Date: Fri, 27 May 2005 18:19:48 -0400 (EDT) From: "J.R. Oldroyd" <fbsd@opal.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/81570: New Port: mail/assp Anti-Spam SMTP Proxy Message-ID: <200505272219.j4RMJm54014806@linwhf.opal.com> Resent-Message-ID: <200505272230.j4RMU2iB087723@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 81570 >Category: ports >Synopsis: New Port: mail/assp Anti-Spam SMTP Proxy >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri May 27 22:30:02 GMT 2005 >Closed-Date: >Last-Modified: >Originator: J.R. Oldroyd >Release: FreeBSD 6.0-CURRENT i386 >Organization: >Environment: System: FreeBSD linwhf.opal.com 6.0-CURRENT FreeBSD 6.0-CURRENT #81: Mon May 16 16:13:37 EDT 2005 xxxx:/usr/src-current/sys/i386/compile/LINWHF i386 >Description: ASSP is a spam filtering system that sits between a sending client and your normal SMTP server (exim, postfix, qmail, sendmail, etc). ASSP blocks spam messages before they're accepted and passes non-spam messages to the normal SMTP server for delivery. ASSP offers: - a whitelist of known good senders - Bayesian checks on message headers and contents - local user validation using RFC822 checks, flat lists or LDAP lookup - relay denial - HELO checking - SPF (Sender Policy Framework) checking - DNSBL (DNS Block List) checking using many block list services - Virus detection >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # mail/assp/ # mail/assp/pkg-plist # mail/assp/distinfo # mail/assp/Makefile # mail/assp/pkg-descr # mail/assp/files # mail/assp/files/rc-assp.sh # mail/assp/files/assp.8 # mail/assp/files/patch-assp.pl # mail/assp/files/periodic-assp.sh # mail/assp/files/patch-stats.sh # mail/assp/files/assplog.8 # echo c - mail/assp/ mkdir -p mail/assp/ > /dev/null 2>&1 echo x - mail/assp/pkg-plist sed 's/^X//' >mail/assp/pkg-plist << 'END-of-mail/assp/pkg-plist' Xetc/rc.d/assp.sh Xetc/periodic/daily/510.assp X@unexec rmdir %D/etc/periodic/daily 2>&1 2>/dev/null || true X@unexec rmdir %D/etc/periodic 2>&1 2>/dev/null || true Xlib/assp/addservice.pl Xlib/assp/assp.pl X%%ASSP_CLAMAV%%lib/assp/freshclam.sh Xlib/assp/move2num.pl Xlib/assp/notspamreport.txt Xlib/assp/rebuildspamdb.pl Xlib/assp/repair.pl Xlib/assp/spamreport.txt Xlib/assp/stat.pl Xlib/assp/stats.sh Xlib/assp/whitereport.txt X@dirrm lib/assp Xsbin/assp Xsbin/assplog X%%DOCSDIR%%/ASSP Documentation.htm X%%DOCSDIR%%/Regular Expression Tutorial.htm X@dirrm %%DOCSDIR%% X@unexec rm %%ASSP_HOME%%/notspamreport.txt 2>&1 2>/dev/null || true X@unexec rm %%ASSP_HOME%%/spamreport.txt 2>&1 2>/dev/null || true X@unexec rm %%ASSP_HOME%%/whitereport.txt 2>&1 2>/dev/null || true X@unexec echo if [ -d %%ASSP_HOME%% ]; then echo "If you are deinstalling ASSP completely, remove the %%ASSP_HOME%% directory."; fi END-of-mail/assp/pkg-plist echo x - mail/assp/distinfo sed 's/^X//' >mail/assp/distinfo << 'END-of-mail/assp/distinfo' XMD5 (assp-1.1.1.b12.zip) = ccf11f30f7edbd05d1ab96d68dc5027d XSIZE (assp-1.1.1.b12.zip) = 183265 END-of-mail/assp/distinfo echo x - mail/assp/Makefile sed 's/^X//' >mail/assp/Makefile << 'END-of-mail/assp/Makefile' X# New ports collection makefile for: assp X# Date created: 16 May 2005 X# Whom: J.R. Oldroyd <fbsd@opal.com> X# X# $FreeBSD$ X# X XPORTNAME= assp XPORTVERSION= 1.1.1.b12 XCATEGORIES= mail XMASTER_SITES= http://opal.com/freebsd/ports/mail/assp/ X# ${MASTER_SITE_LOCAL} X#MASTER_SITE_SUBDIR= pav X XMAINTAINER= fbsd@opal.com XCOMMENT= Anti-Spam SMTP Proxy X XUSE_PERL5_RUN= yes XNO_BUILD= yes X XUSE_REINPLACE= yes XUSE_ZIP= yes X XEXTRACT_AFTER_ARGS= -d ${WRKSRC} X X# make options (use "make -DWITHOUT_XXX install" if you don't need something): X# XOPTIONS= EMVALID "RFC822 recipient address validator" ON \ X LDAP "LDAP validation of recipient addresses" ON \ X SPF "SPF validation of client IP" ON \ X CLAMAV "ClamAV virus scanner" ON \ X DNSBL "DNS block list checking" ON X X.include <bsd.port.pre.mk> X X.if !defined(WITHOUT_EMVALID) XRUN_DEPENDS+= ${SITE_PERL}/Email/Valid.pm:${PORTSDIR}/mail/p5-Email-Valid X.endif X.if !defined(WITHOUT_LDAP) XRUN_DEPENDS+= ${SITE_PERL}/Net/LDAP.pm:${PORTSDIR}/net/p5-perl-ldap X.endif X.if !defined(WITHOUT_SPF) XRUN_DEPENDS+= ${SITE_PERL}/${PERL_ARCH}/Net/DNS.pm:${PORTSDIR}/dns/p5-Net-DNS XRUN_DEPENDS+= ${SITE_PERL}/Mail/SPF/Query.pm:${PORTSDIR}/mail/p5-Mail-SPF-Query X.endif X.if !defined(WITHOUT_DNSBL) XRUN_DEPENDS+= ${SITE_PERL}/${PERL_ARCH}/Net/DNS.pm:${PORTSDIR}/dns/p5-Net-DNS X.endif X.if !defined(WITHOUT_CLAMAV) XRUN_DEPENDS+= wget:${PORTSDIR}/ftp/wget X.endif X# NB: for 1.1.1.b12 Net::DNS::Packet is required even if SPF and DNSBL not used XRUN_DEPENDS+= ${SITE_PERL}/${PERL_ARCH}/Net/DNS.pm:${PORTSDIR}/dns/p5-Net-DNS X X.if ${PERL_LEVEL} < 500000 XIGNORE= Port requires perl 5 or later. Install lang/perl5 or lang/perl5.8 then try again X.endif X XWRKSRC= ${WRKDIR}/assp XPKGPLIST= ${WRKDIR}/pkg-plist X XMAN8= assp.8 assplog.8 X XASSP_USER= nobody XASSP_GROUP= nobody XASSP_HOME= /var/db/assp X X.if defined(WITH_CLAMAV) XPLIST_SUB+= ASSP_CLAMAV="" X.else XPLIST_SUB+= ASSP_CLAMAV="@comment " X.endif X Xpre-install: X ${SED} -e "s:%%ASSP_HOME%%:${ASSP_HOME}:g" \ X -e "s:%%ASSP_USER%%:${ASSP_USER}:g" \ X -e "s:%%ASSP_GROUP%%:${ASSP_GROUP}:g" \ X -e "s:%%LOCALBASE%%:${LOCALBASE}:g" \ X < ${FILESDIR}/assp.8 > ${WRKDIR}/assp.8 X ${SED} -e "s:%%ASSP_HOME%%:${ASSP_HOME}:g" \ X -e "s:%%ASSP_USER%%:${ASSP_USER}:g" \ X -e "s:%%ASSP_GROUP%%:${ASSP_GROUP}:g" \ X -e "s:%%LOCALBASE%%:${LOCALBASE}:g" \ X < ${FILESDIR}/assplog.8 > ${WRKDIR}/assplog.8 X ${SED} -e "s:%%ASSP_HOME%%:${ASSP_HOME}:g" \ X -e "s:%%ASSP_USER%%:${ASSP_USER}:g" \ X -e "s:%%ASSP_GROUP%%:${ASSP_GROUP}:g" \ X -e "s:%%LOCALBASE%%:${LOCALBASE}:g" \ X < ${FILESDIR}/rc-assp.sh > ${WRKDIR}/rc-assp.sh X ${SED} -e "s:%%ASSP_HOME%%:${ASSP_HOME}:g" \ X -e "s:%%ASSP_USER%%:${ASSP_USER}:g" \ X -e "s:%%ASSP_GROUP%%:${ASSP_GROUP}:g" \ X -e "s:%%LOCALBASE%%:${LOCALBASE}:g" \ X < ${FILESDIR}/periodic-assp.sh > ${WRKDIR}/periodic-assp.sh X Xdo-install: X ${MKDIR} ${PREFIX}/lib/assp X ${INSTALL_SCRIPT} ${WRKSRC}/*.pl ${PREFIX}/lib/assp X ${INSTALL_SCRIPT} ${WRKSRC}/stats.sh ${PREFIX}/lib/assp X.if defined(WITH_CLAMAV) X ${INSTALL_SCRIPT} ${WRKSRC}/freshclam.sh ${PREFIX}/lib/assp X.endif X ${INSTALL_DATA} ${WRKSRC}/*report.txt ${PREFIX}/lib/assp X ${MKDIR} ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/*.htm ${DOCSDIR} X Xpost-install: X ${MKDIR} ${ASSP_HOME} X ${CHOWN} ${ASSP_USER}:${ASSP_GROUP} ${ASSP_HOME} X ${CHMOD} 700 ${ASSP_HOME} X ${LN} -s ${PREFIX}/lib/assp/*.txt ${ASSP_HOME} X ${LN} -s ${PREFIX}/lib/assp/assp.pl ${PREFIX}/sbin/assp X ${LN} -s ${PREFIX}/lib/assp/stats.sh ${PREFIX}/sbin/assplog X ${INSTALL_MAN} ${WRKDIR}/assp.8 ${PREFIX}/man/man8 X ${INSTALL_MAN} ${WRKDIR}/assplog.8 ${PREFIX}/man/man8 X ${MKDIR} ${PREFIX}/etc/rc.d X ${INSTALL_SCRIPT} ${WRKDIR}/rc-assp.sh ${PREFIX}/etc/rc.d/assp.sh X ${MKDIR} ${PREFIX}/etc/periodic ${PREFIX}/etc/periodic/daily X ${INSTALL_SCRIPT} ${WRKDIR}/periodic-assp.sh ${PREFIX}/etc/periodic/daily/510.assp X ${REINPLACE_CMD} -e "s:%%ASSP_HOME%%:${ASSP_HOME}:g" ${TMPPLIST} X X.include <bsd.port.post.mk> END-of-mail/assp/Makefile echo x - mail/assp/pkg-descr sed 's/^X//' >mail/assp/pkg-descr << 'END-of-mail/assp/pkg-descr' XAnti-Spam SMTP Proxy is a spam filter that sits on port 25 in front Xof your regular SMTP server (sendmail, postfix, qmail, etc). X XASSP performs a number of configurable spam checks and on detecting Xa spam message provides an immediate 5xx SMTP error code back to Xthe client. Non-spam messages are passed to your regular SMTP server Xfor further processing and delivery. X XASSP offers: X - a whitelist of known good senders X - Bayesian checks on message headers and contents X - recipient address validation using LDAP and RFC822 conformance X - relay denial X - HELO checking X - SPF (Sender Policy Framework) checking X - DNSBL (DNS Block List) checking using many DNSBL services X - Virus detection X XASSP is a single script with a web-based configuration tool. X XWWW: http://assp.sourceforge.net/ END-of-mail/assp/pkg-descr echo c - mail/assp/files mkdir -p mail/assp/files > /dev/null 2>&1 echo x - mail/assp/files/rc-assp.sh sed 's/^X//' >mail/assp/files/rc-assp.sh << 'END-of-mail/assp/files/rc-assp.sh' X#!/bin/sh X# X# $FreeBSD$ X# X# Start or stop ASSP X# X Xif [ -f /etc/rc.subr ] Xthen X . /etc/rc.subr Xelif [ -f /usr/local/etc/rc.subr ] Xthen X # FreeBSD 4.x X . /usr/local/etc/rc.subr Xfi X Xname="assp" Xrcvar=`set_rcvar` X Xassp_home=%%ASSP_HOME%% Xprogram_file=assp Xprogram_path=%%LOCALBASE%%/sbin/${program_file} Xsyslog_facility=daemon.err X Xload_rc_config $name X X[ -z "$assp_enable" ] && assp_enable="NO" X[ -z "$assp_args" ] && assp_args="$assp_home" X X[ -f ${assp_home}/pid ] && assp_pid=`cat ${assp_home}/pid` X Xcase "$1" in Xstart) X if checkyesno assp_enable X then X if [ ! -x ${program_path} ] X then X logger -sp ${syslog_facility} -t ${program_file} \ X "unable to start: ${program_path} is missing." X exit 72 X fi X if [ -n "${assp_pid}" ] X then X if ps axo ucomm -p ${assp_pid} | egrep perl >/dev/null; then X logger -sp ${syslog_facility} -t ${program_file} \ X "unable to start: ${program_file} is already running." X exit 72 X fi X fi X echo "Starting ASSP proxy." X ${program_path} ${assp_args} X fi X ;; X Xstop) X if [ -n "${assp_pid}" ] X then X echo "Stopping ASSP proxy." X kill ${assp_pid} X fi X ;; X Xrestart) X $0 stop X $0 start X ;; X Xstatus) X if [ -n "${assp_pid}" ] X then X ps auxwwp ${assp_pid} X fi X ;; X X*) X echo "usage: ${name} {start|stop|restart|status}" >&2 X exit 64 X ;; Xesac X END-of-mail/assp/files/rc-assp.sh echo x - mail/assp/files/assp.8 sed 's/^X//' >mail/assp/files/assp.8 << 'END-of-mail/assp/files/assp.8' X.TH assp 8 "May 16, 2005" "" "ASSP" X.SH NAME Xassp \- Anti-Spam SMTP Proxy X.SH SYNOPSIS Xassp [ base_dir [ admin_port ] ] X.PP Xsh %%LOCALBASE%%/etc/rc.d/assp.sh start|stop|restart|status X.SH DESCRIPTION X.I "Anti-Spam SMTP Proxy" Xis a spam filter that sits on port 25 in front Xof your regular SMTP server X.RI ( exim (8), X.IR postfix (8), X.IR qmail (8), X.IR sendmail (8), Xetc). X.PP X.I ASSP Xrelays the SMTP dialog between an incoming client and your SMTP Xserver, intercepting the dialog as needed. X.I ASSP Xperforms a number of configurable spam checks and on detecting Xa spam message provides an immediate 5xx SMTP error code back to Xthe client. Non-spam messages are passed to your regular SMTP server Xfor further processing and delivery. Spam messages can be blocked Xfrom delivery or subject-tagged and delivered. X.PP X.I ASSP Xoffers: X.RS X.IP - 2m Xa whitelist of known good senders X.IP - XBayesian checks on message headers and contents X.IP - Xlocal user validation using RFC822 checks, flat lists or LDAP lookup X.IP - Xrelay denial X.IP - XHELO checking X.IP - XSPF (Sender Policy Framework) checking X.IP - XDNSBL (DNS Block List) checking using many block list services X.IP - XVirus detection X.RE X.PP X.I ASSP Xis entirely administrator-managed and is almost totally Xtransparent to users. In particular, users do not need to Xmanage X.IR procmail (1) Xspam filters or challenge-response systems of their own. X.PP XThe X.I base_dir Xargument gives the name of X.IR ASSP 's Xworking directory. If omitted Xit defaults to the current directory. X.PP X.I ASSP Xis configured using a web interface. XThe X.I admin_port Xargument gives the network port for accessing X.IR ASSP 's Xconfiguration menu. It defaults to 55555. XTo access the configuration menu, start X.I ASSP Xand then point your browser at X.IR http://localhost:55555 . XThe default admin password is X.IR nospam4me . X.PP XInitial setup of X.I ASSP Xinvolves several steps: X.IP 1. XReview X.IR ASSP 's Xconfiguration options and adjust as necessary. Be sure Xto change the admin password. By default X.IR ASSP 's Xfilters are all set to X.I "Test Mode" Xwhich means all messages will be delivered to their recipients. XLeave everything in Test Mode for now. X.IP 2. XDecide on which network port(s) X.I ASSP Xwill listen and on which your normal SMTP server will listen. XTypically, X.I ASSP Xwill listen on port 25 and your SMTP server will be moved to Xsomething like port 125 or 587. X.IP 3. XReconfigure your SMTP server to its new port. X.IP 4. XReconfigure X.I ASSP Xto port 25 and restart X.IR ASSP . XSince X.I ASSP Xis in Test Mode, all messages will be delivered to their Xrecipients. X.IP 5. XArrange for all users' outbound email to be processed by X.IR ASSP . XThis is necessary for X.I ASSP Xto be able to automatically maintain its whitelist. XIf a user's MUA uses SMTP to port 25, this will happen Xwithout further intervention. If an MUA invokes X.I /usr/sbin/sendmail Xand you're using the default X.IR sendmail (8) Xconfiguration with submit queues, this will also happen Xwithout further intervention. Otherwise, you need to take Xwhatever steps are necessary for each MUA that's being used. X.IP 6. XOptionally, send a message containing a list of email addresses Xthat you want to receive email from to X.IR assp-white@yourdomain.com . XHave all your users do this. This will seed X.IR ASSP 's Xwhitelist. Messages from senders on the whitelist will Xnever be blocked. X.IP 7. XTo set up the Bayesian word list filtering, do the following: X.RS X.IP 7a. XEnsure some senders' addresses are in the whitelist, either Xby sending email to them or by seeding the whilelist as described Xabove. X.IP 7b. XAllow some time (could be hours or days, depending on the Xvolume of email you receive) for enough email to collect. XMesages from senders on the whitelist will be copied in the X.I notspam Xdirectory. Other messages will either be passed or be copied Xin the X.I spam Xdirectory based on word scores in the initial greylist. X.IP 7c. XPeriodically examine the messages in X.IR ASSP 's X.IR notspam Xand X.I spam Xdirectories to make sure they're sorted correctly. Move Xany to the other directory as needed. If you're unsure about Xa particular message, just delete it. XAlso, examine X.I maillog.txt Xfor information about what X.I ASSP Xis doing. X.IP 7d. XAfter about 400 messages have collected, filtering mode can Xbe enabled. XIn the X.I %%ASSP_HOME%% Xdirectory, run the X.I %%LOCALBASE%%/lib/assp/rebuildspamdb.pl Xscript to create the spam database from the logged messages. XThis is the part where the Bayesian filter ``learns'' about Xthe words in your X.I spam Xand X.I notspam Xcollections. X.IP 7e. XUncheck the appropriate Test Mode box in X.IR ASSP 's Xconfiguration menu to enable message blocking. X.IP 7f. XIt is recommended that the X.I UseSubjectsAsMaillogNames Xconfiguration