Debian
Introduction
ASSP Installation
Assuming you are install ASSP on Debian variants such like Ubuntu. This has been tested on Debian lenny with ASSP 1.7.1.4.
Basic
-
Install the necessary Perl modules.
aptitude install libcompress-zlib-perl libemail-valid-perl libfile-readbackwards-perl libmail-spf-perl libemail-mime-perl \ libemail-mime-modifier-perl libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl unzip clamav \ clamav-daemon libemail-send-perl libio-socket-ssl-perl libio-socket-inet6-perl libnet-cidr-lite-perl \ libmail-spf-query-perl
-
Download ASSP from here.
-
Create the necessary folders.
mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam -
Install files in place.
unzip ASSP_1.7.1.3-Install.zip
mv -f ASSP_1.7.1.3-Install/ASSP/* /usr/share/assp
rm -rf ASSP_1.7.1.3-Install
chown -R nobody:nogroup /usr/share/assp
CPAN
-
Before configure CPAN you should have installed the build-essential package.
apt-get install build-essential
-
Install Perl module File::Scan::ClamAV via CPAN since there is no premade package available.
# perl -MCPAN -e shell
Are you ready for manual configuration? [yes] no
cpan> install File::Scan::ClamAV
The last line should now display:
/usr/bin/make install -- OK
if not, please use this Howto.
-
Install Perl module Net::IP::Match::Regexp via CPAN since there is no premade package available.
cpan> install Net::IP::Match::Regexp
-
Install Perl module Net::SenderBase via CPAN since there is no premade package available.
cpan> install Net::SenderBase
-
Install Perl module Tie::RDBM via CPAN since there is no premade package available.
cpan> force install Tie::RDBM
-
Install Perl module Net::Syslog via CPAN since there is no premade package available.
cpan> force install Net::Syslog
-
Install Perl module Time::HiRes via CPAN since there is no premade package available.
cpan> force install Time::HiRes
cpan> exit
Terminal does not support GetHistory.
Lockfile removed.
Startup and run for first time
-
Add following startup scripts.
vi /etc/init.d/assp
!/bin/sh -e
Start or stop ASSP
original version by Ivo Schaap <ivo@lineau.nl> had issues on Debian4. Modified by atramos.
BEGIN INIT INFO
Provides: ASSP (Anti-Spam SMTP Proxy)
Required-Start: $syslog, $local_fs
Required-Stop: $syslog, $local_fs
Default-Start: 2 3 4 5
Default-Stop: 0 1 6
Short-Description: Start ASSP
Description: Enable service provided by daemon.
END INIT INFO
PATH=/bin:/usr/bin:/sbin:/usr/sbin
case "$1" in
start) echo -n "Starting the Anti-Spam SMTP Proxy" cd /usr/share/assp perl assp.pl 2>&1 > /dev/null &;;
stop) echo -n "Stopping the Anti-Spam SMTP Proxy" kill -9 `ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'`;;
restart) $0 stop || true $0 start;;
*) echo "Usage: /etc/init.d/assp {start|stop|restart}" exit 1;;
esac
exit 0
Below adds rc?.d runlevels.
**update-rc.d assp defaults**
-
Run ASSP for the first time!
