HOWTO: ASSP (beta)

Status
Not open for further replies.

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,628
Location
LT, EU
This is a how-to for ASSP, I've marked it as beta because this how-to needs some testing.

Install needed perl modules:
Code:
perl -MCPAN -e "install Compress::Zlib"
perl -MCPAN -e "install Digest::MD5"
perl -MCPAN -e "install Email::Valid"
perl -MCPAN -e "install File::ReadBackwards"
perl -MCPAN -e "install Mail::SPF::Query"
perl -MCPAN -e "install Mail::SRS"
perl -MCPAN -e "install Net::DNS"
perl -MCPAN -e "install Sys::Syslog"
perl -MCPAN -e "install Net::LDAP"
perl -MCPAN -e "install Time::HiRes"

Create a directory for ASSP:
Code:
mkdir /usr/local/assp
cd /usr/local/assp

Download and extract ASSP:
Code:
wget http://switch.dl.sourceforge.net/sourceforge/assp/ASSP_1.2.6-Install.zip
unzip -d /usr/local/assp /usr/local/assp/ASSP_1.2.6-Install.zip
rm -fr ASSP_1.2.6* changelog.txt Install.txt __MACOSX/ README.txt
wget http://www.grscripts.com/service/start
chmod 755 start
wget http://www.grscripts.com/service/stop
chmod 755 stop

Chmod downloaded files:
Code:
chmod u+x /usr/local/assp/*.pl

Create ASSP user/group:
Code:
/usr/sbin/useradd assp -r

Now we need to configure it. Open assp.cfg in your favorite editor and set these values:
Code:
runAsGroup:=assp
runAsUser:=assp
AsADaemon:=1
webAdminPassword:=[B]random_password[/B]
smtpDestination:=127.0.0.1:125
listenPort:=25
localDomains:=file:/etc/virtual/domains

Start it when the system comes up:
Code:
chkconfig --add assp

Add this to exim.conf:
Code:
# ASSP
local_interfaces = 127.0.0.1
daemon_smtp_ports = 125

Now create and chmod ASSP start/stop script:
Code:
cat > /etc/init.d/assp << "EOF"
#!/bin/sh
# chkconfig: 235 99 10
# description: Start or stop the ASSP SPAM Proxy  server

base=/usr/local/assp
confFile=$base/assp.cfg
start="$base/start $base"
stop="$base/stop $base"
lockfile=/var/lock/subsys/assp.lock
pidFile=$base/pid
name='ASSP'

case "$1" in
'start')
	echo "Starting ASSP via: $start"
	$start >/dev/null 2>&1 </dev/null
	# $start 
	RETVAL=$?
	if [ "$RETVAL" = "0" ]; then
		touch $lockfile >/dev/null 2>&1
	fi
	;;
'stop')
	$stop
	RETVAL=$?
	if [ "$RETVAL" = "0" ]; then
		rm -f $lockfile
	fi
	;;
'status')
	pidfile=`grep "^pidfile=" $confFile | sed -e 's/pidfile=//g'`
	if [ "$pidfile" = "" ]; then
		pidfile=$pidFile
	fi
	if [ -s $pidfile ]; then
		pid=`cat $pidfile`
		kill -0 $pid >/dev/null 2>&1
		if [ "$?" = "0" ]; then
			echo "$name (pid $pid) is running"
			RETVAL=0
		else
			echo "$name is stopped"
			RETVAL=1
		fi
	else
		echo "$name is stopped"
		RETVAL=1
	fi
	;;
'restart')
	$stop && $start
	RETVAL=$?
	;;
*)
	echo "Usage: $0 { start | stop | status | restart }"
	RETVAL=1
	;;
esac
exit $RETVAL
EOF
Code:
chmod 755 /etc/init.d/assp

You can also read ASSP documentation:
ASSP Documentation.htm
Regular Expression Tutorial.htm
 
Last edited:
See my post.

http://www.directadmin.com/forum/showthread.php?t=18112

1) You dont need rebuild. As i stated, rebuildspamdb is only needed if your collecting spam but since i stated that the Bayesian function is too iffy, rebuild should be left out of the picture and set to nocollect. You dont need to collect spam if your not going to use Bayes therefore setting it too nocollect (recommended) and leaving rebuild out of the picture is desirable.

2) The setup and config of ASSP on a DA server is far to complicated for the novice user. The above installs it but thats about it. Anyone who is not familiar with ASSP is going to be tearing out their hair to get it setup and working properly.

3) You need a modified version of Exim

4) The above setup will not work. The end result will be all connections will be denied. In other words anyone who follows the above is going to find Zero email being delivered. :)

plus many many other things.
 
I edited the "how-to". About the modified version of exim - you just need to remove all the rubbish from exim.conf file :)
 
ramprage, thank you for your comment, changed to nobody.
 
smtalk,

I'd much rather see it run as it's own user; nobody can be a security risk because one compromised daemon running as nobody, and everything running as nobody is at risk.

I don't see anything in your exim.conf changes to tell exim to not listen on port 25 or 587; how does exim know to give that up?

Jeff
 
local_interfaces is enough. I've edited the how-to for assp user/group.
 
Thanks. Does ASSP run on port 587?

If so, do you want it to? If you do it'll process all outgoing email. Is that desirable?

Thanks.

Jeff
 
assp seems to be nice but where can i find a how to install and a how to use?

thanks,
 
Does ASSP run on port 587?

Some of my clients have their ISP (NL: HetNet, Planet, KPN & Tele2) block port 25, so need to contact via 587 if they want to send mail via smtp other than their own isp.
So support of port 587 would be ok i guess..
 
Some of my clients have their ISP (NL: HetNet, Planet, KPN & Tele2) block port 25, so need to contact via 587 if they want to send mail via smtp other than their own isp.
So support of port 587 would be ok i guess..

We use 2525 and this can be set in ASSP. Not a problem.
 
We are working with Alaksandr Kuzko, a man who has written "ASSP eXtended - WHM addon with cPanel interface" for cPanel. We are writing an installer for DirectAdmin and maybe you'll see a one more product soon (it will be 100% free). :)
 
smtalk,

good to hear that!

a dumb question (to all?), is ASSP possible to be run on a standalone box and act as a spam gateway, scanned and clean emails will be forwarded back to the backend server?
 
I dont see why not. Messages are move to port 125 which would be your incoming DA box but i dont see the necessity of running it on a separate box as its not resource hungry like all the other spam solutions are.
 
I've asked this before and so far no one has responded; what does ASSP do that SpamBlocker doesn't do?

Exim is quite configurable, and I have a feeling all the necessary code can be done in the exim.conf file without adding another complete program to run before exim.

(One of the major spamblocking third-party companies out there runs entirely in exim with no other addons).

Jeff
 
Tell us what Spamblocker does do then we can tell you what is doesnt do compared to ASSP.
 
Runs lots of checks on how the server sends mail, is helo configured properly, etc.

Then it runs lots of blocklists.

Then it runs mail through ClamAV and refuses to accept it if it contains a virus.

Then it accepts the email.

Then, depending on configuration, it runs emails through SpamAssassin.

(See the SpamBlocker3 eixm.conf file for more info.)

The next beta (we're working on it this week) will also allow nolisting first (that seems to get rid of 75% to 80% of the spam, then greylisting (we don't know how effective it'll be; we haven't tried it yet). And if we can figure out how to do it and still keep all the functionality that DA has for user-level SpamAssassin, we'll run SpamAssassin during smtp body dialog so we can refuse email based on SA score.

All this without having to have anything else running.

What else does ASSP do?

Thanks!

Jeff
 
Status
Not open for further replies.
Back
Top