Hi all,
fixed in assp 2.2.2 build 12255:
- On some linux platforms we saw a CLIB mistake, which caused an IP
address error in ASSP.
Even on a connected IP-socket, assp was unable to get the connected IP
address from the OS.
This caused unexpected crashes or at least unexpected behavior of assp.
If this mistake is
detected by assp, the connection is closed by assp and 'delaySameIP' is
switched to ON - which
sets an internal limit for the count of same IP's in the same worker.
The detected CLIB mistake is logged in the maillog.txt. In case you see
error: This system is some time unable to detect connected IP addresses -
check that you use the latest C-library,
Perl-version and Perl module versions
and/or
error: unable to detect the connected IP address - ...
check that you use the latest Perl update for your version, and the
CLIB/LIBC of your OS is uptodate!
- If a system got peaks of spam or ham mails, the corpusnorm was no longer
fine - even if the settings for
the rebuildspamdb and corpus folder maintenance were not changed. ASSP
tries now on the fly to keep the
corpusnorm beween 0.9 and 1.1 . Notice this will only work, if there are
enougth files in the corpus folders
(~500 each at least).
'autoCorrectCorpus'
.......
If this value is defined, assp will use the middle value of "a" and "b"
((a+b)/2) as target corpusnorm and
will try to reach this value, using (as many as possible) but only such
a count of files in the folders
spamlog and notspamlog as required!'
changed:
- The internal config variable 'delaySameIPorHelo' is changed to
'delaySameIP'
- On havy loaded systems it was possible that the 'command queue' of the
MaintThread was growing
for example, if the ARC plugin was used. If the RebuildThread is idle,
he will also process entries from this
'command queue'.
- If a connected host submits a HELO without a host or domain name, the
host name is internaly replaced by 'localhost',
but the original HELO is sent to the MTA. If 'DoInvalidFormatHelo' is
enabled, the message and IP will get a penalty of
'ihValencePB'.
- The SPAM-SPF-record detection is improved. All 'pass' matches with an
IPv4-network-mask less than 8 or
an IPv6-network-mask less than 32 are detected as 'fail'.
- If a SPAM-SPF-record is found in the SPFCache for a domain (0.0.0.0
domain) - this domain will be treated as
'blackListedDomain'
added:
- Until now the SMTP timeout for noprocessing and whitelisted mails was
set hardcoded to 1200 seconds,
you can change this timeout now with the internal config variable
'NpWlTimeOut'
our $NpWlTimeOut = 1200; # timeout in seconds for noprocessing and
whitelisted mails
Thomas
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
