Hi Thomas,
Awesome release. The SSL listeners for any port is very good!
Years ago, I asked you if it's possible to include an outgoing rate control
in ASSP, like messages sent by hour/day, per domain, etc.
Tools like cbopolicyd do that, but is to complicated to mantain and debug
(ASSP log is a master champion in this area!)
Best regards,
Alexandre
2017-12-21 12:32 GMT-02:00 Thomas Eckardt <thomas.ecka...@thockar.com>:
> Hi all,
>
>
>
> ASSP version 2.6.1 build 17355 is released on sourceforge.
> This build contains several changes, fixes and new features (see below).
> For the full description of the changes, fixes and new features, please
> read the changelog.
>
>
> - It is now possible to define a SSL-listener for all listeners (SMTP,
> WEB, STAT) - to do this write SSL: in front of the listener definition.
> Examples:
> 225
> SSL:325
> 225|SSL:325
> 127.0.0.1:225
> 192.168.1.1:225|192.168.2.1:225|SSL:192.168.1:325
>
>
> - orphaned connection data and handles may caused errors like:
> - too many open files
> - invalid filehandle
> - ....
> It was also possible, that the connection screen and the worker status
> screen have shown incorrect data.
> On some systems those orphaned connections caused unexpected high CPU
> and memory usage.
>
> - speed improvement of the rebuildspamdb task
>
> - ASSP_AFC version 4.74 is able to check for 'Microsoft Office Compound
> File Binary (OLE)' attachments - the exception tag is :MSOLE
>
> - on 'apply changes', google chrome (v57 and higher) may has thrown an
> error about 'x-xss-protection', if the GUI in http mode was used by user
> 'root'
>
> - If the filename for an attachment contains no extension, but the given
> Content-Type MIME header provides the filetype, the related extension is
> added
> to the file name to prevent unexpected blocked attachments.
>
> - switching the effective and real UID on BSD based OS may have been failed
>
> - To prevent DoS attacks in SSL renegotiations the hidden configuration
> variable 'maxSSLRenegDuration' is added - the default value is 10 seconds.
> # the SSL/TLS renegotiation counter will be reset after this number of
> seconds without a renegotiation request and any regular data are sent or
> received
> our $maxSSLRenegDuration = 10;
>
>
> - 'maxSSLRenegotiations','Maximum Allowed SMTP SSL Client-Initiated-
> Renegotiations'
> 'Maxumum count of allowed SSL/TLS client initiated renegotiations to
> prevent DoS.
> If this count is exceeded in a connection within 10 seconds, the
> connection is terminated, the connected IP is registered in banFailedSSLIP
> and new connections
> from this IP address are rejected for 15-30 minutes. An IP-Score of
> PenaltyExtreme but at least 150 is used for the IP address.
> Zero disables this feature - default is : 2 attempts.'
>
>
> - active connection counting and limiting was not working if
> clients/servers used the STARTTLS command
>
> - Because sourceforge is discontinuing the CVS support, the versioning
> support for the ASSP development is sitched to SVN.
> Starting with this build the download location is changed to:
>
> https://sourceforge.net/p/assp/svn/HEAD/tree/assp2/trunk
>
> The folder structure and file location in SVN is the same like it was in
> CVS.
>
> Previouse versions (including V1) and builds are still available at CVS
> for download, as long as souceforge provides browser access to CVS.
>
> http://assp.cvs.sourceforge.net
>
> - 'DoSameSubject' uses a similarity check instead of an equality check
>
> - 'MaxAllowedDups' uses a similarity check instead of an equality check
>
> - using ASSP_AFC 4.65, the version numbers of the archive modules are now
> shown in the Perl-modules status screen
>
> - if Encode::Detect is installed, it will be used instead of Encode::Guess
> to provide better decoding results
>
> - Depending on the used perl version the following chinese charsets were
> not supported by the perl module 'Encode', even the module
> 'Encode::HanExtra' was
> installed: big5plus , euc-tw , gb18030.
> These charsets are now registered to 'Encode' on NON-EBCDIC systems by
> assp. The installation of the perl module 'Encode::HanExtra' is mandatory
> to support these
> charsets.
>
> - an new exception switch is added to the 'UserAttach' function - ASSP_AFC
> 4.61 is required to provided this also for compressed attachments (zip:...)
>
> - In the 'config info' section of the left menu, a new link to 'Privat
> Config Notes' is available. It can be used for general notes and privat
> documentation.
>
>
>
> Thomas
>
>
>
> DISCLAIMER:
> *******************************************************
> This email and any files transmitted with it may be confidential, legally
> privileged and protected in law and are intended solely for the use of the
> individual to whom it is addressed.
> This email was multiple times scanned for viruses. There should be no
> known virus in this email!
> *******************************************************
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Assp-user mailing list
> Assp-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-user
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