option is eventually unchecked and that the Xscript X.I %%LOCALBASE%%/lib/assp/move2num.pl Xis run in the X.I %%ASSP_HOME%% Xdirectory. This causes messages to be stored with numeric Xfilenames, and overwritten after some time. The benefits Xof this are that the size of the stored messages will Xbe limited and that older messages are removed from the Xcollection. This keeps the Bayesian word list current. XThis need not be done immediately; you can do this once Xyou no longer feel the need to examine the spam messages Xin detail. X.RE X.IP 8. X.IR ASSP 's Xother filtering options (local user validation, RFC822 Xconformance, client HELO validation, SPF validation, Xthe use of DNSBLs and the ClamAV virus checker) Xcan be enabled by examining and adjusting their Xconfiguration options as needed and then unchecking the Xappropriate Test Mode boxes. X.PP XOnce X.I ASSP Xis live, users should forward a copy of any spam message that Xstill gets through to X.I assp-spam@yourdomain.com Xin order to add it to X.IR ASSP 's Xspam database. Any non-spam that was mis-classified as spam Xcan be copied to X.IR assp-notspam@yourdomain.com . X.PP XThe X.I rebuildspamdb.pl Xscript needs to be re-run periodically to update the spam database Xfrom the latest logged messages. There is a X.IR periodic (8) Xscript that will do this overnight. X.PP XFor full details of using X.IR ASSP , Xsee the X.I ASSP Xwebsite and documentation. X.SH "STARTING ASSP AT BOOT TIME" XThe X.I /usr/local/etc/rc.d/assp.sh Xscript is run automatically at system boot time. XSeveral variables can be set in X.I /etc/rc.conf Xto control the behavior. X.IP assp_enable Xset to X.I "YES" Xto start ASSP at boot time X.IP assp_args Xpassed to the ASSP client, default is X.I assp_args="%%ASSP_HOME%%" X.SH FILES X.IP %%ASSP_HOME%% Xlocation of ASSP config file, log file and spam databases X.IP %%ASSP_HOME%%/notspam Xcopies of non-spam messages received X.IP %%ASSP_HOME%%/spam Xcopies of spam messages received X.IP %%ASSP_HOME%%/errors/{notspam,spam} Xmessages forwarded to assp-notspam@ and assp-spam@ addresses X.IP %%ASSP_HOME%%/maillog.txt X.IR ASSP 's Xlog file X.IP %%LOCALBASE%%/lib/assp/freshclam.sh Xscript to update virus definitions X.IP %%LOCALBASE%%/lib/assp/move2num.pl Xscript to rename stored messages to numeric filenames X.IP %%LOCALBASE%%/lib/assp/rebuildspamdb.pl Xscript to update spam database X.IP %%LOCALBASE%%/etc/periodic/daily/510.assp Xnightly script to invoke X.I rebuildspamdb.pl Xand X.IR freshclam.sh . X.SH BUGS X.I ASSP Xcurrently has no IPv6 support. X.SH "SEE ALSO" X.IR procmail (1), X.IR assplog (8), X.IR exim (8), X.IR postfix (8), X.IR qmail (8), X.IR sendmail (8), X%%LOCALBASE%%/share/doc/assp/ASSP Documentation.htm X.br Xhttp://assp.sourceforge.net/ END-of-mail/assp/files/assp.8 echo x - mail/assp/files/patch-assp.pl sed 's/^X//' >mail/assp/files/patch-assp.pl << 'END-of-mail/assp/files/patch-assp.pl' X--- assp.pl.orig Tue Mar 15 06:41:24 2005 X+++ assp.pl Wed May 18 11:33:35 2005 X@@ -58,7 +58,7 @@ X 'The address:port of your message handling system\'s smtp server. For example: 127.0.0.1:125'], X [AsAService,'As a Service',0,checkbox,'','(\S*)',undef, X 'In Windows 2000 / NT you can run it as a service; requires <a href="http://www.roth.net/perl/Daemon/" rel="external">win32::daemon</a>. Requires start from the service control panel.'], X- [AsADaemon,'As a Daemon',0,checkbox,'','(\S*)',undef, X+ [AsADaemon,'As a Daemon',0,checkbox,1,'(\S*)',undef, X 'In Linux/BSD/Unix/OSX fork and close file handles, kinda like "perl assp.pl &" but better. Requires restart.'], X [myName,'My Name',20,textinput,'ASSP-nospam','(\S+)',undef, X 'What the program calls itself in the email "received by" header. Usually ASSP-nospam.'], X@@ -355,7 +355,7 @@ X No mail is delivered! For example: assp-notspam'], X [EmailWhitelist,'Add to Whitelist Address',20,textinput,'assp-white','(.