cd /usr/share/assp
perl assp.plApr-17-10 14:50:07 Info: Regex bombSubjectRe: 56 weighted regular expression defined;
Apr-17-10 14:50:07 Info: Regex bombSubjectRe: 56 weighted regular expression defined;
Apr-17-10 14:50:07 Info: Regex bombRe: 9 weighted regular expression defined;
Apr-17-10 14:50:08 Info: Regex bombRe: 9 weighted regular expression defined;
Apr-17-10 14:50:08 Saving new config file: 1.7.1.3(1.0.05);
Apr-17-10 14:50:08 Assp.pl version 1.7.1.3(1.0.05) (Perl 5.010000) initializing ;
Apr-17-10 14:50:08 File::Scan::ClamAV module version 1.91 installed but not ready, error: Cannot connect to unix socket 'tmp/clamd.socket': connect: No such file or directory;
Apr-17-10 14:50:08 Assp.pl running on server: titan (67.23.167.142);
Apr-17-10 14:50:08 Net::LDAP module version 0.36 installed and available;
Apr-17-10 14:50:08 Net::DNS module version 0.63 installed;
Apr-17-10 14:50:08 Email::Valid module version 0.179 installed and available;
Apr-17-10 14:50:08 Email::Send module version 2.192 installed - resending blocked messages available;
Apr-17-10 14:50:08 Mail::SPF module version 2.005 installed and available;
Apr-17-10 14:50:08 Mail::SRS module version 0.31 installed - Sender Rewriting Scheme available;
Apr-17-10 14:50:08 Compress::Zlib module version 2.012 installed - HTTP compression available;
Apr-17-10 14:50:08 Digest::MD5 module version 2.36_01 installed - Greylisting/Delaying can use MD5 keys for hashes;
Apr-17-10 14:50:08 Digest::SHA1 module version 2.11 installed - Message-ID tagging (FBMTV) available;
Apr-17-10 14:50:08 File::ReadBackwards module version 1.04 installed - searching of log files enabled;
Apr-17-10 14:50:08 Time::HiRes module version 1.9721 installed - CPU usage statistics available;
Apr-17-10 14:50:08 Sys::Syslog module version 0.26 installed - Unix centralized logging enabled;
Apr-17-10 14:50:08 Tie::RDBM module version 0.73 installed - mysql usage available;
Apr-17-10 14:50:08 Net::IP::Match::Regexp module version 1.01 installed - CIDR notation for IP range available;
Apr-17-10 14:50:08 Net::CIDR::Lite module version 0.20 installed - Hyphenated IP address range available;
Apr-17-10 14:50:08 Net::SenderBase module version 1.01 installed - SenderBase Queries available;
Apr-17-10 14:50:08 LWP::Simple module version 5.810 installed - griplist available;
Apr-17-10 14:50:08 Email::MIME::Modifier module version 1.442 installed - attachments detection available;
Apr-17-10 14:50:08 Net::SMTP module version 2.31 installed - VRFY Recipients available;
Apr-17-10 14:50:08 IO::Socket::SSL module not checked - SSL support is disabled in config (enableSSL);
Apr-17-10 14:50:08 IO::Socket::INET6 module not checked - IPv6 support not enabled (enableINET6);
Apr-17-10 14:50:08 Couldn't create server socket on port '25' -- maybe another service is running or I'm not root (uid=0)?;
Apr-17-10 14:50:08 NOT listening for SMTP connections on 25;
Apr-17-10 14:50:08 Listening for ADMIN http connections on 55555;
Apr-17-10 14:50:08 Listening for STATISTICS http connections on 55553;
Apr-17-10 14:50:08 Warning: Bayesian spam database has only 0 records!;
Apr-17-10 14:50:08 Warning: whitelist has only 0 records: (ignore if this is a new install);
Apr-17-10 14:50:08 Running in (base)directory '/usr/share/assp';
Apr-17-10 14:50:08 Starting assp.pl 1.7.1.3(1.0.05) (PID: 19694) in console mode;
Apr-17-10 14:51:38 Downloading assp version check via direct HTTP connection;
Apr-17-10 14:51:39 Assp version check download completed;
Apr-17-10 14:51:39 Info: next assp version check download in 17 hours 0 mins ;
Apr-17-10 14:51:39 Info: new assp version 1.7.1.3 (1.0.06) is available for download at http://downloads.sourceforge.net/project/assp/ASSP%20Installation/AutoUpdate/ASSP1x/assp.pl;
Apr-17-10 14:51:39 Info: autoupdate: performing assp.pl.gz download to /usr/share/assp/download/assp.pl.gz;
Apr-17-10 14:51:39 Downloading assp.pl.gz via direct HTTP connection;
Apr-17-10 14:51:40 Assp.pl.gz download completed;
Apr-17-10 14:51:40 Info: next assp.pl.gz download in 23 hours 0 mins ;
Apr-17-10 14:51:40 Info: autoupdate: new assp.pl.gz downloaded to /usr/share/assp/download/assp.pl.gz;
Apr-17-10 14:51:40 Deflating file /usr/share/assp/download/assp.pl.gz to /usr/share/assp/download/assp.pl;
Apr-17-10 14:51:40 Info: autoupdate: new assp version '/usr/share/assp/download/assp.pl' available - version 1.7.1.3 (1.0.06);
You should be able to connect to ASSP web interface at this point. http://WEBSITE:55555. Specify anything for "username", default "password" is nospam4me.
