HOWTO: ASSP (beta)

[pucky]

Runs lots of checks on how the server sends mail, is helo configured properly, etc.

Then it runs lots of blocklists.

Then it runs mail through ClamAV and refuses to accept it if it contains a virus.

Then it accepts the email.

Then, depending on configuration, it runs emails through SpamAssassin.

(See the SpamBlocker3 eixm.conf file for more info.)

The next beta (we're working on it this week) will also allow nolisting first (that seems to get rid of 75% to 80% of the spam, then greylisting (we don't know how effective it'll be; we haven't tried it yet). And if we can figure out how to do it and still keep all the functionality that DA has for user-level SpamAssassin, we'll run SpamAssassin during smtp body dialog so we can refuse email based on SA score.

All this without having to have anything else running.

What else does ASSP do?

Thanks!

Jeff

Get rid of SA. ASSP will not work properly with SA and its not needed with ASSP. SA + SPAMD is a complete waste of resources anyway.

 

[nobaloney]

The problem I have with removing SpamAssassin is that some people want to filter email that makes it through blocklists.

Since the SpamBlocker exim.conf file comes with SpamAssassin turned off, I don't see your point.

You, as others, push ASSP without pointing out any differences between what it does and what SpamBlocker (a simple set of rules inside a working exim.conf file) already does and will do in the future.

Do you really expect everyone to make use of a non-documented change to as important a feature as email?

What is it about ASSP that makes it a religious argument rather than a documentable change? Why can't I get a simple answer to my simple question: what is it that ASSP does that SpamBlocker3 doesn't do?

Jeff

 

[Heuveltje]

We are working with Alaksandr Kuzko, a man who has written "ASSP eXtended - WHM addon with cPanel interface" for cPanel. We are writing an installer for DirectAdmin and maybe you'll see a one more product soon (it will be 100% free).

To be continued?

 

[Curtis]

I just tried version 1.2.6 and it's okay.
But when I installed version 1.3.1
there's return message shown:
PERM_FAILURE: SMTP Error (state 9): 530 Relaying not allowed

I have changed the localDomains to localDomains:=file:../../../etc/virtual/domains and
error message incomplete transaction (QUIT) shown in /var/log/exim/mainlog

Please advice. Thanks

 

[SultanHost.com]

ASSP X for DA

Just registered to say that ASSP X for DA is not forgotten.

There are several changes made for ASSP X to become multi-controlpanel and step by step we will release ASSP X which will be compatible with DA.

Don't like to introduce half-made version - it will definitely be complained

Btw, what are the best way to collect necessary perl modules and ship them with ASSP X?

In cPanel it was very easy to use their perlinstaller script which auto-install files from CPAN. Has DA anything like this? Your input is highly appreciated and it definitely will speed up the process!

 

[smtalk]

I don't think so, pucky Why the product couldn't have any alternatives? I love free scripts and I create them. If you think you can do that better (paid alternative) - you're welcome

 

[nobaloney]

Why dont you concentrate on cpanel. We have already finished the entire interface for ASSP on DA so your wasting your time.

These forums are not the place to argue a distribution model.

Enough said.

Jeff

 

[pucky]

These forums are not the place to argue a distribution model.

Enough said.

Jeff

Then close the thread. What i stated was the absolute truth. I know, they dont like to hear it but what the hell thats how that went. This place should be an open forum where people can discuss these things.

This SMTalk character, i don t care how he is or isnt assocated with DA, is a sly dude. He tried to pump me for all the information necessary to get ASSP working then he turned around and contacted the other guy to build ASSP interface for DA. After i gave him so much information including files. But i got smart and saw where he was coming from. What a joke!

 

[nobaloney]

You were the first person to argue the distribution model. Why should the thread be closed?

Jeff

 

[nobaloney]

Martynas,

Can you please write up a simple flow-chart on how ASSP works with exim and with exim.conf, to go along with your How-To? I'd like to understand it a bit better.

Thanks.

Jeff

 

[pucky]

Martynas,

Can you please write up a simple flow-chart on how ASSP works with exim and with exim.conf, to go along with your How-To? I'd like to understand it a bit better.

Thanks.

