Hello,
> ----- Original Message ----- > From: Grayhat <gray...@gmx.net> > To: assp-test@lists.sourceforge.net > Cc: > Sent: Wednesday, 22 May 2013, 14:02 > Subject: Re: [Assp-test] Need guide on how to do upgrade to the latest version of assp Re: assp spawning spam > > > > > Subj: assp spawning spam > > > on an installation of mine > > >they managed to get hold of the boss address (of all addresses) > > >and they send spam to the outside world. > > > > "they" -- is who? The "bad" guys :-) > > Computer with antispam? Computers with no anti-spam since I am using assp on the "gateway". > > Or computers of internal users? Computers of internal users if I can understand the question correctly. > I suspect that someone "bruteforced" or either obtained by other means > (a virus, phishing...) the email credentials and is now using them to > authenticate and spit out junk; there are a couple settings in ASSPv2 That's what I though at the beginning and swiftly changed the boss' password with a very complicated one. ASSP kept sending spam. After a lot of hunting and with fritzs' help, I realised I had 127.0.0.1 able to send smtp to the outside world, so I took it out of the config. I put the old password back and it doesn't send spam anymore (since I took away 127.0.0.1 from being able to send mail). > which I'd recommend to avoid such issues; first of all, the "rate > limiter" which allows you to configure the max number of messages per > time interval which a given account can send; start by setting up it > this way > > LocalFrequencyInt:=1800 > LocalFrequencyNumRcpt:=120 > LocalFrequencyOnly:= > NoLocalFrequency:=file:files/nolocalfrequency.txt > > and configure the "files/nolocalfrequency.txt" file to contain just the > local assp address (used to send reports and so on); also, ensure that > the "notification email to" (Notify) under "logging" contains a valid > address since ASSP will then send infos about senders tripping over the > rate limiter to such an address; next, edit "lib\CorrectASSPcfg.pm" and > add it (or uncomment) the following > > $main::AUTHLogUser = 1; > In regards to ASSPs' version . Which one should I use if I upgrade ? Should I use v1.98 as Fritz suggests or should I go straight for v2.2.x which, I think, is the latest ? > save the file and restart ASSP, the above tells ASSP to log a line to > the maillog containing a given authenticated user "name", this way, > you'll be able to check "who" is logging (or trying to log) into your > box... then, sit back and monitor your ASSP for a while Thank you very much, spyros ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