*)',undef, X 'Any mail sent by local/authenticated users to this username will be interpreted as a request to add addresses to the whitelist.<br /> No mail is delivered! For example: assp-white'], X- [EmailFrom,'From Address for Email',20,textinput,'ASSP <>','(.+)',undef, X+ [EmailFrom,'From Address for Email',20,textinput,'ASSP <postmaster@yourdomain.com>','(.+)',undef, X 'Email sent from ASSP acknowledging your submissions will be sent from this address.<br /> X Some mailers don\'t like the default setting. For example: ASSP <> or Mail Administrator X <mailadmin@mydomain.com>'], X@@ -423,9 +423,9 @@ X 'ASSP closes and renames the log file after this number of days. Decimals are ok. For example: 14 or 0.5'], X X [0,0,0,heading,'Security'], X- [runAsUser,'Run as UID',20,textinput,'','(\S*)',undef, X+ [runAsUser,'Run as UID',20,textinput,'nobody','(\S*)',undef, X 'The *nix user name to assume after startup: assp or nobody -- requires ASSP restart.'], X- [runAsGroup,'Run as GID',20,textinput,'','(\S*)',undef, X+ [runAsGroup,'Run as GID',20,textinput,'nobody','(\S*)',undef, X 'The *nix group to assume after startup: assp or nogroup -- requires ASSP restart.'], X [ChangeRoot,'Change Root',60,textinput,'','(.*)',undef, X 'Non-blank means to run in chroot jail in *nix. You need an etc/protocols file to make this work<br /> X@@ -4462,4 +4462,4 @@ X dynablock.njabl.org X ); X } X-1; X\ No newline at end of file X+1; END-of-mail/assp/files/patch-assp.pl echo x - mail/assp/files/periodic-assp.sh sed 's/^X//' >mail/assp/files/periodic-assp.sh << 'END-of-mail/assp/files/periodic-assp.sh' X#!/bin/sh X# X# $FreeBSD$ X# X# Update ASSP Spam and ClamAV databases X Xcd %%ASSP_HOME%% X Xif [ ! -f %%LOCALBASE%%/lib/assp/rebuildspamdb.pl ] Xthen X echo "%%LOCALBASE%%/lib/assp/rebuildspamdb.pl doesn't exist" X rc_spamdb=2 Xelse X echo "" X echo "Running ASSP rebuildspamdb.pl:" X perl %%LOCALBASE%%/lib/assp/rebuildspamdb.pl && rc_spamdb=0 || rc_spamdb=3 Xfi X Xif [ ! -f %%LOCALBASE%%/lib/assp/freshclam.sh ] Xthen X # existence of freshclam.sh is optional, dependent X # on the WITH_CLAMAV setting, so not an error if not there X rc_clamav=0 Xelse X echo "" X echo "Fetching ASSP ClamAV virus database updates:" X export PATH=$PATH:/usr/local/bin X sh %%LOCALBASE%%/lib/assp/freshclam.sh && rc_clamav=0 || rc_clamav=3 Xfi X Xrc=$(($rc_spamdb|$rc_clamav)) X Xexit $rc END-of-mail/assp/files/periodic-assp.sh echo x - mail/assp/files/patch-stats.sh sed 's/^X//' >mail/assp/files/patch-stats.sh << 'END-of-mail/assp/files/patch-stats.sh' X--- stats.sh.orig Fri Aug 6 20:26:26 2004 X+++ stats.sh Thu May 26 22:24:20 2005 X@@ -4,12 +4,12 @@ X # copy of your standard Unix shell, the 'tail' utility and a working 'awk' X # interpreter. X X-# I use the default location for ASSP's maillog file, and the 'maillog.log' X+# I use the default location for ASSP's maillog file, and the 'maillog.txt' X # name (in assp.cfg) to keep ASSP from changing it on me. X X-# This script attempts to go back at least 300 lines in your maillog.log X+# This script attempts to go back at least 300 lines in your maillog.txt X # file to give you a nice screenful of goodies to review when it X-# first starts. If your maillog.log is nearly empty, then just X+# first starts. If your maillog.txt is nearly empty, then just X # be patient. As things happen - the logger will reveal it in COLOR! X # ------------------------------------ KRL ------------------------- X X@@ -30,8 +30,11 @@ X # BS (in Red) lines are those caught by the Bayesian filter !! X # LW (in White .. mostly) are those Local or Whitelisted eMails X # Ok (in Green) are eMail that fully pass alltests without exceptions. X-# RB (in Cyan) .. Blocked Relay attempt X-# WL+ Whitelist ADDITION by an authorized local user X+# RB (in Magenta) .. Blocked Relay attempt X+# HL (in Magenta) .. Blocked due to spam HELO X+# SP (in Magenta) .. Blocked by failed SPF lookup X+# WA+ Whitelist ADDITION by an authorized local user X+# WL+ Whitelist ADDITION of address CC'd in whitelisted email X # BA (in Cyan) .. Bad ATTACHEMENT rejected X # SR (in Cyan) .. spam@ report submission X # NS (in Cyan) .. notspam@ report submission X@@ -46,32 +49,32 @@ X # Some fields are truncated (with a hard-coded length value, usually 40) X # to keep each line more or less intact on your screen as things scroll by X # Colors are coded with ANSI Color coding, your mileage may vary ... X-# I assume the naming convention of 'maillog.log' so ASSP won't munge X+# I assume the naming convention of 'maillog.txt' so ASSP won't munge X # each current log into some difficult-to-grok name. You should try X # to use this feature - and perhaps roll the log periodically with X # your system's 'newsyslog' functionality. You can send a SIGHUP to X # ASSP when you roll the log so it starts afresh..KRL X X-tail -300 -f /usr/local/assp/maillog.log | \ X+tail -300 -f /var/db/assp/maillog.txt | \ X awk ' \ X /whitelisted/ { \ X- printf("%s %s \033[1;32m%-15s L\033[0mW %s \033[1;32m->\033[0m %s\n", \ X+ printf("%s %s \033[1;32m%-15s\033[0m \033[1;37mLW %s\033[0m \033[1;32m->\033[0m \033[1;37m%s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X substr($3,1,length($3)), \ X substr($4,1,40), \ X substr($6,1,length($6)) )\ X } \ X- /email/ && /whitelist addition/ { \ X- printf("%s %s \033[1;32m%-15s W\033[0mA+ %s \033[1;32m->\033[0m %s\n", \ X+ /whitelist addition/ && /email new/ { \ X+ printf("%s %s \033[1;36m%-15s WA+ %s\033[0m \033[1;37m%s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X "+email address+", \ X- substr($4,1,40), \ X- substr($6,1,length($6)) )\ X+ "-adds-", \ X+ substr($7,1,length($7)) )\ X } \ X /whitelist addition/ && !/email/ { \ X- printf("%s %s \033[1;32m%-15s W\033[0mL+ %s \033[1;32m %s %s\033[0m\n", \ X+ printf("%s %s \033[1;32m%-15s\033[0m \033[1;37mWL+ %s\033[0m \033[1;32m%s\033[0m \033[1;37m%s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X substr($3,1,length($3)), \ X@@ -79,12 +82,12 @@ X "-adds-", \ X substr($9,1,length($9)) )\ X } \ X- /Bayesian spam/ { \ X+ /Bayesian Spam/ { \ X printf("%s %s \033[1;31m%-15s BS %s -> %s\033[0m\n", \ X- substr($1,1,length($1)), \ X- substr($2,1,length($2)), \ X- substr($3,1,length($3)), \ X- substr($4,1,40), \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X substr($6,1,length($6)) )\ X } \ X /message ok/ { \ X@@ -95,7 +98,7 @@ X substr($4,1,40), \ X substr($6,1,length($6)) )\ X } \ X- /bad attachment/ { \ X+ /bad attachment/ && !/no bad/ { \ X printf("%s %s \033[1;35m%-15s BA %s -> %s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X@@ -104,29 +107,66 @@ X substr($6,1,length($6)) )\ X } \ X /relay attempt blocked/ { \ X- printf("%s %s \033[1;35m%-15s RB %s -> %s %s %s %s %s\033[0m\n", \ X+ printf("%s %s \033[1;35m%-15s RB %s -> %s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X substr($3,1,length($3)), \ X- substr($4,1,length($4)), \ X- substr($5,1,length($5)), \ X- substr($6,1,length($6)), \ X- substr($7,1,length($7)), \ X- substr($8,1,length($8)), \ X+ substr($4,1,40), \ X substr($9,1,length($9)) )\ X } \ X+ /Invalid address rejected/ { \ X+ printf("%s %s \033[1;34m%-15s IR %s -> %s\033[0m\n", \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X+ substr($NF,1,length($NF)) )\ X+ } \ X+ /malformed address/ { \ X+ printf("%s %s \033[1;35m%-15s MA %s -> %s\033[0m\n", \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X+ substr($7,1,length($7)) )\ X+ } \ X+ /failed RBL checks/ { \ X+ printf("%s %s \033[1;35m%-15s BL %s -> %s\033[0m\n", \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X+ substr($6,1,length($6)) )\ X+ } \ X+ /failed SPF checks/ { \ X+ printf("%s %s \033[1;35m%-15s SP %s -> %s\033[0m\n", \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X+ substr($6,1,length($6)) )\ X+ } \ X+ /has spam helo/ { \ X+ printf("%s %s \033[1;35m%-15s HL %s -> %s %s\033[0m\n", \ X+ substr($1,1,length($1)), \ X+ substr($2,1,length($2)), \ X+ substr($3,1,length($3)), \ X+ substr($4,1,40), \ X+ substr($6,1,length($6)), \ X+ substr($10,1,length($10)) )\ X+ } \ X /Admin update:/ { \ X- printf("\033[1;33m%s %s %s %s %s %s \033[0m\n", $1, $2, $3, $4, $5, $6) \ X+ printf("\033[1;33m%s\033[0m\n", $0) \ X } \ X /Email spamreport/ { \ X- printf("%s %s\033[0;36m %-15s SR %s Email SPAM Submission\033[0m\n", \ X+ printf("%s %s\033[1;36m %-15s SR %s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X substr($3,1,length($3)), \ X substr($4,1,length($4)) ) \ X } \ X /Email hamreport/ { \ X- printf("%s %s\033[0;36m %-15s NS %s Email NOTSPAM Submission\033[0m\n", \ X+ printf("%s %s\033[1;36m %-15s NS %s\033[0m\n", \ X substr($1,1,length($1)), \ X substr($2,1,length($2)), \ X substr($3,1,length($3)), \ END-of-mail/assp/files/patch-stats.sh echo x - mail/assp/files/assplog.8 sed 's/^X//' >mail/assp/files/assplog.8 << 'END-of-mail/assp/files/assplog.8' X.TH assplog 8 "May 16, 2005" "" "ASSP" X.SH NAME Xassplog \- display colorized ASSP log X.SH SYNOPSIS Xassplog X.SH DESCRIPTION X.I assplog Xuses X.B "tail -f" Xto monitor the ASSP Anti-Spam SMTP Proxy log and then displays Xlogged messages using ANSI color sequences for easy reading. X.PP XThe colors have the following meaning: X.PP X1. Messages that were delivered X.RS X.TP XWhite XSender was on whitelist (or was added to whitelist) X.TP XGreen XMessage passed all checks and was delivered X.RE X.PP X2. Messages that were blocked X.RS X.TP XBlue XRecipient unknown (failed flat list or LDAP check) X.TP XMagenta XMessage failed any of the other checks X.TP XRed XMessage failed Bayesian spam check X.RE X.PP X3. Administrative messages X.RS X.TP XCyan XMessage to assp-{notspam,spam,white}@ address X.TP XYellow XAdmin change from web interface X.RE X.PP XEntries from the log are reformatted to a consistent format and Xclassified with one of the following tags: X.TP XBA XBad attachement rejected X.TP XBL XDNSBL check failed X.TP XBS XBayesian spam check failed X.TP XHL XBad HELO greeting X.TP XIR XInvalid recipient, failed LDAP or flat list test X.TP XLW XLocal or Whitelisted emails X.TP XMA XMalformed RFC822 recipient address X.TP XNS Xassp-notspam@ report submission X.TP XOk XEmail that fully passed all tests X.TP XRB XBlocked Relay attempt X.TP XSP XSPF check failed X.TP XWA+ XWhitelist addition by local user X.TP XWL+ XWhitelist addition of address CC'd in whitelisted email X.TP XSR Xassp-spam@ report submission X.SH BUGS X.I assplog Xdoes not display all log messages; for a complete view of Xthe log, use X.B "tail -f" Xdirectly on the log file. X.SH FILES X.IP %%ASSP_HOME%%/maillog.txt Xlocation of ASSP log file X.SH "SEE ALSO" X.IR assp (8), X.IR tail (1) END-of-mail/assp/files/assplog.8 exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505272219.j4RMJm54014806>