>> Received: from mout3.freenet.de (localhost [127.0.0.1]) >> by mymxserver.com (Postfix) with ESMTP id 9868FB16D96 >> for <u...@myvirtualdomain.com>; Tue, 28 Jul 2009 14:32:46 -0400 >> (EDT) > > I am beginning to suspect that it's possible to spoof localhost to get > around assp. Anyone have any thoughts? I'm sure that incoming port > 10024 and 1025 are blocked from the outside, so perhaps one can > successfully spoof the sending server's IP to be localhost (as above, > perhaps), so that assp simply passes the mail to the SMTP server or > amavisd. > > Anyone have any thoughts? > > T.
I had a similar problem last year with 1.x ASSP. I had both ASSP and SMTP server (listening on 52525) running on same unix machine. Port 52525 was firewalled and the SMTP server was configured to only accept connections from localhost. Somehow spam was getting around ASSP which I knew because I configured ASSP to add X-Assp headers and these were missing. I finally resolved it by writing a filter for the SMTP server that rejected all mail that was missing and X-Assp header. ------ Max Lyth ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