At this point you shall see that ASSP is unable to bind to port 25. We need to change Debian's default mail daemon Exim4 to run on port 26.
Let's shutdown ASSP with "Ctrl-C". You can use /etc/init.d/assp to start ASSP.
-
Modify Exim4 to port 26 instead of 25.
# cat /etc/default/exim4 |grep ^SMTP
SMTPLISTENEROPTIONS='-oX 26'/etc/init.d/exim4 restart
-
Start ASSP!
/etc/init.d/assp start
ASSP Configuration
Network Setup:
- SMTP Listen Port 25
- SMTP Destination 26
SMTP Session Limits :
SPAM Control / Testmode :
- Prepend Spam Subject {ASSP-SPAM}
- All Testmode ON - Running in this mode for two weeks to build the spamdb and whitelist
Copy Spam & Ham :
Spam Lover/Hater :
No Processing :
Redlisting/Whitelisting :
Relaying :
Recipients :
Validate Helo :
Validate Sender :
IP Blocking:
Penalty Box:
Delaying :
SPF/SRS :
DNSSBL :
URIBL :
Attachment Blocking:
ClamAV :
- Port or file socket for ClamAV (AvClamdPort) - /var/run/clamav/clamd.ctl
Regex Filters / Spambomb:
Bayesian Options:
Backscatter Detection:
Email Interface:
File Paths:
Collecting :
Logging :
LDAP Setup:
DNS Setup:
Server Setup:
Advanced Configuration
ASSP SSL support over port 465
ASSP project announced that v1.5+ will have NATIVE SSL support! Check out Fritz's thread here!
The purpose of doing this is allowing all outgoing e-mails be parsed by ASSP.
You need to have an already working SSL cert. i.e. /etc/ssl/certs/DOMAIN.pem.
You need to install Stunnel.
aptitude install stunnel4
Let's modify /etc/stunnel/stunnel.conf and make it read like following.
cert = /etc/stunnel/stunnel.pem sslVersion = all chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 pid = /stunnel4.pid verify = 0 [ssmtp] accept = 465 connect = 127.0.0.2:26
Copy your working SSL cert over to /etc/stunnel/stunnel.pem and set right permissions.
cp /etc/ssl/certs/DOMAIN.pem /etc/stunnel/stunnel.pem chown stunnel4:stunnel4 /etc/stunnel/stunnel.pem
Start Stunnel!
/etc/init.d/stunnel4 start
Let's add an alias lo:1 with IP of 127.0.0.2. Since MTA is already configured to run on port 26, we are going to run ASSP SMTP listen port on 127.0.0.2:26.
-
/etc/network/interfaces
Stunnel - SMTP-AUTH
auto lo:1
iface lo:1 inet static
address 127.0.0.2
netmask 255.0.0.0
network 127.0.0.0
broadcast 127.255.255.255
Run following to bring up the new lo:1. You may get some warnings, run ifconfig to confirm lo:1 is up.
ifup lo:1
Let's make some configuration change on ASSP web interface.
Network Setup
- Second SMTP Listen Port - 127.0.0.2:26
- Second SMTP Destination - 127.0.0.1:26
- Force SMTP AUTH on Second SMTP Listen Port - CHECKED!
Modify your firewall to open port 465!
ASSP web interface over SSL
See above for Stunnel installation and configurations. Add following to /etc/stunnel/stunnel.conf.
[assp] accept = 55556 connect = localhost:55555 TIMEOUTclose = 0
Restart Stunnel.
/etc/init.d/stunnel4 restart
Modify your firewall to open port 55556, close 55555. Visit https://YOUR_DOMAIN.COM:55556 and your ASSP traffics will be encrypted!
Related
Wiki: Debian_ASSP_v2
Wiki: Specific_OS_QuickStarts
Wiki: Unix
