Page 1 of 3 123 LastLast
Results 1 to 15 of 31
  1. #1
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,627

    Howto: ASSP installation in CPanel

    What is ASSP? ASSP is an Anti-Spam SMTP Proxy . The homepage can be found here. ASSP is a lightweight daemon that can filter mail based on various things such as SPF, RBLs, Bayesian word lists, as well as blocking email addresses from getting mail, or having mail filtered.
    This tutorial will walk you through getting the admin interface for CPanel setup for ASSP. Currently, a paid user interface can be obtained here (note that I am in no way affiliated with, nor have I tried to use this UI, I am just offering the link to those that might find it useful)

    Firstly, the setup:
    You will need to activate Cpanel PRO (pro.cpanel.net/activate) for your server in order for this to fully work. This activation is currently free. Simply go to the previous mentioned URL and enter your IP address if you have not done so already.
    Once you have activated CPanel PRO, go into whm->addon modules and check clamav connector, then click on "save". This will install clamav for you to use
    Once you have done THIS, go to whm->service manager and UNcheck spamd (it is no longer necessary with ASSP), and again click on save/submit. Note that this IS optional, however the purpose of ASSP is to defeat spam before it GETS to SpamAssassin.
    Once you have done THAT, go into whm -> tweak settings and uncheck SpamAssassin and BoxTrapper mail.

    Secondly, the requirements:
    ASSP needs certain perl modules established To install these, simply login (as root) to your server, and type the following
    Code:
    /scripts/perlinstaller --force Compress::Zlib
    /scripts/perlinstaller --force Email::Valid
    /scripts/perlinstaller --force File::ReadBackwards
    /scripts/perlinstaller --force File::Scan::ClamAV
    /scripts/perlinstaller --force Mail::SPF::Query
    /scripts/realperlinstaller --force Mail::SRS
    /scripts/realperlinstaller --force Tie::RDBM
    /scripts/realperlinstaller Sys::Syslog
    /scripts/perlinstaller --force Net::LDAP
    /scripts/perlinstaller --force Time::HiRes
    /scripts/perlinstaller --force Tie::DBI
    Note that the --force is optional, however it will make sure you've got it installed. Do these one at a time as some of these have configurable options to them.
    One more perl module is needed. Since the later versions of Net::DNS are known to cause issues with RBLs, SPFs and the like, it is advised to use 0.57 . This can be obtained by doing the following:
    Code:
    mkdir /usr/local/assp
    cd /usr/local/assp
    mkdir /usr/local/assp/tmp
    cd /usr/local/assp/tmp
    wget http://www.net-dns.org/download/Net-DNS-0.57.tar.gz
    tar xzf Net-DNS-0.57.tar.gz
    cd Net-DNS-0.57
    perl Makefile.PL
    make
    make test
    make install
    Do NOT remove the /usr/local/assp/tmp directory as when you update cpanel, it will try to auto update Net::DNS again, so you will want this intact.

