Hi all,
fixed in assp 2.6.6 *SPAM-Evaporator* build 21074:
- The definition in 'myGreeting' has only replaced the last greeting line
(220 text) from the MTA, lines starting with 220-text
were not touched. Now all greeting lines are replaced.
- Under rare conditions it was possible, that the
I checked both our local hardware store and the pet store for a "cuckoo
sandbox," but they only had regular play sand for children. If I bury the
click crazy people in play sand, will that solve the problem?
I would think that something like if an ALLOWPARTONLY hash is found along
with a second r
>and last checks the hashes
No, this is the first check after decompressing. If assp finds a hash it
does not know if the file is good or bad (because this should not matter).
If a good hash is found, it exceptional stops processing the attachment.
>ALLOWPARTONLY
What should happen, if for exa
gt; trust level together with the sending partner.
>
> Using this feature without an agreed and trusted security level of
> conversation, may lead in to a more or less higher security risk.
>
> What you want to do is to define or to find a 100% trust level without an
> agreement with
n:"K Post"
An: "ASSP development mailing list"
Datum: 22.01.2019 21:44
Betreff:Re: [Assp-test] fixed in assp 2.6.4 *SPAM-Evaporator*
build 19015
I generally feel lost these days :) Thanks for your continued patience!
I absolutely don't want to make this mo
sense to further scan an attachment, if a known good file is
> found - because there is no rule for "what to do" , if "what" is found.
>
> Your suggestion will lead in to a very very complex attachment definition.
> You would have to specify (exactly) for each SHA-hash,
folder
level)
Thomas
Von:"K Post"
An: "ASSP development mailing list"
Datum: 21.01.2019 19:07
Betreff:Re: [Assp-test] fixed in assp 2.6.4 *SPAM-Evaporator*
build 19015
We can tell vendors not to send zip files, but we don't have a choice for
We can tell vendors not to send zip files, but we don't have a choice for
some of the bigger ones that our charity works with. They won't change,
not ever.
I understand about AFC just treating office files as zip files (and that's
fine). For those vendors who insist on sending zip files with off
>Would you consider changing this functionality to consider the other
files in a compressed file, or at least giving us the option between:
This is not possible, because ASSP_AFC does not know anything about office
files. Office files are ZIP files and processed like them.
So a part of an Offic
19019 has much improved GUI explanation, thank you. And it's neat that you
can specify how deep to go into compressed files, giving us more granular
control especially for allowing office macros, but not in a ZIP which could
then contain an EXE which would be allowed. That helps ease my concern.
> See what I mean?
Yes - this problem is well known.
If the unexpected executable contains a virus, the attachment will be
blocked/removed.
The meaning of this feature is a "super-super-super whitelist" for
attachments. And YES - use it with care OR don't use it in doubt!
>But what if that v
gt;
> Thomas
>
>
>
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourceforge.net>
> Datum:18.01.2019 15:43
> Betreff:Re: [Assp-test] fixed in assp 2.6.4 *SPAM-Evaporator*
>
This work is done. + the getpdfsha.pl script to get the list of sha256
hashes.
The next release will have it.
Thomas
Von:"K Post"
An: "ASSP development mailing list"
Datum: 18.01.2019 15:43
Betreff: Re: [Assp-test] fixed in assp 2.6.4 *SPAM-Evaporator
bdcfd8086b1a38da0c991b8093b875ee43ba367
>> 4-StreamData :
>> bf3909ea48da420e1090165e3c10de456c3ba475afd0a3c60ca39b08f821742b
>> 4-StreamData :
>> bcc1cba660e048ddedeca1ac00e4c958c8026a5128ed4708b7de110b53b0980c
>> 4-StreamData :
>> 6f7108c9bcdd731b1685550122a
ea48da420e1090165e3c10de456c3ba475afd0a3c60ca39b08f821742b
> 4-StreamData :
> bcc1cba660e048ddedeca1ac00e4c958c8026a5128ed4708b7de110b53b0980c
> 4-StreamData :
> 6f7108c9bcdd731b1685550122a6a274e9c27b31fb03cbb8546ca886fff8a826
> 4-StreamData :
> f63862478cf5cdbe0248f3f9f5c0e42a85216fb1584b81e8301ebf4f1410a826
> 4-StreamData :
>
aa020
Thomas
Von:"K Post"
An: "ASSP development mailing list"
Datum: 16.01.2019 15:12
Betreff:Re: [Assp-test] fixed in assp 2.6.4 *SPAM-Evaporator*
build 19015
Love the name!
Great idea on the good EXE implementation. With office files, we're now
Love the name!
Great idea on the good EXE implementation. With office files, we're now
going to put the hash of the vbaproject.bin files that we want to pass
which will let us accept different excel files from them as long as the
code is the same. This is a HUGE improvement! Thank you.
