Hi all,
fixed in assp 2.4.8 build 16025:
- the synchronization configuration was not set, if a plugin was installed
all sync states are now set to default values in this case
An upgrade to this version will correct this misbehavior one time.
- the SSL transport engine got an update to be solid rock against hidden
mistakes in the
underlying used perl modules (older versions)
- in case assp was waiting for a shutdown/restart and the SMTP-workers
were already terminated
it was possible that a POP3 collection was started and failed
changed:
- the GUI configration of the 'Relaying' section is move below the
'Network Setup' section
added:
- 'runAsGroupSupplementary','Run with supplementary groups'
'The *nix supplementary groups to assume after startup (*nix only) -
requires runAsGroup to be configured
Examples: group1|group2
requires ASSP restart'
- a new plugin 'ASSP_FakeMX.pm'is available (version 1.01)
'DoASSP_FakeMX','Do the ASSP_FakeMX Plugin','0:disabled|1:block|2:monitor'
'To explain it , let's say you have a domain "example.com" and
let's also say that the domain has a single MX
example.com IN MX 10 mail.example.com
now, to adopt the "MX sandwich" (or Fake MX, as we call it) approach
you'll need to add a couple MX records so, that the DNS will contain
something like
example.com IN MX 10 mx00.example.com
example.com IN MX 20 mail.example.com
example.com IN MX 90 mx99.example.com
Now comes the trick, the "mx00" will point to an IP address on which
there isn't (and will NEVER be) a listener on 25/tcp; this means that
any connection attempted to mx00.example.com:25 will result into a TCP
timeout error. The MX mail record (mail.example.com) will point to the
real listenPort (and
there may be more by the way) and the mx99, that is the last MX will
point to another listenPort and to ASSP_FakeMXFakeMX
ASSP will answer connections on "mx99" *ALWAYS* with a reply of
421 Service temporarily unavailable, closing transmission channel.
Now the question - how will such a construct (the MX sandwitch) prevent
spam?
Real mail servers will try to connect to mx00.example.com first. This will
fail and they will next
try mail.example.com , because it is the next MX in order, where they can
connect and deliver the mail.
Some spam bots may also try to connect to mx00.example.com. This will also
fail. But most
spam bots never try a second MX - this is what we want - no bot - no spam.
A second type of spam bots are connecting to MX records in revers order.
They connect
to mx99.example.com first - which is a fault. The IP will get the
configured score ( ASSP_FakeMXValencePB ).
Future connections (even at the right MX records) from this IP can be
blocked by the PenaltyBox or DelayIP.
NoProcessing IP's and senders can use the FakeMX without any blocking.
Whitelisted IP's and senders can use the FakeMX without any blocking as
long as procWhiteASSP_FakeMX is not set.
ISP IP's can use the FakeMX without any blocking.
IP's listed in acceptAllMail can use the FakeMX without any blocking.
NOTICE: If you set this option to "block" and TestASSP_FakeMX is switched
"OFF" - YOU NEED to
switch "OFF" EnableDelaying FIRST !
This Plugin is designed for- and running in call/run level
'SMTP-handshake'!
Thomas
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
