ASSP the best free Open Source Anti-Spam SMTP Proxy
Last Updated on Friday, 06 August 2010 14:29
Written by Joe Aldeguer
Monday, 19 January 2009 23:01
When I first started reading about ASSP a year ago, I was some what skeptical as to what the developers claimed it could do until I begun using it at work.
Disclaimer: There is no guarantee this will work for you. Created for author's personal use.
Incredibly even during testmode, ASSP is already proving to be very effective in preventing spam from reaching my mail server. Within a few months after using ASSP, I was then ready to take ASSP off testmode. Overnight the number of spam messages ending up in users inboxes dropped significantly. Information used to develop this "how-to" was gathered from ASSP's website and my own trial and error process. (This how-to does not cover clamav integration I have virus scanning done at the mail server instead.)
My ASSP network topology. For a basic ASSP workflow go here.
Note: Words in italics will need to be typed at the shell prompt.
Server specs:
Centos 5.2
512 megs ram
30 gig hd
using default partition
Disable Sendmail from starting up during bootup, terminating it as well if it is running.
Open up a shell then install needed ASSP perl modules by typing in at command prompt.
perl -MCPAN -e shell
at cpan> prompt type in
cpan> install Archive::Zip (answering yes to any unsatisified dependencies use default answer for any other questions. Install perl modules using sequence below.
When using Debian Etch, perl modules could be installed using this way:
apt-get install libcompress-zlib-perl libdigest-md5-perl
libemail-valid-perl libfile-readbackwards-perl libmail-spf-query-perl
libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl
libtime-hires-perl unzip
When using Debian Lenny.
apt-get install libcompress-zlib-perl libemail-valid-perl libfile-readbackwards-perl libmail-spf-perl libemail-mime-perl \
libemail-mime-modifier-perl libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl unzip clamav \
clamav-daemon libemail-send-perl libio-socket-ssl-perl libio-socket-inet6-perl libnet-cidr-lite-perl
If an error comes up during installation of any of the perl modules it usually is an indication of an unsatisfied dependency. The error below LWP/Simple shows the perl module LWP:Simple is missing.
Archive::Zip
HTML::Entities
LWP::Simple
Digest::MD5
File::ReadBackwards
Mail::SPF::Query
Mail::SRS
Sys::Syslog
Time::HiRes
Email::Valid
Net::DNS
Email::MIME::Modifier
cpan> quit
Download the latest ASSP.
cd /usr/local/src
wget http://sourceforge.net/projects/assp/files/ASSP%20Installation/ASSP%201.6.5.4/ASSP_1.6.5.4-Install.zip/download
Create the directories.
mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam
unzip ASSP_1.6.5.4-Install.zip
mv -f ASSP/* /usr/share/assp
rm -rf ASSP_1.6.5.4Install
chown -R nobody:nogroup /usr/share/assp
apt-get install build-essential
More perl modules to install
Net::IP::Match::Regexp
Net::SenderBase
Installing this perl module will only work if you have the MySQL database installed. If you have it installed the install process will look for a database called test. Create this if you do not have it.
It also has to be install using
perl -MCPAN -e shell
Tie::RDBM
cd /usr/share/assp
At this point I am ready to start ASSP for the first time.
Start assp
perl assp.pl
If there are no errors go ahead and stop ASSP, type in at command prompt.
ctrl-c
To have ASSP start during bootup
Create start|shutdown script in /etc/rc.d/init.d/assp
Create a file called assp.
vi /etc/rc.d/init.d/assp (Copy and paste script below.)
There is also a new startup script which could be found here, I haven't tried this one yet.
Script obtained from ASSP forum:
#!/bin/sh
#
# assp This shell script takes care of starting and stopping
# the Anti-Spam SMTP Proxy daemon.
#
# chkconfig: 235 99 10
# description: The Anti-Spam SMTP Proxy (ASSP) implements whitelists, \
# Bayesian, and basic anti-virus filtering to rid the \
# planet of the blight of unsolicited email (UCE).
#
### BEGIN INIT INFO
# Provides: ASSP
# Required-Start: $network $syslog
# Required-Stop: $network
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Short-Description: start and stop ASSP
# Description: ASSP is the Anti-Spam SMTP Proxy
### END INIT INFO
# Source function library.
if [ -f /etc/init.d/functions ] ; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 1
fi
# change base to location of your ASSP installation
base=/usr/share/assp
prog=$base/assp.pl
lockfile=/var/lock/subsys/assp
start() {
echo -n $"Starting the Anti-Spam SMTP Proxy: "
daemon $prog $base
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile || RETVAL=1
return $RETVAL
}
stop() {
echo -n $"Stopping the Anti-Spam SMTP Proxy: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading assp.cfg: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
rhstatus() {
status $prog
return $?
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
rhstatus
;;
restart)
restart
;;
reload)
reload
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=2
esac
exit $RETVAL |
Make script ASSP executable.
chmod 755 /etc/init.d/assp
chown -R 0.0 /usr/share/assp
chmod 755 /usr/share/assp/assp.pl
Enable script.
chkconfig assp --add
chkconfig assp on --level 2 3 5
login to assp.
http://77.77.77.77:55555
I'll change the default password also limiting connections to only my IP addresses by going to the Server Setup menu.
I'll change the SMTP listening port to 25 then use the IP address of my mail server (this format 77.77.77.77:25) as the SMTP destination by going to the Network Setup menu.
All of my mail clients in the LAN are setup to send e-mails out through my ASSP server's IP address (Doing so will help ASSP build its corpus of spam, notspam and whitelist which helps achieving the ideal norm number.) The image shows my Evolution mail client SMTP setting is set up to use the IP address of my ASSP server.
Since this is a new install, I'll set it using testmode by going to the Testmodes menu until ASSP has collected about a thousand e-mails or more. I also purposely place an e-mail address on my web pages for spam bots to harvest so I can use it to collect spam e-mails in ASSP.
Some usage tips I copied off a discussion thread from ASSP's forum.
- switch things over to scoring
- put Bayesian mode into explicit test mode
- adjust your Penalty Box options to allow a small amount of spam through
- setup your email interface section
- setup your ccmail section so you can monitor the test modes
- alert your users on how to use the spam and notspam reporting mechanism
- maintain rebuilding your bayesian indexes
- develop your system automation for running the move2num and rebuildspamdb scripts
- wait for a reasonable amount of ham/spam to collect
- turn bayesian testing off
Bayesian training typically takes a month.
What is a good number of spam before you switch testmode off.
1000-2000 per folder.
 |
« on: September 18, 2007, 01:18:29 PM »
|
|
Start off with default settings, and slowly via a practice of change management, make alterations to your settings; tracking everything that you do to see if it has any adverse effects on functionality or performance. Sometimes depending on how robust your system and/or transfer speeds are, a bad combinations of feature settings and poorly-crafted regular expressions can have adverse effects on ASSP's performance. I cannot stress this enough - Use the defaults. Then, when you are ready to enable or alter features:
- Make changes per type of function at a time; enabling a feature (defaults settings first) or altering a setting of an already enabled and tested feature
- Run specific tests and/or run with the change(s) for a few days to a week until you have determined that your changes are OK with your normal e-mail load
- Repeat when/if necessary
On a final note of practical experience: Don't come into this as a new user thinking that you know better that what has been preselected or recommended as the defaults settings. These defaults aren't "weak" or "whimpy". These settings have been tried and tested to give you the best results without over taxing your system - whatever it may be. Only after gaining some real experience with ASSP and knowledge of how well ASSP performs on your hardware and network connection should you starting tweaking; and you should only do so while observing change management practices so you can understand what you did that altered ASSP's performance. And when all seems like it doesn't make sense: revert to the defaults or previous settings for whatever it is that you just recently modified. We'll be here to lend a hand in the forums or the e-mail lists. Just start your posts with ASSP Version, Perl version, etc, so we can get that pre-requisite mental image of what you are dealing with. 
|
« on: December 30, 2008, 08:47:31 PM »
|
|
I am not sure if this is the correct thread to post this.
There should be a common thread for general post about asspsmtp.
Anyway, I have some questions about asspsmtp. As I know, spam and notspam folder is used for rebuilding spamdb for bayes. But the thing is, the folder keep increasing and now my spam is 40MB and notspam is 130MB. Can I know if I can delete contents in this folder after the spamdb has been rebuild? Or if I delete them, the next spamdb rebuild will cause the spamdb created to be fresh one?
Also, the server load is very high now. Can I know if there are some standard procedure to do or check or guideline? I can't find this in the wiki.
Thanks.
solution:
- Clear the "Use Subjects as File Names" option.(UseSubjectsAsMaillogNames)
From the ASSÜ-GUI:
You can turn this on to help you to identify mail in your spam and non-spam collections. This will prevent ASSP from controlling the number of files in your collections( MaxFiles ). If your collections grow over 1000 items run move2num.pl and turn this off. Leaving this setting turned off is HIGHLY recommended. The spam and non-spam collections are only intended for use by ASSP to build the bayesian database and NOT AS A MAIL ARCHIVE. See the sendAllSpam and other options in the Copy Spam & Ham section for mail archiving options.
perl move2num.pl -r
http://www.asspsmtp.org/wiki/Other_Tools |
I have added in cron to run rebuildspamdb.pl every midnight using Webmin's cron module.
