Introduction
The Anti-Spam SMTP Proxy (ASSP) server project is an Open Source, Perl based, platform-independent transparent SMTP proxy server available at SourceForge.net that leverages numerous methodologies and technologies to both rigidly and adaptively identify e-mail spam. ASSP is easy to set up because it requires only minor changes to the configuration of your Mail Transfer Agent
Features
Some ASSP's features are:
- Bayesian analysis
- Penalty Box (PB) trapping
- DNSBL/RBL (Realtime Blackhole Listing)
- URIBL (Uniform Resource Identifier Black Listing)
- Multi-level SPF (Sender Policy Framework) validation and blocking
- SRS (Sender Rewriting Scheme) fix-up
- Session Delaying/Greylisting) and connection response delaying
- Sender validation and recipient validation
- Multi-level attachment blocking (based on block lists or allow lists)
- As well as multiple RFC validation mechanisms.
Installation
This installation assumes that you are running sendmail and that you are going to run ASSP on the same machine. You can most likely adapt this to other mail servers and configurations relatively easily.
Installation is relatively straight forward as most packages on FreeBSD are. Go to /usr/ports/mail/assp/ and run a sudo make config. I recommend the following configuration:
......................................................................
. Options for assp 1.5.1.2_3 .
. .................................................................. .
. . [X] EMVALID RFC822 recipient address validator . .
. . [ ] LDAP LDAP validation of recipient addresses . .
. . [X] SPF SPF validation of client IP . .
. . [X] SRS Sender Rewriting Scheme . .
. . [X] SEND Resending .eml files . .
. . [X] FBACKW File Reading Backwards . .
. . [X] ZLIB HTTP Header Compression on Admin Interface . .
. . [X] CLAMAV ClamAV virus scanner . .
. . [X] DNSBL DNS block list checking . .
. . [ ] MYSQL Use MySQL db to store white/red/delaylists . .
. . [X] MATCHRE Match IP ranges and CIDR blocks in lists . .
. . [X] SENDERB Country Code checks . .
. . [X] MIMEMOD Multiple Attachement detection . .
. . [X] SSL SSL secure sockets support . .
. . [ ] IPV6 IPv6 sockets support . .
......................................................................
. [ OK ] Cancel .
......................................................................
Run a sudo make install clean. This installs all the necessary files and dependencies. Edit /etc/rc.conf and add assp_enable="YES". You can now start up assp as such:
sudo /usr/local/etc/rc.d/assp start
At this point, you will want to open a browser to http://localhost:55555 and log in using a blank username and
Network Setup # # SMTP Session Limits # # Testmode / SPAM Control # # SPAM Lover/Hater # # No Processing # # Whitelisting/Redlisting # whiteListedIPs -- Whitelisted IPs*: 71.252.219.43|127.0.0.1 (Default: ) # Relaying # # Recipients # sendAllAbuseNP -- Skip Spam Checks for Abuse Catchall: On (Default: Off) # Validate Helo # DoFakedLocalHelo -- Block Forged Helos: score (Default: block) DoValidFormatHelo -- Validate Format of HELO: monitor (Default: score) DoInvalidFormatHelo -- Invalidate Format of HELO: monitor (Default: block) # Validate Sender # DoPTRCheck -- Reversed Lookup: score (Default: disabled) # IP Blocking # # SenderBase # # PenaltyBox # DoPenaltyMessage -- Message Scoring: monitor (Default: block) PenaltyMessageBlock -- High MessageLimit: 75 (Default: 50) PenaltyLimit -- Penalty Limit: 75 (Default: 50) # Delaying/Greylisting # # SPF/SRS # # DNSBL # # URIBL # # Attachment Blocking # # ClamAV and FileScan # UseAvClamd -- Use ClamAV: On (Default: Off) # Regex Filters / Spambomb # DoBombHeaderRe -- Use BombHeader Regular Expressions on Header Part: score (Default: block) DoBombRe -- Use Bomb Regular Expressions: score (Default: block) # Bayesian Options # # Block Reporting # # Email Interface # # File Paths # # Copy Spam/Ham # # Collecting # MaxBytes -- Max Bytes: 250000 (Default: 8000) StoreCompleteMail -- Store the Complete Mail: up to 10 MByte (Default: 1) # Logging # # LDAP Setup # # DNS Setup # DNSServers -- DNS Name Servers: 71.252.219.43|68.238.112.14 (Default: 208.67.222.222|208.67.220.220) # Server Setup # webAdminPassword -- Web Admin Password: XXXXXXXXXXXXX (Default: nospam4me) EnableHTTPCompression -- Enable HTTP Compression in GUI: On (Default: Off) IndexSlideSpeed -- Sliding Speed of the Alpha Index Menu Panel in GUI: no slide (Default: normal) # Rebuild Options #
When you are ready, you will want to move sendmail to an alternative port, such as port 125. You can edit your /etc/mail/hostname.mc file and update the following line:
DAEMON_OPTIONS(`Port=125, Name=MTA')dnl DAEMON_OPTIONS(`Name=NoMTA, Port=125, Addr=127.0.0.1, M=EA')dnl
Then update your configs and restart sendmail:
sudo make install restart sudo /usr/local/etc/rc.d/assp restart
You should now be able to telnet to both port 25 and port 125 on your local machine. You will want to send a LOT of test emails from different sites to verify that emails are being received correctly. Hopefully all goes as well and smoothly as it did for me.