Hi all, fixed in assp 2.6.8 *SPAM-Evaporator* build 22080:
- if 'myGreeting' was configured as multiline greeting, assp has prepended '220 ' even the first line was starting with '220-' changed: The literal 'LASTCOMMAND' will be replaced by the last used SMTP-command in every SMTP error reply. The literal 'MAILFROM' will be replaced by received envelope sender in every SMTP error reply. The literal 'RECEIVEDHELO' will be replaced by the received HELO/EHLO string in every SMTP error reply. added: 'forceTLSIP','Force these IP's to use TLS*' Enter IP's that you want to be enforced to use SSL/TLS, separated by pipes (|). DoTLS needs to be set to "do TLS" to make this feature working! If a host or client uses the MAIL FROM: command without it used STARTTLS before or STARTTLS has failed or it is not connected to a SSL-listener (the connection is not transport layer secured), the permanent SMTP-error code 502 <MYNAME> connected by 'IPCONNECTED' - 'RECEIVEDHELO'. The used command 'LASTCOMMAND: <MAILFROM>' is still not supported, because the connection is NOT secured by an encryption layer (TLS) - please use STARTTLS first FORCEEXPLAIN will be sent by assp and the connection will be dropped. IP's listed in noTLSIP , private IP-ranges , IP's in SSL-failed-Cache and IP's connected to a NoTLSlistenPorts are excluded from being forced by this feature. To force all IP's, enter 0.0.0.0/0|0::0/0 . Mails to BounceSenders are also excluded from being forced by this feature! So TLSRPTv1 reports and other notifications are delivered, even TLS/SSL is in an invalid state. If a connection is dropped by this feature, the connected IP will get no penalty (score)! If this feature is enabled for all connecting IP's, it is highly recommended to configure MTA-STS (SMTP MTA Strict Transport Security - RFC 8461) or the more secure DANE (DNS-Based Authentication of Named Entities - RFC 6698, 7671)(SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) - RFC 7672) for your hosted domains! Notice: MTA-STS and DANE require both the SSL_version TLSv1_2 and/or TLSv1_3. Thomas DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