    Now, let's get with the program here and install ASSP:
    Code:
    cd /usr/local/assp
    wget http://switch.dl.sourceforge.net/sourceforge/assp/ASSP_1.2.6-Install.zip
    unzip -d /usr/local/assp /usr/local/assp/ASSP_1.2.6-Install.zip
    mv --target-directory=/usr/local/assp /usr/local/assp/ASSP/*
    mv --target-directory=/usr/local/assp /usr/local/assp/ASSP/.DS_Store
    rm -rf /usr/local/assp/__MACOSX
    rm -rf /usr/local/assp/ASSP
    rm -f ASSP_1.2.6-Install.zip
    rm -f Win32-quickstart-guide.txt;rm -f freshclam.bat
    cd /usr/local/assp
    mkdir pb
    cd pb
    touch denysmtp.txt
    touch exportedextreme.txt
    touch pbdb.black.db
    touch pbdb.rbl.db
    touch pbdb.white.db
    cd /usr/local/assp
    mkdir /usr/local/assp/notspam
    mkdir /usr/local/assp/spam
    mkdir /usr/local/assp/errors
    mkdir /usr/local/assp/errors/notspam
    cd /usr/local/assp
    wget http://www.grscripts.com/service/start
    chmod 755 start
    wget http://www.grscripts.com/service/stop
    chmod 755 stop
    cd /etc/rc.d/init.d
    wget http://www.grscripts.com/service/assp
    chmod 755 assp
    The core of ASSP is now installed. However, the development versions have updated functions to use for users. Of course, this is completely optional, but is recommended completely. This can be done by the following in SSH
    Code:
    cd /usr/local/assp/
    mv assp.pl assp.pl_old
    mv spamdb spamdb.old
    mv rebuildspamdb.pl rebuildspamdb.pl.old
    mv repair.pl repair.pl.old
    mkdir Data
    mkdir Data/Lists
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.1/info.png
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.2/rebuildspamdb.pl
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.3/repair.pl
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.5/assp.css
    mv assp.css images
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.6/assp.pl
    cd Data/Lists
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/05B0C8D4-000F4555.0/URIBLCCTLDS.txt
    chmod u+x /usr/local/assp/*.pl
    Now, let's get it up and running, and configure it, shall we?
    Code:
    cd /usr/local/assp
    /etc/init.d/assp start
    You'll see ASSP sending out some messages and then doing nothing. This is ok, and it's the expected response. Now, we need to edit some stuff. Hit ctrl-c (cancel) to shut down ASSP
    once it's stopped, you'll see the following file in the assp directory - assp.cfg . Edit that with whatever you want for an editor, something like:
    Code:
    nano assp.cfg
    You want to change a few options immediately just to get it working
    Look for the lines that are something like:
    Code:
    runAsGroup:=
    runAsUser:=
    and change them to be:
    Code:
    runAsGroup:=root
    runAsUser:=root
    Then look for the line that is
    Code:
    AsADaemon:=
    and change it to
    Code:
    AsADaemon:=1
    Now, let's change the password just so that we're secure:
    look for the line that is
    Code:
    webAdminPassword:=nospam4me
    and change that to
    Code:
    webAdminPassword:=insertrandompasswordhere
    Now, let's tell ASSP to setup and accept mail for our domains. Look for the line something like
    Code:
    localDomains:=
    and change that to be
    Code:
    localDomains:=file:/etc/localdomains
    Almost there, just a couple more changes needed.
    Look for the line that is something like
    Code:
    smtpDestination:=127.0.0.1:225
    and change that to be
    Code:
    smtpDestination:=127.0.0.1:125
    (or another port instead of 125, just REMEMBER the port!!)
    and one more change
    change the line that looks like
    Code:
    listenPort:=125
    to
    Code:
    listenPort:=25
    Now save and exit the file. If you're using nano/pico, that would be ctrl-x , just make SURE to save the file before you exit!
    Now, let's get ASSP fired up again
    Code:
    /etc/init.d/assp start
    let's make sure you have assp starting on system boot:
    Code:
    chkconfig --add assp
    Let's add a crontab to make sure that ASSP rebuilds the bayesian spam list
    crontab -e
    Code:
    10 4 * * * cd /usr/local/assp;/usr/local/assp/rebuildspamdb.pl
    Occasionally, what I've seen is ASSP will get "hung" on certain things and just kill itself. This fix will work for this, and make sure your ASSP installation is running smoothly

    Open up another file on the server, my example will be /bin/asspcheck. In this file, add the following contents
    Code:
    assplog=/usr/local/assp/check.log
    DATE=`date "+%m-%d-%y [%k:%M]"`
    pidof=/usr/local/assp/pid
    thispid=`cat $pidof`
    if [ ! -d /proc/$thispid ];then
    rm -rf $pidof;
    /etc/init.d/assp start
    echo "$DATE - ASSP - restarted" >> $assplog
    else
    echo "$DATE - ASSP - ok" >> $assplog
    fi
    Now, chmod the file itself
    Code:
    chmod u+x /bin/asspcheck
    Now, make sure it's called every 60 seconds. Add this to your root crontab
    crontab -e
    Code:
    * * * * * /bin/asspcheck
    Now, let's go BACK into WHM and setup the variables needed to get exim to use ASSP
    In exim configuration editor, click on "advanced editor"
    Clear out EVERYTHING from all of the existing boxes. Keeping these with data can cause ASSP to not function as it should
    When you've done that, add the following to the top box:
    Code:
    # assp
    local_interfaces = 127.0.0.1.125
    If you changed this variable to something else
    Code:
    smtpDestination:=127.0.0.1:125
    put in the other port, NOT 125, so it would look like 127.0.0.1.whateverporthere