Jeff

LOL, you mean after i supplied the information for him via PM and gave him download files to use? Your asking the wrong person. He didnt have a clue but he calls himself an expert. He tured the other way too after i supplied my code, encrypted. That he didnt like. Im not about to give out unencrypted code. Who does? Give me a break.

 

[nobaloney]

I don't know what code you're writing about, pucky. I'm asking about the top post in the thread; the How-To. I want to be able to consider using ASSP in SpamBlocker exim.conf.

For better or worse, right now the default exim.conf file for DA comes from me. So I want to look at all options.

What encrypted code are you writing about?

Jeff

 

[smtalk]

pucky, why you're lying? Firstly, I taked to you only for cooperation with ASSP for DirectAdmin, open source and free. You sent me closed source files - I didn't like that, so I've created few by myself. Also, about the exim.conf file - you just copied it from the ASSP X for c*anel, exactly from that person who is writing here (sultanhost.com). I don't like paid and closed source products - create them by yourself and sell them too. You didn't help me.

 

[SultanHost.com]

ASSP X for DA is on its way so it doesn't matter that someone else wish to release similar commercial product as well. We not earn from ASSP X and not mind that someone tries to earn from his own product

To jlasman:
Actually just several changes should be done at exim.conf. Most important are:
local_interfaces = 127.0.0.1
daemon_smtp_ports = 125

Of course, when ASSP enabled all SpamAssassin functionality should be removed/disabled from exim.conf.

I attach exim.conf which we ship as recommended for ASSP X for cPanel, you may review it and let me know how to proceed to better integrate with DA and its philosophy.

P.S. To offer spambox functionality some additional exim perl functions are required with two more transports. I attach what we use on cPanel and what we may alter to use with DA. Your input is appreciated.

 

[nobaloney]

To jlasman:
Actually just several changes should be done at exim.conf. Most important are:
local_interfaces = 127.0.0.1
daemon_smtp_ports = 125

Of course, when ASSP enabled all SpamAssassin functionality should be removed/disabled from exim.conf.

I attach exim.conf which we ship as recommended for ASSP X for cPanel, you may review it and let me know how to proceed to better integrate with DA and its philosophy.

Except that no one has yet written what ASSP does, why it's better than SpamAssassin, and why anyone should use it.

Nor has anyone written the flow chart.

Until I see both I'm not going to change the exim.conf I wrote to use it.

I may or may not ever find time to understand it, without help, myself; if you know the answers, if you know WHY you're using ASSP instead of SpamAssassin, I'd like to know that as well.

Otherwise I'm about to release SpamBlocker3 with SpamAssassin, not ASSP.

And once SpamBlocker3 is released it'll most likely be at least a year before SpamBlocker4 is released, if ever.

All I'm asking for is a quick understanding.

Why would I want a copy of the CPanel product? Is there something it does for me if I don't have a copy of CPanel?

I presume you realize that I'm not the only one that can look at your attachments. If you didn't mean for everyone to get them you should probably edit your post and delete the attachments.

In fact I may be the only one who's not looking at your attachments. Unless I understand why I should consider ASSP, I don't see why I should look at how it works. It doesn't really matter until I decide i should consider using it.

And no, I'm not picking on you. Years ago, studying journalism, I learned that the most important parts of any story are:

Who, What, Where, When, Why, and How

Open source projects are notoriously short on the Why and on the How. I just don't understand anything about this project except that you and Martynas both want to see a free version of it and that pucky wants to see a commercial version of it. No reasons why. And no information on how it works.

Please correct that oversight.

Thanks!

Jeff

 

[SultanHost.com]

There are a lot of reasons why we switched all our servers to ASSP.

One of them is ability to enable/disable any chosen filter (RBL, SPF, SRS, Delaying, Invalid emails, Bayesian, etc.) on server side and on domain side. It is what makes big difference. It is what allows customers to do it on their own (if they wish so, of course). For example you as admin not allow SPF failed messages. But one of your customers wish to receive such emails - he disable SPF filter for his domain(s) and it is done. There are also customers who wish to receive all mails, including spam messages. Such customers enable Not processing for their domains and skip all ASSP tests.

