Got ASSP installed and running. Right now I have it listening on port 1025, and have the destination set to 25. I'm don't feel ready to let it answer on port 25 yet.
When I telnet to 127.0.0.1 1025, mailenable responds. I was expecting ASSP to respond. I know ASSP is listening on 1025 because if I stop the service, I can't telnet to that port number.
I've scoured the configuration pages, but don't see anything that leads me to know what's going on. It's very odd. I've tried googling my question, but I guess I'm not wording it right.
Any help is appreciated.
btw, my main goal with ASSP is to authenticate incoming mail against the auth.tab file, turn on greylisting, and add a prefix to the subject of any spam coming through.
ASSP - Setup question
-
- Posts: 844
- Joined: Mon Dec 05, 2005 7:51 am
- Location: Canada
ASSP runs transparent. If ASSP is listening on port 1025 and then connecting to MailEnable... the answer you will get will be MailEnable's answer.
Basically ASSP receives your request... calls ME, receives ME's response and then sends that response to you.
In ASSP's config there is a line that says
Basically ASSP receives your request... calls ME, receives ME's response and then sends that response to you.
In ASSP's config there is a line that says
If you check that box, it will allow ME to do all the authentication for you. That is how my config is setup.Skip Local Domain Check (nolocalDomains)
Do not check relaying based on localDomains. Let the mailserver do it
Chase
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9
Thanks for the quick response. Much appreciated. I'm in no hurry, but it's nice to be able to keep on it.
In this post:
http://forum.mailenable.com/viewtopic.p ... light=assp
You say:
But if ME is responding to every connection, how is there any improvement? And how can ASSP sort out the mail before ME sees it?
The setup I pictured was ASSP takes the connection, verifies the addresses and authentication via the auth.tab and/or address-map.tab files. Scans the email, tags it or moves it, etc etc. Then once it's done with it, passes it on to ME.
In this post:
http://forum.mailenable.com/viewtopic.p ... light=assp
You say:
I've also seen comments from people in other posts about the smtp connector running more stable, processor consumption being down, etc etc.It runs in front of your ME installation and sorts out the mail before it ever reaches ME.
But if ME is responding to every connection, how is there any improvement? And how can ASSP sort out the mail before ME sees it?
The setup I pictured was ASSP takes the connection, verifies the addresses and authentication via the auth.tab and/or address-map.tab files. Scans the email, tags it or moves it, etc etc. Then once it's done with it, passes it on to ME.
-
- Posts: 844
- Joined: Mon Dec 05, 2005 7:51 am
- Location: Canada
Yes the SMTP connector is more stable
Yes there is WAY lower CPU usage
Basically ASSP sees the message and does a quick AUTH lookup with ME (aside from the .TAB files) then it runs the message thru a battery of tests to make sure it is not spam. If the message passes the test, it is then sent on to ME where you dont need to be doing double scanning (URLBL, SPF, Greylist, Virus, etc). Also since ME is only receiving connections on valid messages, it does not have to do so much work.
The reason ASSP doesn't directly use the .TAB files is because it is designed to run on various email servers (not just ME). Another way to do AUTH lookup is to manually type in all of your valid domains in ASSP. This works, however is not at total AUTH, but just a general idea... it also means that every time you add a new domain, you have to login and add the entry.
My server processes an average of 30,000 emails a day with an average CPU usage of 2-5 %. (P4 3.0, 2GB Ram)
Yes there is WAY lower CPU usage
Basically ASSP sees the message and does a quick AUTH lookup with ME (aside from the .TAB files) then it runs the message thru a battery of tests to make sure it is not spam. If the message passes the test, it is then sent on to ME where you dont need to be doing double scanning (URLBL, SPF, Greylist, Virus, etc). Also since ME is only receiving connections on valid messages, it does not have to do so much work.
The reason ASSP doesn't directly use the .TAB files is because it is designed to run on various email servers (not just ME). Another way to do AUTH lookup is to manually type in all of your valid domains in ASSP. This works, however is not at total AUTH, but just a general idea... it also means that every time you add a new domain, you have to login and add the entry.
My server processes an average of 30,000 emails a day with an average CPU usage of 2-5 %. (P4 3.0, 2GB Ram)
Chase
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9
Ok, been watching it for a while, it's making more sense now. ASSP passes the telnet session commands on to ME (thus the "transparent proxy" portion that i couldn't get through my head), and if ME accepts the sender and/or recipient it then scans the message before passing it to ME. I like it because I can still use my ME logs to track things down. Although it's kind of frustrating to see only the 192.168.x.x ip address instead of the sending servers public ip, but i know i can get that from the assp logs if i really need it.
I do have another question though, I don't think it needs to be on a different thread since it still pertains to setup.
I've got all my mail going through ASSP now. It's basically just adding the header info, not blocking anything. I'm still using the ME bayesian filter for now.
I have two new filters set up in ME. One checks for "X-Assp-Spam: YES", and if found, forwards the email to assp_spam@mydomain.com. The other checks for a 60% probability on the ME bayesian header and forwards the email to me_spam@mydomain.com. allows me to do a comparison of the two.
ASSP is a bit ahead of the ME filter right now. However, I've still found spam that ME has caught, but ASSP has missed. I look at the header info, and it's quite confusing.
for example, a typical header from something assp tagged as spam:
I do have another question though, I don't think it needs to be on a different thread since it still pertains to setup.
I've got all my mail going through ASSP now. It's basically just adding the header info, not blocking anything. I'm still using the ME bayesian filter for now.
I have two new filters set up in ME. One checks for "X-Assp-Spam: YES", and if found, forwards the email to assp_spam@mydomain.com. The other checks for a 60% probability on the ME bayesian header and forwards the email to me_spam@mydomain.com. allows me to do a comparison of the two.
ASSP is a bit ahead of the ME filter right now. However, I've still found spam that ME has caught, but ASSP has missed. I look at the header info, and it's quite confusing.
for example, a typical header from something assp tagged as spam:
Lot's of assp info. Now here's one with very little assp info:Received: from 9d24acb8325c4e7 ([192.168.1.10]) by mydomain.com with MailEnable ESMTP; Mon, 07 Jul 2008 08:40:35 -0400
Received: from 9d24acb8325c4e7 ([122.136.187.217] helo=9d24acb8325c4e7) by
ASSP.nospam; 7 Jul 2008 08:40:32 -0400
Content-Return: allowed
X-Mailer: devMail.Net (3.0.1854.22234-2)
Return-Path: <dixon@dremrich.com>
Message-Id: <20080707164500.3220.qmail@9d24acb8325c4e7>
To: <dixond@mydomain.com>
Subject: ***ME-SPAM***Dear dixond@mydomain.com SALE 89% 0FF on Pfizer
From: VIAGRA ® Official Site <dixond@mydomain.com>
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Assp-Re-Red: bounce
X-Assp-Score: 20 (ValidHelo)
X-Assp-Score: 20 (InvalidHelo)
X-Assp-Score: 20 (PTRmissing)
X-Assp-Spam-Level: ************
X-Assp-Tag: MessageLimit
X-Assp-Envelope-From: dixon@dremrich.com
X-Assp-Version: 1.3.3.8()
X-Assp-Redlisted: Yes
X-Assp-Spam: YES
X-Assp-Block: NO (Testmode)
X-Assp-ID: 4433c2457
X-Assp-Spam-Reason: Message Limit
X-Assp-Totalscore: 60
X-Assp-Score: 20 (bombSuspiciousRe)
X-Assp-Re-Suspicious: Unsubscribe
X-ME-Bayesian: 100.000000
X-ME-Spam: Low (45)
X-ME-Content: Deliver-To=Junk
The second one seems to have done a completely different test on the email. Any insight on this would be much appreciated.Received: from mail2.ai.org ([192.168.1.10]) by mydomain.com with MailEnable ESMTP; Mon, 07 Jul 2008 09:01:19 -0400
Received: from mail2.ai.org ([208.40.244.182] helo=mail2.ai.org) by
ASSP.nospam; 7 Jul 2008 09:01:19 -0400
Received: from exchange01.ai.org (localhost [127.0.0.1])
by mail2.ai.org (Spam Firewall) with ESMTP id 3070C3939F5
for <jradams@mydomain.com>; Mon, 7 Jul 2008 09:05:18 -0400 (EDT)
Received: from exchange01.ai.org (exchange01.ai.org [10.8.49.45]) by mail2.ai.org with ESMTP id cAqs9UsvOExHgf8l (version=TLSv1 cipher=RC4-MD5 bits=128 verify=NO) for <jradams@mydomain.com>; Mon, 07 Jul 2008 09:05:17 -0400 (EDT)
Received: from app03.ai.org (10.8.51.73) by exchange01.ai.org (10.8.49.45)
with Microsoft SMTP Server id 8.1.278.0; Mon, 7 Jul 2008 09:05:15 -0400
Received: from app03 (localhost [127.0.0.1]) by app03.ai.org (Postfix) with
ESMTP id 88AA010ECF for <jradams@mydomain.com>; Mon, 7 Jul 2008 09:05:15
-0400 (EDT)
Message-ID: <27252776.1215435915528.JavaMail.noaccess@app03>
From: <webmaster@www.IN.gov>
To: jradams@mydomain.com
Subject: SOS Bus. Entity Search Receipt
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 7bit
Date: Mon, 7 Jul 2008 09:05:15 -0400
X-Assp-Received-DNSBL: pass
X-Assp-Received-URIBL: pass
X-Assp-Envelope-From: webmaster@www.IN.gov
X-ME-Bayesian: 95.044813
X-MEFilter: 1
Return-Path: <>
-
- Posts: 844
- Joined: Mon Dec 05, 2005 7:51 am
- Location: Canada
Sorry, I don't know if I can answer that question, maybe Paarlberg or BrandywineITS can chime in...
Here is another thread that might give some insight.
http://forum.mailenable.com/viewtopic.php?p=60474#60474
Here is another thread that might give some insight.
http://forum.mailenable.com/viewtopic.php?p=60474#60474
Chase
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9
Server 2008 Standard (x64)
ME Ent 6.51 (SQL Server 2008 Config)
ASSP 1.9