 6 = discard, 7 = discard & ccallspam. default: 3

Wiki: DNSBL
Wiki: Main_Page

Anti-Spam SMTP Proxy Server Wiki

Anti-Spam SMTP Proxy Server implements multiple spam filters

ASSP_2.x_configuration_settings

Configuration Synchronization and Sharing

Network Setup

SMTP Session Limits

Group definition

Groups: Address and Domain Groups*

SPAM Control

Copy Spam & Ham

SPAM Lover/Hater

No Processing

poTestMode: Enable Process Only Addresses

Whitelisting

Relaying

Recipients/Local Domains

Validate Helo

Validate Sender

IP Blocking

SenderBase / Whois

enableWhois: Use Whois Queries instead or after or before of SenderBase Queries

PenaltyBox / Message and IP Scoring

Delaying/Greylisting

SPF/DMARC/SRS

DNSBL

URIBL

Attachment Blocking

ClamAV and FileScan

Regex Filter / Spambomb

Bayesian and Hidden Markov Model (HMM) Options

Backscatter Detection

TestModes

Email Interface

File Paths and Database

Collecting

Logging

LDAP Setup

DNS Setup

Server Setup

Rebuild Spamdb

Char Conversions / TNEF

SSL Proxy and TLS support

Global PenaltyBox

Block Reporting

SNMP Configuration

POP3 Collecting

Module Setup

ASSP_AFC-Plugin

ASSP_ARC-Plugin

ASSP_DCC-Plugin

ASSP_OCR-Plugin

ASSP_Razor-Plugin

Related