Second is straight (auto)whitelisting procedure which allows customers to communicate with their business partners without worrying about lost emails. Whitelisted senders/recipients are not being blocked.

Third - while ASSP itself is single-threaded it in fact process messages with all filters turned ON faster than Exim with SpamAssassin. As ASSP blocks most spam messages on SMTP level it cut the overall load.

Fourth - ASSP is easy to manage unlike SpamAssassin which may fail with specific perl version, etc. (ASSP is also perl-based, but we not yet seen versions which were stalled on older perl releases).

I'm not (yet) understand concepts of SpamBlocker(1,2,3) - is it optional module or it is bundled with DA? If second - of course, we need to work with you to allow ASSP to be optionally included in your SpamBlocker3!

Hope it allows you at least to understand why we have switched to ASSP from SpamAssasin.

 

[pucky]

Except that no one has yet written what ASSP does, why it's better than SpamAssassin, and why anyone should use it.

Nor has anyone written the flow chart.

Until I see both I'm not going to change the exim.conf I wrote to use it.

I may or may not ever find time to understand it, without help, myself; if you know the answers, if you know WHY you're using ASSP instead of SpamAssassin, I'd like to know that as well.

Otherwise I'm about to release SpamBlocker3 with SpamAssassin, not ASSP.

And once SpamBlocker3 is released it'll most likely be at least a year before SpamBlocker4 is released, if ever.

All I'm asking for is a quick understanding.

Why would I want a copy of the CPanel product? Is there something it does for me if I don't have a copy of CPanel?

I presume you realize that I'm not the only one that can look at your attachments. If you didn't mean for everyone to get them you should probably edit your post and delete the attachments.

In fact I may be the only one who's not looking at your attachments. Unless I understand why I should consider ASSP, I don't see why I should look at how it works. It doesn't really matter until I decide i should consider using it.

And no, I'm not picking on you. Years ago, studying journalism, I learned that the most important parts of any story are:

Who, What, Where, When, Why, and How

Open source projects are notoriously short on the Why and on the How. I just don't understand anything about this project except that you and Martynas both want to see a free version of it and that pucky wants to see a commercial version of it. No reasons why. And no information on how it works.

Please correct that oversight.

Thanks!

Jeff

Jeff

There are more way to skin a cat, not just Spamblocker or whatever you call it. Basically just a exim.conf, nothing speical about it really. I know you think you worked on it all that hard but to be quite honest with you, what you provide in exim.conf is nothing out of the ordinary to what exim.conf default offers and what i offered on The Planet forums for the past 5yrs, my own version of exim.conf btw. I mentioned this the first time i every layed eyes on your version and stated that it looked like a copy of many other versions, with some enhancements.

Why you should try ASSP? Many reasons. Instead of asking all these questions whats stopped you from installing it on your own server? Come on. Are you in for the ride or not? Your a self professed professional arn't you? Then why are you finding it so difficult to make a change and to test something that may be 100% better than what is currently available? Fear of chance? Your getting old or is that only your avatar?

Flowcharts? Nobody does those anymore. Its so late 80' early 90's. Want to understand the flow? Install it on your box and spend countless hours watching the flow like we have.

 

[nobaloney]

I'm not (yet) understand concepts of SpamBlocker(1,2,3) - is it optional module or it is bundled with DA? If second - of course, we need to work with you to allow ASSP to be optionally included in your SpamBlocker3!

SpamBlocker is my name for the exim.conf file I wrote for my own use, donated to the community, and then smiled when the DirectAdmin staff decided to install it into Directadmin.

So yes, it's installed into DirectAdmin. And it already includes a lot of rules that are similar to those used by ASSP.

Does it allow each site user (domain) to select from specific RBLs? Or just using RBLs or not? Does it allow the kind of local-blocklist use I've built into SpamBlocker? Does it allow custom rulesets based on local filters?

Hope it allows you at least to understand why we have switched to ASSP from SpamAssasin.

Yes, and hopefully as more questions get answered I'll understand why we should set up another daemon on our servers instead of just writing the rules into exim.conf, which seems a lot more efficient to me, since exim is very capable and very flexible when it comes to rulesets.

