What is ASSP? ASSP is an Anti-Spam SMTP Proxy . The homepage can be found here
. ASSP is a lightweight daemon that can filter mail based on various things such as SPF, RBLs, Bayesian word lists, as well as blocking email addresses from getting mail, or having mail filtered.
This tutorial will walk you through getting the admin
interface for CPanel setup for ASSP. Currently, a paid
user interface can be obtained here
(note that I am in no way affiliated with, nor have I tried to use this UI, I am just offering the link to those that might find it useful)
Firstly, the setup:
You will need to activate Cpanel PRO (pro.cpanel.net/activate) for your server in order for this to fully work. This activation is currently free. Simply go to the previous mentioned URL and enter your IP address if you have not done so already.
Once you have activated CPanel PRO, go into whm->addon modules and check clamav connector, then click on "save". This will install clamav for you to use
Once you have done THIS, go to whm->service manager and UNcheck spamd (it is no longer necessary with ASSP), and again click on save/submit. Note that this IS optional, however the purpose of ASSP is to defeat spam before it GETS to SpamAssassin.
Once you have done THAT, go into whm -> tweak settings and uncheck SpamAssassin and BoxTrapper mail.
Secondly, the requirements:
ASSP needs certain perl modules established To install these, simply login (as root) to your server, and type the following
/scripts/perlinstaller --force Compress::Zlib
/scripts/perlinstaller --force Email::Valid
/scripts/perlinstaller --force File::ReadBackwards
/scripts/perlinstaller --force File::Scan::ClamAV
/scripts/perlinstaller --force Mail::SPF::Query
/scripts/realperlinstaller --force Mail::SRS
/scripts/realperlinstaller --force Tie::RDBM
/scripts/perlinstaller --force Net::LDAP
/scripts/perlinstaller --force Time::HiRes
/scripts/perlinstaller --force Tie::DBI
Note that the --force is optional
, however it will make sure you've got it installed. Do these one at a time as some of these have configurable options to them.
One more perl module is needed. Since the later versions of Net::DNS are known to cause issues with RBLs, SPFs and the like, it is advised to use 0.57 . This can be obtained by doing the following:
tar xzf Net-DNS-0.57.tar.gz
Do NOT remove the /usr/local/assp/tmp directory as when you update cpanel, it will try to auto update Net::DNS again, so you will want this intact.
Now, let's get with the program here and install ASSP:
unzip -d /usr/local/assp /usr/local/assp/ASSP_1.2.6-Install.zip
mv --target-directory=/usr/local/assp /usr/local/assp/ASSP/*
mv --target-directory=/usr/local/assp /usr/local/assp/ASSP/.DS_Store
rm -rf /usr/local/assp/__MACOSX
rm -rf /usr/local/assp/ASSP
rm -f ASSP_1.2.6-Install.zip
rm -f Win32-quickstart-guide.txt;rm -f freshclam.bat
chmod 755 start
chmod 755 stop
chmod 755 assp
The core of ASSP is now installed. However, the development versions have updated functions to use for users. Of course, this is completely optional, but is recommended completely. This can be done by the following in SSH
mv assp.pl assp.pl_old
mv spamdb spamdb.old
mv rebuildspamdb.pl rebuildspamdb.pl.old
mv repair.pl repair.pl.old
mv assp.css images
chmod u+x /usr/local/assp/*.pl
Now, let's get it up and running, and configure it, shall we?
You'll see ASSP sending out some messages and then doing nothing. This is ok, and it's the expected response. Now, we need to edit some stuff. Hit ctrl-c (cancel) to shut down ASSP
once it's stopped, you'll see the following file in the assp directory - assp.cfg . Edit that with whatever you want for an editor, something like:
You want to change a few
options immediately just to get it working
Look for the lines that are something like:
and change them to be:
Then look for the line that is
and change it to
Now, let's change the password just so that we're secure:
look for the line that is
and change that to
Now, let's tell ASSP to setup and accept mail for our domains. Look for the line something like
and change that to be
Almost there, just a couple more changes needed.
Look for the line that is something like
and change that to be
(or another port instead of 125, just REMEMBER the port!!)
and one more change
change the line that looks like
Now save and exit the file. If you're using nano/pico, that would be ctrl-x , just make SURE to save the file before you exit!
Now, let's get ASSP fired up again
let's make sure you have assp starting on system boot:
chkconfig --add assp
Let's add a crontab to make sure that ASSP rebuilds the bayesian spam list
10 4 * * * cd /usr/local/assp;/usr/local/assp/rebuildspamdb.pl
Occasionally, what I've seen is ASSP will get "hung" on certain things and just kill itself. This fix will work for this, and make sure your ASSP installation is running smoothly
Open up another file on the server, my example will be /bin/asspcheck. In this file, add the following contents
DATE=`date "+%m-%d-%y [%k:%M]"`
if [ ! -d /proc/$thispid ];then
rm -rf $pidof;
echo "$DATE - ASSP - restarted" >> $assplog
echo "$DATE - ASSP - ok" >> $assplog
Now, chmod the file itself
chmod u+x /bin/asspcheck
Now, make sure it's called every 60 seconds. Add this to your root crontab
* * * * * /bin/asspcheck
Now, let's go BACK into WHM and setup the variables needed to get exim to use ASSP
In exim configuration editor, click on "advanced editor"
Clear out EVERYTHING from all of the existing boxes. Keeping these with data can cause ASSP to not function as it should
When you've done that, add the following to the top box:
local_interfaces = 127.0.0.1.125
If you changed this variable to something else
put in the other port, NOT 125, so it would look like 127.0.0.1.whateverporthere
Click on Save
Exim will restart and you now have a working installation of assp
Now, let's go to it and work with it a bit, shall we?
go to http://yourip:55555
, enter the user admin and the password you changed nospam4me to. This will get you logged in and you can tweak the settings as you feel necessary.
ASSP is a great and powerful proxy for any mail server, which blocks using RBLS, whitelists, etc. It is advisable to setup the email interface and let your customers know of this so that you can get them to help you in reporting and addressing spam.
Parts of this howto were taken from this page
, however much of that data has been found to be outdated as far as downloads from CVS and the like go, and I've added quite a bit of useful information into it as well.
Go through the ASSP configuration VERY carefully, and ONLY change what you're sure of. Start with the RBLs, increase the list to 5 and max hits to 2 as suggested.
If you notice problems with this or know how it might be better, hey, feel free to post in here and I'll keep it as updated as possible :)