    Click on Save
    Exim will restart and you now have a working installation of assp

    Now, let's go to it and work with it a bit, shall we?
    go to http://yourip:55555 , enter the user admin and the password you changed nospam4me to. This will get you logged in and you can tweak the settings as you feel necessary.

    ASSP is a great and powerful proxy for any mail server, which blocks using RBLS, whitelists, etc. It is advisable to setup the email interface and let your customers know of this so that you can get them to help you in reporting and addressing spam.
    Parts of this howto were taken from this page, however much of that data has been found to be outdated as far as downloads from CVS and the like go, and I've added quite a bit of useful information into it as well.

    Go through the ASSP configuration VERY carefully, and ONLY change what you're sure of. Start with the RBLs, increase the list to 5 and max hits to 2 as suggested.
    If you notice problems with this or know how it might be better, hey, feel free to post in here and I'll keep it as updated as possible :)
      0 Not allowed!

  2. #2
    Join Date
    Dec 2006
    Posts
    34
    Nice sum-up
      0 Not allowed!

  3. #3
    Join Date
    Apr 2006
    Posts
    500
    great how to!
      0 Not allowed!

  4. #4
    Join Date
    Mar 2005
    Posts
    359
    Very good. Thanks very much.
      0 Not allowed!

  5. #5
    Join Date
    Jun 2003
    Location
    Indiana, US
    Posts
    1,354
    Will this How-To also work for the new 1.3.0?
      0 Not allowed!

  6. #6
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,627
    Quote Originally Posted by Ran
    Will this How-To also work for the new 1.3.0?
    ASSP isn't officially at 1.3.0 (yet).
    Once this is an official release, I'll update the howto
      0 Not allowed!

  7. #7
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,627
    This should work without problems to update to 1.3.0. IF you already have assp installed:

    -- Login to your server (ssh) as root
    -- STOP assp
    Code:
    /etc/init.d/assp stop
    Go into the assp directory, and get the new stuff
    Code:
    cd /usr/local/assp
    mkdir files
    cd files
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.4/ipwl.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.5/ipnp.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.10/nodelay.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.8/invalidptr.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.7/blackdomains.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.11/bombre.txt
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.0/URIBLCCTLDS.txt
    cd ../images/
    rm -rf assp.css
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.1/info.png
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.2/assp.css
    cd ../
    ls
    mv assp.pl assp.pl.stable
    mv rebuildspamdb.pl rebuildspamdb.stable
    mv repair.pl repair.pl.stable
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.6/repair.pl
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.3/rebuildspamdb.pl
    wget http://www.magicvillage.de/~Fritz_Borgstedt/assp/S05B0C8D4.12/assp.pl
    RE-Start assp
    Code:
    /etc/init.d/assp start
    If you do NOT already have assp installed:
    Follow the instructions in the FIRST post UP TO
    The core of ASSP is now installed. However, the development versions have updated functions to use for users. Of course, this is completely optional, but is recommended completely. This can be done by the following in SSH
    Once you get to THAT point, then follow the instructions in this post.
    Skip that entire section in the original post
    Once you've done the beta update stuff, then you can resume the instructions in the ORIGINAL post, beginning with:
    chmod u+x /usr/local/assp/*.pl
    Now, let's get it up and running, and configure it, shall we?
    Of course, if you want to wait until March 1st, 1.3.0 will be out stable (or so says the ASSP website )
      0 Not allowed!

  8. #8
    secure smtp service is not available anymore, it stop after we applied assp on our server. is there anyway to enable secure smtp again?
      0 Not allowed!