For PDF
Hi all,
fixed in assp 2.6.4 *SPAM-Evaporator* build 19015:
added:
- ASSP_AFC 5.01 is released - it includes a new extension
'ASSP_AFCKnownGoodEXE','Well Known Good Executable Files'
'Put the SHA256_HEX hash of all well known good executables in to this
file (one per line). If the SHA256_HEX
Hi all,
fixed in assp 2.6.2 *Fortress* build 18148:
changed:
- admins are now able to remove global and domain based entries from
whitelist using the emailinterface
admins are now able to delete global and domain based database records
from the whitelistdb using the emailinterface
admins
Hi all,
fixed in assp 2.5.6 build 17184:
- changing the webAdminPassword (root) caused some times an exception in
Crypt::GOST, because of empty secured files
- a wrong error text was shown in case of an LDAP setup or runtime error
changed:
- the functionality and the the description of the LD
Thanks again for all of this! Some of these little tweaks will make a big
difference in my day to day.
Note, that after launching this new version, I am getting the warning:
warning: the current HMMdb is possibly incompatible to this version of
ASSP. Please run a rebuildspamdb. current:
2_14315_
Hi all,
fixed in assp 2.5.2 build 16270:
- some not required code is removed from the outqueue processing
- spamlover score overrides for low-limit and limit were ignored by failed
Plugins
- performance optimizaton for large mails
- the automatic creation of empty option files has shown a wro
Hi all,
fixed in assp 2.4.6 build 15218:
changed:
- the 'Worker & Database' status screen now shows also the recommendations
recorded at startup
- a link to the assp ticket system was added at the bottom of the GUI
Thomas
DISCLAIMER:
***
Hi all,
2013-05-10
fixed in assp 2.3.4 build 13130:
- some times the copy Spam connections were running in to an undetected
SMTP timeout
- reloading the configuration in the workers could cause a deadlock ->
stucking ASSP
- reloading the configuration in the rebuild thread caused some times a
Hi all,
the following Perl modules are updated for ASSP V2 (all Versions). The
update fixes an optimization BUG in Regex::Optimizer 1.11 and Regex::List
1.05.
Regex::Optimizer 1.12
Regex::List 1.06
The update is availabel at Sourceforge CVS
http://assp.cvs.sourceforge.net/viewvc/assp/assp2/li
Hi all,
fixed in assp 2.1.2 build 12109:
- new ASSP_WordStem.pm version 1.22 is available - it fixes some language
detection mistakes
- new ASSP_AFC.pm version 1.30 is available - improves the spam-
attachment and image detection
- new ASSP_ÓCR.pm version 2.09 is available - fixes a bug in the
t [mailto:gray...@gmx.net]
Gesendet: Mittwoch, 14. Dezember 2011 10:15
An: ASSP development mailing list
Betreff: Re: [Assp-test] fixed in assp 2.1.2 build 11346
> Is there any chance to choose if local IPs or localhost will be
> blocked? ASSP prevented sending mails from Exchange/loc
On 14/12/2011 09:15, GrayHat wrote:
>
>> Is there any chance to choose if local IPs or localhost will be
>> blocked? ASSP prevented sending mails from Exchange/localhost,
>> yesterday. There was a internal client coming through a connector
>> with wrong data. I think it is better to restart assp a
> Is there any chance to choose if local IPs or localhost will be
> blocked? ASSP prevented sending mails from Exchange/localhost,
> yesterday. There was a internal client coming through a connector
> with wrong data. I think it is better to restart assp automatically if
> some internal clients or
tart assp automatically if some internal clients or localhost are
sending strange characters.
Regards Marco
-Ursprüngliche Nachricht-
Von: Thomas Eckardt [mailto:thomas.ecka...@thockar.com]
Gesendet: Montag, 12. Dezember 2011 19:44
An: ASSP development mailing list
Betreff: [Assp-test] fi
> fixed in assp 2.1.2 build 11346:
Thomas... all I can say is that starting from some
versions up to this latest (I just upgraded to it) the
latest ASSP v2 seems quite stable and doesn't
show crashes or issues (fingers crossed :D) so,
I think that, set aside any pending change/fix the
current ve
Hi all,
fixed in assp 2.1.2 build 11346:
- It was possible that ASSP crashed (attacked) if an 'EarlyTalker' has
sent nonASCII data. If such a very bad behavior is detected,
the connected IP will be further blocked very early. The build and used
'EMERGENCY' blocking IP-list could be
cleanedu
Nov-22-11 08:15:40 Spam Weight: 3,757,136
Nov-22-11 08:15:40 Not-Spam Weight: 4,682,767
Nov-22-11 08:15:40 Corpus norm: 0.8023 - (ok - slighly ham heavy)
Nov-22-11 08:15:40 Corpus confidence: 0.83495626
---
Hi all,
fixed in 2.1.2 build 11314:
- some incorrect logging entries in the maillog.txt, have possibly caused
an incorrect calculation of the uploaded griplist
- the X-Assp-Spam-Level: header has not shown any asterix in the last
release (11311)
changed:
- The calculation of the Bayesian an
Hi all,
fixed in 2.1.2 build 11311:
- the calculation of the spam confidence value was wrong in case of less
Bayesian word pair matches
changed:
- both analyzers now are showing URIBL results
Thomas
DISCLAIMER:
***
This email and any files
Thomas,
no problems so far with the 11305, especially no memory problems or crashes.