Jeff

 

[nobaloney]

There are more way to skin a cat, not just Spamblocker or whatever you call it.

You know very well what I call it; are you trying to defame my donation to the community? It's been around and working well for years while other are still arguing about having something eventually to integrate ASSP into DA.

Basically just a exim.conf, nothing speical about it really.

Which is actually what I've always said it was. Never did I say it was anything else.

I know you think you worked on it all that hard but to be quite honest with you, what you provide in exim.conf is nothing out of the ordinary to what exim.conf default

Except that when I wrote it the default exim.conf for Exim4 was still the Exim3 exim.conf file, converted by a conversion script. And it still accepted mail first, and then if there was no user by that name, it tried to send the email back, instead of blocking the mail because the user didn't exist.

The fact is that I've worked with others on the exim mailing list for some time, both on the list and off, and we've all shared many of the same ideas, many of which are now in the default file. That's what open source is all about.

I really don't care if you like or don't like my exim.conf file, or even if you use it or not, or even when it comes down to it, if DirectAdmin includes it by default or not; I originally wrote it myself, because at that time the default script didn't work (it was an open relay under certain circumstances and by sending back emails to forged senders it turned your DA box into a spammer).

I'm happy with the control it gives me.

offers and what i offered on The Planet forums for the past 5yrs, my own version of exim.conf btw. I mentioned this the first time i every layed eyes on your version and stated that it looked like a copy of many other versions, with some enhancements.

In other words you tried to downplay it's value over the previous default script without offering to supply yours instead. What's your problem?

Why you should try ASSP? Many reasons. Instead of asking all these questions whats stopped you from installing it on your own server?

That I have no idea how it does what it does, and really, not even what it does. Where's a page where I can learn about it? Show me one. Thanks.

Come on. Are you in for the ride or not? Your a self professed professional arn't you? Then why are you finding it so difficult to make a change and to test something that may be 100% better than what is currently available? Fear of chance?

Fear of change? No. I just don't see why I should run another daemon if there's no reason to. I know that exim is fairly secure against hacks, I know nothing of the sort about ASSP, and you're telling me I should trust it and run it in front of exim without giving me any reasons why. Yeah, I know you think you've given me reasons, but you haven't. You haven't told me what it can do that I can't write into SpamBlocker.

SultanHost.com writes that individual users can set it up to use or not use specific filtersets, but no one has yet answered my questions as to how that gets done. Is there a separate interface? A plugin for DirectAdmin? Why is it so hard to answer my questions?

It's really simple, exim and exim.conf give me a lot of flexibility, and a lot of control, and a lot of security. I still haven't seen any of these from anyone about ASSP, even though I keep asking.

Your getting old or is that only your avatar?

Wise guy. That's not my avatar, that's my photo. It was taken in the 50s, if I recall correctly . While I do get a haircut once a year or so, that's a pretty good depiction of me; ask anyone why's met me. (I've given up heavy coats since I've moved to the California desert.)

Flowcharts? Nobody does those anymore. Its so late 80' early 90's. Want to understand the flow? Install it on your box and spend countless hours watching the flow like we have.

If my time wasn't worth anything I probably would. I shouldn't have to, since the authors probably know how it works.

I created a flowchart to understand the original exim.conf file, and one for SpamBlocker2 (I didn't do one for SpamBlocker1) and one for SpamBlocker3. And I didn't do it with any special software, but rather with paper, and #2 pencils. The flowcharts were quite simple, because in general exim.conf programs very simply, kind of like a BASIC program with gotos. I guess I am oldfashioned, but it saved me a lot of time in understanding how I and where I wanted to put things.

As it stands I probably will download it and look at it so I can figure out how to do the same thing within the exim.conf file, and not need to run a separate daemon.

In the meantime you can certainly ask DA staff to add another daemon to run in front of exim. They may decide to do so and that'll give me a lot more free time .

Jeff

 

[nobaloney]

I attach exim.conf which we ship as recommended for ASSP X for cPanel, you may review it and let me know how to proceed to better integrate with DA and its philosophy.

I've decided to look at these but I need to know which I need. All of them?

Are some of them includes?

Thanks.

Jeff