When the collection of messages in the spam and notspam folder grows to 1000, the documentation recommends to run the command move2num.pl then turn off "UseSubjectsAsMaillogNames" by going to the Collecting menu.
cd /usr/share/assp
perl move2num.pl
I am going to allow my internal mail server to be able to relay mail through ASSP and also other mail servers I manage by going to the Relaying menu. Then I will add all of the domains I will be receiving e-mails for.
If I get spam messages in my inbox, I can forward the spam messages using Outlook or any other mail client to ASSP (spam@mydomain.com.) ASSP then adds the spam messages in its corpus which it uses for building the database of spam and non spam words used by bayesian filtering. I am also able to customized the acknowledgement message ASSP sends out to users after it has received the submitted spam message by going to the Email Interface menu.
Clicking the Maillog Tail menu I'm also able to search e-mail transaction records in ASSP making it very easy to read the logs.
ASSP is also able to do some basic virus checking. By going to Attachments & Viruses link I could set the level of checking ASSP will do against file extensions.
Activate URIBL test to increase spam detection by going to URIBL menu. This has proven to be highly effective stopping spam e-mails with random words used to disguised spam links within the message body.
For messages which ASSP tagged as spam I have them CC'd to an e-mail account. Having it done this way I am able to go through the messages in case a legitimate e-mail got caught by mistake. I am then able to forward the e-mail to my user. I can also then add the e-mail address to my whitelist.
Clicking the Info and Stats menu I'm able to check the volume of e-mails ASSP has processed.
Installing ASSP version 1.4.3.1
Server specs:
Centos 5.2
512 megs ram
30 gig hd
using default partition
cd /usr/local/src
wget http://downloads.sourceforge.net/assp/ASSP_1.4.3.1-Install.zip?modtime=1229273178&big_mirror=0
Upload assp.mod.zip into.
/usr/local/src
unzip ASSP_1.4.3.1-Install.zip
upload mod_isntl.pl into.
/usr/local/src
mv assp.mod/ ASSP_1.4.3.1-Install/ASSP
cd ASSP_1.4.3.1-Install/ASSP
Rename assp.cfg.defaults to assp.cfg.
mv assp.cfg.defaults assp.cfg
(make sure you are able to connect to the Internet prior to running mod_instl.pl)
cd assp.mod/install
perl mod_instl.pl
(answering [yes] to all unsatisified dependency questions)
Depending on how fast your machine or internet connection this could take some time be patient.
Create the directories used by assp.
mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam
mv -f ASSP/* /usr/share/assp
cd /usr/share/assp
chown -R 0.0 /usr/share/assp
Make sure sendmail has been stopped or disabled from starting up during boot.
Starting assp for the first time.
cd /usr/share/assp
perl assp.pl
(If no errors stop ASSP.)
ctrl -c
Copy and paste startup script below using vi.
vi /etc/rc.d/init.d/assp
Script copied off ASSP forum.
(I modified the startup script by placing & at the end of $base to have assp run in background otherwise
it will cause Linux to hangup during startup.)
#!/bin/sh
#
# assp This shell script takes care of starting and stopping
# the Anti-Spam SMTP Proxy daemon.
#
# chkconfig: 235 99 10
# description: The Anti-Spam SMTP Proxy (ASSP) implements whitelists, \
# Bayesian, and basic anti-virus filtering to rid the \
# planet of the blight of unsolicited email (UCE).
#
### BEGIN INIT INFO
# Provides: ASSP
# Required-Start: $network $syslog
# Required-Stop: $network
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Short-Description: start and stop ASSP
# Description: ASSP is the Anti-Spam SMTP Proxy
### END INIT INFO
# Source function library.
if [ -f /etc/init.d/functions ] ; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 1
fi
# change base to location of your ASSP installation
base=/usr/share/assp
prog=$base/assp.pl
lockfile=/var/lock/subsys/assp
start() {
echo -n $"Starting the Anti-Spam SMTP Proxy: "
daemon $prog $base &
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile || RETVAL=1
return $RETVAL
}
stop() {
echo -n $"Stopping the Anti-Spam SMTP Proxy: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading assp.cfg: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
rhstatus() {
status $prog
return $?
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
rhstatus
;;
restart)
restart
;;
reload)
reload
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=2
esac
exit $RETVAL
|
chmod 755 /etc/rc.d/init.d/assp
chmod 755 /usr/share/assp/assp.pl
Enable script run levels.
chkconfig assp --add
chkconfig assp on --level 2 3 5
Login to assp.
http://77.77.77.77:55555
Using default password nospam4me leave username blank.
After logging in make changes to settings by consulting ASSP wiki.
http://www.asspsmtp.org/wiki/Welcome
http://www.howtoforge.com/antispam_smtp_proxy
Don't let the spammers take over your inbox give ASSP a try and be amaze how trully effective this free tool is!
collect@aldeguer.us
COMMENTS: (Abusing this comment form with spam would be the most effective way to have your IP, network or country blocked!)