Good job from my point of view!
Another question:
I have always a
"[SMTP Status] 451 4.7.1 Please try again later" directly after
"[SMTP Error] 550 5.1.1 User unknown: " or
"[SMTP Error] 554 5.7.1 Extreme Bad IP
It seems stable now...20 minutes, no crashing.
Steve
-Original Message-
From: GrayHat [mailto:gray...@gmx.net]
Sent: Wednesday, November 02, 2011 9:10 AM
To: ASSP development mailing list
Subject: Re: [Assp-test] fixed in 2.1.2 build 11305
> Thomas
> I've had to go ba
Willdo..
-Original Message-
From: GrayHat [mailto:gray...@gmx.net]
Sent: Wednesday, November 02, 2011 9:10 AM
To: ASSP development mailing list
Subject: Re: [Assp-test] fixed in 2.1.2 build 11305
> Thomas
> I've had to go back to 11304, 11035 was crashing every couple of
> Thomas
> I've had to go back to 11304, 11035 was crashing every couple of
> minutes. 11304 does not crash until rebuildspamdb is used.
Could you please set DoHMM to zero, restart ASSP and keep
an eye on it to see if the symptoms disappear ?
-
list
Subject: Re: [Assp-test] fixed in 2.1.2 build 11305
Hi Thomas, rebuildspamdb is back to crashing same as 11302. CPU spike & memory
growth..
Steve
-Original Message-
From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com]
Sent: Tuesday, November 01, 2011 10:04 PM
To: ASSP developmen
Hi Thomas, rebuildspamdb is back to crashing same as 11302. CPU spike & memory
growth..
Steve
-Original Message-
From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com]
Sent: Tuesday, November 01, 2011 10:04 PM
To: ASSP development mailing list
Subject: [Assp-test] fixed in 2.1.2 b
>> fixed in 2.1.2 build 11305:
>
> Is it already on CVS ? Checked now but I still see the 11304
Forget it, just found it, sorry
--
RSA® Conference 2012
Save $700 by Nov 18
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev
> fixed in 2.1.2 build 11305:
Is it already on CVS ? Checked now but I still see the 11304
--
RSA® Conference 2012
Save $700 by Nov 18
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev1
fixed in 2.1.2 build 11305:
- some messages are not scanned for viruses and/or attachment are not
detected
- assp was crashing on cleanup after populating very large Hidden Markov
Models
- HMM-check was disabled by a bug in build 11304
** ATTENTION **
- if MySQL databases are used - c
Steve Moffat wrote:
> Just FYI, no difference here while running rebuildspamdb
For us, rebuildspamdb wasn't an issue. The main assp process was
chewing up our ram. The update has greatly reduced this.
Doug
--
Ben Franklin quote:
"Those who would give up Essential Liberty to purchase a li
Hi Thomas
Just FYI, no difference here while running rebuildspamdb
Steve
-Original Message-
From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com]
Sent: Friday, October 28, 2011 3:20 AM
To: ASSP development mailing list
Subject: [Assp-test] fixed pre version 2.1.2 11301
Hi all
Thomas Eckardt wrote:
> just released a pre fixed version 2.1.2 11301, which fixes partly the
> growing memory usage issue.
Thank you!
Doug
--
Ben Franklin quote:
"Those who would give up Essential Liberty to purchase a little Temporary
Safety, deserve neither Liberty nor Safety."
---
Hi all,
just released a pre fixed version 2.1.2 11301, which fixes partly the
growing memory usage issue.
I'm just low on time. There are also several changes in this release for
the HMM - please read the changed GUI for 'DoHMM' if you use it.
I'll try to send an update of the change log this e
Hi!
- Original Message -
From: "Shabalin, Alexander"
To: "ASSP development mailing list"
Sent: Friday, September 11, 2009 9:31 AM
Subject: Re: [Assp-test] ASSP as a service (service did not respond) 1053
> It can be some sort of incompatibility in:
> 1. Windows Server 2008 x64.
> 2. P
Hi all,
fixed in 2.0.1_RC0.6.35
- scrollbars where not shown in IE8 if a file was open in GUI
Thomas
DISCLAIMER:
***
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended s
50 matches
Mail list logo
