Topic: ASSP on SME 7.2

[bei]

Tried out this how to

http://www.sonoracomm.com/index.php?option=com_content&task=view&id=48&Itemid=32

It all works except one piece. iptables in sme blocks port 25 once its changed to 125

the port 25 still needs to be open to the public but 125 doesn't

i need to find out how to add a new service called assp that runs on port 25 on the public interface.

netstat -ant

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:993                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:55555               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:515                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:548                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:389                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:139                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:465                 0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:980               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN
tcp        0      0 192.168.0.2:53              0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.2:53                0.0.0.0:*                   LISTEN
tcp        0      0 192.168.0.2:22              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:3128                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:26                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:443                 0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:4700              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:125                 0.0.0.0:*                   LISTEN
tcp        0    184 192.168.0.2:22              192.168.0.246:49162         ESTABLISHED
tcp        0      0 192.168.0.2:139             192.168.0.245:49156         ESTABLISHED

i have it set to see that 25 is a service called assp, but i don't know how to changed the ip to a public interface
from 0.0.0.0 to 192.168.0.2

any help would be appriciated.

[mmccarn]

ASSP is a major reconfiguration for SME - especially since SME already includes the spam fighting features it provides.

SME is pre-configured with these features disabled in order to make sure that email should flow easily when the server is first installed.  Here is a link to instructions on how to turn these features on: http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning

The only ASSP features I'm aware of that SME does not support once configured as shown above are

• email addresses to which users can send spam and ham for bayesian training
• auto-whitelisting of all out-bound email

On a SME server configured using the instructions above, and additionally configured to use 'LearnAsSpam.pl' as (somewhat confusedly) described here: http://bugs.contribs.org/show_bug.cgi?id=1701 I am accustomed to getting 1 or 2 spams per week (compared to 100+ rejected by the SME)

Here's a report I opened on bugzilla for you with more info: http://bugs.contribs.org/show_bug.cgi?id=3433

If you decided to pursue the ASSP route, please add yourself to the bug and followup there with questions & comments.  (And, if you are up to it, either create a new How To when done, or work w/ Sonoracomm to update theirs )

[bei]

it works but it doesn't work if that makes sense.
same problem as listed in this thread by user wallyrp.
http://forums.contribs.org/index.php?topic=31183.msg141283#msg141283
i can telnet to port 25 locally on the lan but when its coming from outside on the wan it gets rejected by iptables. i need a way to alllow wan connections. maybe a way to disable iptables? i have a hardware firewall that is taking care of the forwarding and sme is in server mode only.

I would preffer to use ASSP been using for the last year or so and have multiple clients running it now to filter for exchange servers. Process that i use with ASSP that I like is;

After about 1 - 2 weeks Bayesian is working about 98% with about 2% email being marked from non whitelist addresses.
The Bayesian marked spams are sent to the user and they have outlook rules that catch [SPAM] appened subjects and move them into their junk email folder.
I have a spam catch address that receives all emails marked as [SPAM]
I monitor this addresses [SPAM] emails and create custom bomb regex rules to completely deny that spam from even coming in. atm 96.8% of all non-local mail is being stopped in the last 306 days.

With the ease of install and setup so far with SME I see some slight potential in using it for some of my clients. If i can find a way to get assp working with SME I will more than likely get it setup to be a front end server for exchange servers.

[deanj]

ASSP is a major reconfiguration for SME - especially since SME already includes the spam fighting features it provides.

That statement is very wrong. ASSP is the easiest spam solution to implement.

bei   just do this to change the qpsmtpd port

Create the following template file
/etc/e-smith/templates-custom/var/service/qpsmtpd/runenv/PORT

Edit it and add the following text
PORT=125

then run
signal-event email-update

apart from installing and configuring assp that is the only change necessary on
your server

[bei]

okay i got it working

bug reply helped but one command they gave me was off.

i will cover what i did so if someone is wanting to try running assp here some info i used.
based on this how to http://www.sonoracomm.com/index.php?option=com_content&task=view&id=48&Itemid=32
and using feed back from here http://bugs.contribs.org/show_bug.cgi?id=3433
1. using the Server-Manager E-Mail panel, disable virus scanning and spam filtering.

2. login as root using ssh / putty client

3. Install Email::Valid perl module

Code: [Select]

rpm -Uvh ftp://fr.rpmfind.net/linux/dag/redhat/el4/en/i386/dag/RPMS/perl-Email-Valid-0.15-1.2.el4.rf.noarch.rpm

Code: [Select]

perl -MCPAN -e 'shell'

Code: [Select]

install Email::Valid Net::RBLClient Mail::SPF::Query Mail::SRS
4. Download and Install ASSP

Code: [Select]

wget http://umn.dl.sourceforge.net/sourceforge/assp/ASSP_1.3.3.1-Install.zip
unzip:

Code: [Select]

unzip ASSP_1.3.3.1-Install.zip
change to install folder:

Code: [Select]

cd ASSP_1.3.3.1-Install
move to a more proper area:

Code: [Select]

mv ASSP /usr/local
change owner of all the files in the ASSP dir:

Code: [Select]

chown -R root.root /usr/local/ASSP
Change to /usr/local/ASSP dir:

Code: [Select]

cd /usr/local/ASSP
5. Adjust qmail smtp port settings:

Change the Port that SME Server Uses for SMTP"

Code: [Select]

config setprop smtpd TCPPort 125
Change access to SMTP from public to private:

Code: [Select]

config setprop smtpd access private
6. Create config db values for ASSP in order to configure iptables:

Code: [Select]

config set affa service
config setprop affa TCPPort 25
config setprop affa status enabled
config setprop affa access public
7. rebuild config files:

Code: [Select]

signal-event remoteaccess-update
signal-event email-update
8. Basic Settings for ASSP:

change to the ASSP dir:

Code: [Select]

cd /usr/local/ASSP
start assp:

Code: [Select]

./perl assp.pl
Open a web browser on a network-attached PC to http://ip.of.your.server:55555/. I used:
http://192.168.1.2:55555/ to get to my server. You can also use a second virtual terminal
on your SME Server and the Lynx text-mode browser: 'lynx localhost:55555'.
(also see Configure for Remote Maintenance below in the Notes section)

Log into the configuration page. Use 'admin' to log in with the initial password of 'nospam4me'.

You may want to click the “Expand All” option to see all available options.

You will want to change:
Network Setup

    * Listen Port (set it to 25)
    * SMTP Destination (set it to 127.0.0.1:125)

Server Setup

    * As a Daemon (check the box)
    * Web Admin Password (set it to what you want)
 
Relaying

    * Accept All Mail (For example: 127.0.0.1|10.|169.254.|172.16.|192.168.)
    * Local Domains (your domain(s))


Apply Changes

Once those basic settings are set Stop the ASSP proxy by hitting Control-C in the ssh / putty window

9. Create the start up script:

Code: [Select]

vi /etc/e-smith/events/local/S95ASSP
in this file put in:

Code: [Select]

# Start the ASSP proxy
/usr/bin/perl /usr/local/ASSP/assp.pl /usr/local/ASSP
change rights on this file:

Code: [Select]

chmod a+x  /etc/e-smith/events/local/S95ASSP
10. Rebuild the SPAM Database Periodically:

Create a custom template fragment for crontab:

Code: [Select]

mkdir -p /etc/e-smith/templates-custom/etc/crontab

Code: [Select]

vi /etc/e-smith/templates-custom/etc/crontab/40assp
In this file put in(with a blank line at the end):

Code: [Select]

# Perform the nightly ASSP proxy updates at 3:20am
20 3 * * * root /usr/local/ASSP/nightly.sh >/dev/null 2>&1


Recreate the /etc/crontab file:

Code: [Select]

/sbin/e-smith/expand-template /etc/crontab
Verify your modifications:

Code: [Select]

cat /etc/crontab
Create the nightly.sh Shell Script:

Change to the /usr/local/ASSP if not already there

Code: [Select]

cd /usr/local/ASSP
Create the Script:

Code: [Select]

vi nightly.sh
Add the following:

Code: [Select]

#!/bin/sh
#
# nightly.sh - Gene Cooper
# Please e-mail modifications or updates to gcooper(at)sonoracomm.com.
#
# Script to update the DNS Blackhole List and rebuild the
# SPAM database for the ASSP SMTP proxy
#
# Where is ASSP

BASE=/usr/local/ASSP
cd $BASE

# Rebuild the SPAM database
perl rebuildspamdb.pl

# Reload the assp.cfg
kill -HUP `cat pid`
Make the nightly.sh script executable:

Code: [Select]

chmod a+x nightly.sh
To test, execute from the /usr/local/assp directory:

Code: [Select]

./nightly.sh and monitor the maillog.txt

that should get you start some decent information in this link about other settings / how to use ASSP
http://www.sonoracomm.com/index.php?option=com_content&task=view&id=48&Itemid=32

Also i recommend learning Bomb Regex Expressions they are great!
http://www.asspsmtp.org/forums/regular-expressions/0/

if you have any questions or updates on problems let me know if i missed something!

[cactus]

okay i got it working

bug reply helped but one command they gave me was off.

i will cover what i did so if someone is wanting to try running assp he some info i used.

Thec correct plae for HowTo's is in the wiki. Would you be so kind to add it there (as well)?

[CharlieBrady]

Thec correct plae for HowTo's is in the wiki.

And the correct place to discuss issues with Contribs is in the Contribs forum. This forum's topic is:

Discussion of the use of *ONLY* the components and features included on the SME Server 7.x CD.

[byte]

Moving this topic to the SME 7.x contribs forum, it is more appropriate there. Thanks!

[sonoracomm]

Hi All,

I have updated the ASSP howto on my web site using some info from this thread.

http://www.sonoracomm.com/index.php?option=com_content&task=view&id=48

Little testing has been done as I don't have a good test setup on hand. 

Please e-mail me with any comments, fixes, suggestions, etc.

Now that I have quite a bit of experience with ASSP and with SpamAssassin, I will opine that ASSP is a very good alternative indeed.  The only advantage I see to SpamAssassin is that it is already included with SME Server.

G

[shawnbishop]

Surely should be in the Wiki...nice info though