On 23/02/2007, at 10:18 AM, Dave Watkins wrote: > Hi All > > > > I’ve just stumbled upon ASSP completely by accident and am hoping > to be able to use it to replace our spamassassin system but have > some basic questions that aren’t immediately obvious in the wiki or > the docs (unless I’m going blind J) > > > > Currently we have our incoming mail hitting Mailmarshal first, > which does virus and rules checking, validates the mail is to a > real user (during SMTP) and some RBL checks, then it goes to > spamassassin and gets marked in the subject if it’s spam and then > passed to Exchange. Outbound goes from Exchange straight out to > Mailmarshal then sent. > > > > Now the right way to setup ASSP seems to be Exchange -> ASSP -> > Mailmarshal -> Internet. > > > > Inbound seems to be Internet -> ASSP -> Mailmarshal -> Exchange. > > > > All this is fine and setup shouldn’t be a problem, I can move RBL > checks away from Mailmarshal and have them running on ASSP, virus > scanning will stay on Mailmarshal as it has the processing > capability to handle it but my questions are as follows. > > > > Will I need to setup LDAP on ASSP to validate that incoming mail is > addressed to a valid user? I want to block these at SMTP to save > bandwidth, there seems to be some indication in the docs that ASSP > would initiate an SMTP connection to Mailmarshal to check if the > recipient is valid before it responds to the sending SMTP server > with an OK but I’m unsure if this is the case or not. Basically how > does ASSP validate incoming mail is going to a real user?
You can use a flat file (export it from Mailmarshal) or LDAP. > > > At least in the initial stages I don’t want to change the behaviour > of our current system so I would prefer if ASSP didn’t block > messages but instead just marked them in the subject. Most of our > users have rules to move marked messages to a separate folder and, > at least in the short term I’d like this to continue. Once we have > confidence in our Bayesian DB I’ll switch it over to blocking by > default. It looks like the only way to accomplish this is by > turning on testing mode. Is that correct? Yes, you can have everything in test mode, then turn off test modes one at a time, as you get comfortable with them. > > > Is there any way to pre-populate the “Delaying” database during the > testing phase without actually having it have delaying turned on? > Ideally I’d like to be able to have the DB already populated with > IP’s of servers that haven’t sent us spam when I enable it so they > don’t receive delays. Whitelisted addresses are not delayed - you can fill up the whitelist. > > > Is there any scoring attached to failing an RBL check? RBL blocking > has given us some issues in the past when the major ISP’s in the > country manage to get themselves on an RBL list. All I can see is a > setting that defines how many different RBL checks have to fail > before the message is blocked, which admittedly may be enough in > our case but may also let in more spam. Is setting that to 2 (or > maybe 3) a good idea? You can use Penalty Box to score things. Then once the threshold is exceeded, the sender is blocked. > > > I think that’s it for now > > > > Thanks in advance Good luck. James. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
