Enhance Your Mail Server With ASSP (Anti-Spam SMTP Proxy)
Installing ASSP on a Server that runs Postfix e.g.
I assume that we install on a fictional server example.com with the ip address
123.123.123.123 that you substitute for your setting.
What is ASSP?
ASSP stands for Anti-Spam SMTP Proxy.
From the wiki :
"The ASSP server project is an Open Source platform-independent transparent SMTP proxy server that leverages numerous methodologies and technologies to both rigidly and adaptively identify spam. This web site's domain name, "ASSPSMTP", is the common name used for the daemon or service running ASSP."
http://assp.sourceforge.net
http://www.asspsmtp.org
In short ASSP is the most kickass solution that is both free and works great. It reduced spam to an absurd minimum for me.
The current solutions (Spamassassin,Razor,Pyzor,Dcc) were not enough for my situation. This software works from the port 25 on a system. and stop spam where it enters your system.
It learns so after the first week of operation it gets better and better. It also comes with a nice interface to quickly adapt your setup. It really pays to understand all the ins and out of email filtering so your one step ahead of the one that try's to send you unsolicited or undesired bulk electronic messages also known as SPAM.
Install some Perl modules first:
Compress::Zlib NEEDED - Standard Perl installation
Digest::MD5 NEEDED - Standard Perl installation
Email::Valid OPTIONAL, BUT ADVISED
File::ReadBackwards OPTIONAL, BUT ADVISED
Mail::SPF::Query OPTIONAL
Mail::SRS OPTIONAL
Net::DNS NEEDED TO RUN RBL, SPF and 1.2.X
Sys::Syslog OPTIONAL
Net::LDAP OPTIONAL :: NEEDED IF YOU RUN LDAP
Time::HiRes NEEDED - Standard Perl installation
Install the following modules like this:
perl -MCPAN -e shell
install Compress::Zlib
install Digest::MD5
install Email::Valid
install File::ReadBackwards
install Mail::SPF::Query
install Mail::SRS
install Net::DNS
install Sys::Syslog
install Net::LDAP
install Time::HiRes
q (to leave the Perl shell)
Now lets install ASSP:
cd /usr/src/
First get it.
wget -c http://surfnet.dl.sourceforge.net/sourceforge/assp/ASSP_1.2.5-Install.zip
wget -c http://surfnet.dl.sourceforge.net/sourceforge/assp/ASSP_1.2.5_Rev.2-Update.zip
Now unpack it.
unzip ASSP_1.2.5-Install.zip
unzip ASSP_1.2.5_Rev.2-Update.zip
Make some preparations.
mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam
And put it in place.
mv -f assp.pl ASSP
mv -f ASSP/* /usr/share/assp
Remove the leftovers if your done reading it.
rm -fr ASSP_1.2.5* changelog.txt Install.txt __MACOSX/ README.txt
Set some sane permissions:
chown -R 0.0 /usr/share/assp
Go there and start it up for the first time.
cd /usr/share/assp
perl assp.pl
Now point a browser to:
http://example.com:55555
and log in with any name and the password nospam4me.
So here we are in the land of the many possibilities.
You might wand to use the TestModeOptions so everything passes tru but the database gets populated, after a while you uncheck the options and rebuild your filter. Every thing is now in full swing.
Tell assp to listen to 123.123.123.123:25 and forward to localhost:25.
Network Setup
SMTP Destination 127.0.0.1:25 The internal Postfix
V As a Daemon Check the box
Listen Port 123.123.123.123:25 The spam proxy
Web Admin Port xxxx A non default number
Relaying
Local Domains* example.com|anotherexample.com
Security
Web Admin Password newpasword
You can use a file with Local Domains like file:Local_Domains.txt ISPConfig users might wand to extract this from /etc/postfix/local-host-names
Like:
cat /etc/postfix/local-host-names | grep -v \# > /usr/share/assp/Local_Domains.txt
Now we tell postfix to only accept connections from our proxy.
Edit /etc/postfix/master.cf
Change :
smtp inet n - n - - smtpd
to:
localhost:smtp inet n - n - - smtpd
Restart postfix:
/etc/init.d/postfix restart
Yes it was that easy!!
Now lets start things automagicly. This can be pasted to get the file!
cat > /etc/init.d/assp << "EOF"
#!/bin/sh -e
# Start or stop ASSP
#
# Ivo Schaap <[email protected]>
PATH=/bin:/usr/bin:/sbin:/usr/sbin
case "$1" in
start)
echo -n "Starting the Anti-Spam SMTP Proxy"
cd /usr/share/assp
perl assp.pl
;;
stop)
echo -n "Stopping the Anti-Spam SMTP Proxy"
kill -9 `ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'`
;;
restart)
$0 stop || true
$0 start
;;
*)
echo "Usage: /etc/init.d/assp {start|stop|restart}"
exit 1
;;
esac
exit 0
EOF
Set the permissions.
chmod 755 /etc/init.d/assp
and add it to the default runlevel.
update-rc.d assp defaults
Here is a treat for logcheck users.
cat > /etc/logcheck/ignore.d.server/assp << "EOF"
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ assp\[[0-9]+\]: *
EOF
Now you get mail what the heck is going on.
Have fun with all the options and after a week rebuild the bayes database. Check the directories /usr/share/assp/spam and nospam for wrong entries, if good mail ends up in the spam directory please move it to the nospam directory and vice versa. After that do:
cd /usr/share/assp && perl rebuildspamdb.pl
It helps to at least read the documentation that ship with this package:
ASSP Documentation.htm
Regular Expression Tutorial.htm
This is it, now your mailserver is really perfect and eats Spam for breakfast ;)
Ovis