  9. #9
    Hi,


    How can I know if it's really work when my installation is just new on the server ? Thank you.

    Best Regards,
      0 Not allowed!

  10. #10
    I have some CPU High Loads...

    ASSP require a High load? ASSP stop any e-mail where not is SPAM?


    Thank's for How To...!
    http://www.webrazuca.com/ - weBrazuca do Brasil
      0 Not allowed!

  11. #11
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,627
    Quote Originally Posted by weBrazuca
    ASSP require a High load?
    No, ASSP does not load your server down at all. In fact, compared to SpamAssassin (the CPanel alternative as it were), it handles things MUCH easier, as it doesn't parse stupid user rules.

    Quote Originally Posted by weBrazuca
    ASSP stop any e-mail where not is SPAM?
    Anything you get to do this will do that, even SpamAssassin will. The good thing about ASSP though is that it is intuitive and LEARNS whom you mail, causing the system to whitelist them, and it takes user interaction (nospam, spam, whitelist reports). As well, ASSP can be told to set in "training mode" which will send everything to you if it thinks it might be spam.
    Quote Originally Posted by VVIP
    How can I know if it's really work when my installation is just new on the server ? Thank you.
    If you go to the admin interface (port 55555 unless you change it) and log in, you will see a 'Info and Stats' page. This will tell you how well it is working and what it is doing.
    Quote Originally Posted by wafer
    secure smtp service is not available anymore, it stop after we applied assp on our server. is there anyway to enable secure smtp again?
    Directly from the ASSP FAQ ( a good thing to read before you set something like this up)
    Q: Can ASSP be run with SSL / TLS connections?

    No - not natively. Natively, ASSP only works with non-SSL connections. However, there are possibilities to use SSL for your email users to protect their authentication process. Third party utilities such as stunnel (http://stunnel.mirt.net) allow you to use SSL/TLS to encrypt connections between your outside party and ASSP. There is only one caveat; stunnel works as a proxy between your outside connection and ASSP. Consequently, ASSP sees the connection as originating from stunnel (typically 127.0.0.2), and not the sending party. This means that all connection checks (delaying, greylisting, RBL, etc) would not work with these connections. Consequently, if you want to use stunnel to protect any SMTP authentication process with your clients, you should prevent all non-AUTH connections to this port. This can be accomplished by setting the endport of stunnel to "Another Listen Port" (in Network Setup), and enabling "Enforce AUTH before MAIL FROM when connecting to second SMTP port". This will prevent any non-authenticated users from sending email through the encrypted stunnel connection.
      0 Not allowed!

  12. #12
    Join Date
    Mar 2007
    Location
    Washington State
    Posts
    1,083
    Is this worth it, what are your opinions on this. Do you guys like it?
      0 Not allowed!

  13. #13
    Join Date
    Mar 2007
    Location
    1010010101
    Posts
    231
    ASSP looks good for Internet webmail access but when clients use Outlook or ThunderBird to download (POP3) e-mails from the server and they receive a spam e-mail, what do they do to mark that e-mail is a spam and how ASSP on the server will know about that to add in its database list ?
      0 Not allowed!

  14. #14
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,627
    ASSP has nothing to do with the "mail client" at all. It has everything to do with the SMTP server, as it forwards all mail to the REAL SMTP server after the garbage is filtered out.

    what do they do to mark that e-mail is a spam
    Any decently developed mail client has filters that can scan headers. If the message is marked spam by ASSP, and it's being delivered, they can move that to a special folder, or simply forward it to the interface for blocking.


    Is it worth it? Most definitely. Regardless of the mail client you're using, it is worth it. Regardless of the setup you are using, it is worth it. You won't find much else as smart as ASSP is.
      0 Not allowed!

  15. #15
    Join Date
    Mar 2007
    Location
    1010010101
    Posts
    231
    Is the special folder has to be the same name as the one on the server: spam & not spam ? Will ASSP update this folder on next download ?
      0 Not allowed!

Page 1 of 3 123 LastLast

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •