Softpedia >Windows >Internet >E-mail >Anti-Spam Tools >Anti-Spam SMTP Proxy Server >  Changelog

Anti-Spam SMTP Proxy Server Changelog

What's new in Anti-Spam SMTP Proxy Server 2.6.5 Build 21074

Apr 1, 2021
  • The definition in 'myGreeting' has only replaced the last greeting line (220 text) from the MTA, lines starting with 220-text were not touched. Now all greeting lines are replaced.
  • Under rare conditions it was possible, that the penaltybox black and white contained wrong formated entries. Such entries are now removed from these lists.

New in Anti-Spam SMTP Proxy Server 2.6.3 Build 19214 (Aug 2, 2019)

  • Fix list:
  • The analyzer now also ask VirusTotal for results, if this option is enabled in ASSP_AFC
  • ASSP_AFC.pm version 5.12 now detects faked RTF documents as executable content (cve-2012-0158, cve-2017-11882 and others)
  • If 'genARC' was enabled and foreign Authentication-Results: headers were present in the mail, no ARC-signature was created and an error
  • "error: ARC message parsing failed - unexpected token at /usr/local/lib/perl5/site_perl/Mail/DKIM/ARC/Signer.pm line 254 thread ..."
  • was written to the maillog.txt
  • The 'two-level-tlds' download URL is changed from http://george.surbl.org/two-level-tlds to http://www.surbl.org/tld/two-level-tlds - george.surbl.org is no longer a valid hostname
  • The 'three-level-tlds' download URL is changed from http://george.surbl.org/three-level-tlds to http://www.surbl.org/tld/three-level-tlds - george.surbl.org is no longer a valid hostname
  • If assp was started after a perl version upgrade (eg. as service or daemon), without installing the possibly required perl module Crypt::GOST 1.01 (eg. running the assp module installer again), all encypted configuration parameters and files were destroyed.
  • ASSP now checks at every startup, that the required Crypt::GOST module is installed. If this module is required but missing, ASSP will end immediatly and will write the following error to STDOUT, STDERR and the file moduleLoadErrors.txt.

New in Anti-Spam SMTP Proxy Server 2.6.3 Build 19115 (Apr 25, 2019)

  • fix list:
  • the post virusscan for the stored corpus files, scored for the already finished mail
  • this was confusing for some users and id removed
  • HTML-comments are now removed from resend request emails, because there content may has affected the resend processing
  • The ClamAV-engine now uses the modern INSTREAM clamav-API. It uses less system resources and is faster than the "old" STREAM-API.
  • The default value for 'ClamAVtimeout' is changed to 30 seconds.
  • Several domains provide their SPF-record (and possibly other DNS-records) as wildcard records (for each possible subdomain).
  • This caused the DKIM-preCheck to detect a (possible) provided DKIM-DNS-configuration, because it got a TXT record (the wildcard-record) for _domainkey.domain.tld and/or _adsp._domainkey.domain.tld.
  • Not DKIM related DNS TXT answers are now ignored by the DKIM-preCheck to prevent false positives.
  • the resend from block report using the right button failed, if the subject of the mail contained 'x' followed by two digits (eg: x30)
  • using the unix socket for the ClamAV communication failed on some systems
  • assp has thrown an error if the ClamAV, configuration was anyway invalid or not working, but UseAvClamd was disabled
  • the rebuildspamdb task crashed, if the HMMdb contained only one record
  • ASSP_AFC.pm version 5.04 is released
  • ASSP_AFC.pm is now able to tell a local mail server or andvanced thread analyzer, if the attached files may need some further investigation or analysis
  • This is done by adding a special (hiddenly configurable) MIME header tag.
  • ASSP_AFC 5.06 is released - it contains fixes and extensions for 'ASSP_AFCKnownGoodEXE','Well Known Good Executable Files'
  • [ASSP_AFCKnownGoodEXE,'Well Known Good Executable Files'
  • 'Put the SHA256_HEX hash of all well known good executables in to this file (one per line). If the SHA256_HEX hash (not case sensitive) of an attachment or a part of a compressed attachment
  • (e.g. exe, *.bin MS-Macro or OLE) is equal to a line in this file, the attachment passes the attachment check for all mails (regardless its extension and the settings in UserAttach).
  • The same applies to the following ojects in a PDF file: Certificate, Signature, JavaScript . If the SHA256_HEX hash of any of these PDF objects matches, the PDF will pass the attachment check.
  • Comments are allowed after the hash and at the begin of a line (recommended).
  • If configured, the analyzer and the maillog.txt will show the SHA256_HEX hash and the optional defined comment for all detected executables and PDF objects.
  • For security reasons, virus scanning is not skipped.
  • <b>Notice:</b> this feature is mainly created for executable files, but it will work for every attachment and every part of a compressed attachment.
  • For example - this can be usefull, if clients regular sending or receiving documents or excel sheets, which contains every time the same MS-Macro/MS-OLE (e.g. executable).
  • In this case, decompress the doc[xm] and calculate the SHA256_HEX hash for the vbaProject.bin or the vbaProjectSignature.bin file and register the hash here.

New in Anti-Spam SMTP Proxy Server 2.6.1 build 18305 (Nov 2, 2018)

  • fix list:
  • the attachment blocking feature now allows to detect extended file extensions, like .... .tar.gz or .... .tar.gz.aes
  • after upgrading the perl module Win32::Daemon to version 20181025 assp was no longer starting as a windoes service this assp version contains a workaround for the buggy Win32::Daemon module
  • perl module load errors in ASSP_AFC were not shown in the file moduleLoadErrors.txt
  • ASSP_AFC.pm is updated to version 4.87 to get this fix working
  • backscatter checks are skipped for regular incoming mails (not matching redRe) for local postmaster@ and webmaster@ addresses, even these addresses are listed in BounceSenders
  • The DMARC check now follows the RFC7489 for the blocking rules. The DMARC-check is OK, when SPF or DKIM passes there check.
  • If DMARC is enabled and a NDR is received for a sent DMARC-report for any reason and 'noDMARCReportDomain' is configured using the 'file:...' option, the foreign report recipient address and/or the report domain are automatically added to 'noDMARCReportDomain'.
  • The maillog.txt file list in the 'MaillogTail view' is now shown permanent (unless closed) and contains four columns to provide more files to be shown.
  • the included rebuildspamdb.pm inreases the rebuild performance by 10 to 20%
  • the default value for 'backupDBInterval','backup database Interval' is changed from 2 to 12 hours
  • 'spfValencePB' is no longer scored in case DMARC failed
  • instead 'dmarcValencePB' is used 'dmarcValencePB','DMARC Failed, default=10
  • added:
  • notice: the default behavior of assp is changed for whitelisted and noprocessing envelope sender addresses, domains and IP's! It was often the case, that mails from known good external senders were blocked, because they sent mails to a list of envelope recipients
  • but over the time, some of the recipient were no longer valid. ASSP detected this 'invalid recipient' attempt and the known good mail was blocked by the recipient check or the mail/IP got a high penalty and was blocked by the penalty-box. The hidden configuration parameter 'ignoreInvalidAddressNPWL' is used to ignore the defined 'invalid recipient action', if a known good sender uses unknown envelope recipents in a sequence of multiple envelope recipents. The mail is only blocked, if no valid envelope recipient is left over at the DATA command. If an unknown envelope recipient is used, the sender gets no penalty score, but the invalid 'RCPT TO:' command is replied with the permanent error '550 5.1.1 User <xxxxx> unknown'. The connection is not dropped in this case. Such an 'invalid recipient' attempt will also not be counted for 'MaxErros'. consequence: the mail is delivered to all left over valid envelope recipients and the sender will be informed about each invalid recipient (if NDR is supported by the sending server) $ignoreInvalidAddressNPWL = 3; # (0/1/2/3) ignore invalid envelope recipients for whitelisted (2) or noprocessing (1) or both (3) senders and IP's (no score, no connection drop, no error count) Until now, the default action of assp was like 'ignoreInvalidAddressNPWL = 0' - this is now changed to 'ignoreInvalidAddressNPWL = 3' To change back to the old behavior or to change the default behavior, you have two options: 1. start assp with the commandline switch --ignoreInvalidAddressNPWL:=X 2. add the line below to the sub set in 'lib/CorrectASSPcfg.pm'. $main::ignoreInvalidAddressNPWL = X; In both cases, X is the configuration value of your choice (0...2).

New in Anti-Spam SMTP Proxy Server 2.6.1 build 18120 (Apr 30, 2018)

  • Fixed in assp 2.6.1 *Fortress* build 18120:
  • Performance improvement for the rebuildspamdb task if pravacy levels are used for Bayesian and HMM
  • Disclaimer removal statistic output for the rebuild task
  • Using the analyzer web interface no longer prevents the MainThread from getting new SMTP connections

New in Anti-Spam SMTP Proxy Server 2.5.5 build 17073 (Mar 14, 2017)

  • perl 5.24 is no longer experimental, it can be used for production
  • Fixed:
  • ASSP_AFC v4.46 fixes a problem where mail above 'npSize' were not processed by the plugin
  • the description of 'UserAttach' in relation to the level definitions was wrong
  • the PTR and MX record check returned 'OK' if a non authoritive DNS-Server answer has set the 'SERVFAIL' error flag in case a record was not found. The checks fail now if this happens.
  • warings about a possibly incorrect setting for the GID in the filesystem are now only shown if 'MaintenanceLog' is set to diagnostic
  • the TopTen statistics were somehow inconsistent - 24 hours after an upgrade to this version all mistakes will be corrected
  • if the Perl-Module autoupdate was unable to update a large module distribution (for example Moose) the update process has taken a very long time
  • It was possible, that a language, which can't be stemmed (eg. no stemmer module available), was primary detected - but an alternative language with a similar probability was available. In this case, the alternative.language is now used to stem words.
  • If 'runAsUser' and/or 'runAsGroup' were used on a nix OS, it was possible that assp has created folders and files at startup as 'root', which became unaccessible to the switched user/group. This caused unexpected behavior in several functions and checks. Some files may caused crashes.
  • Now, if any of 'runAsUser' or 'runAsGroup' is configured, assp corrects the owner id, group id and the permission of all created folders and files before the process is switched to the configured user/group.
  • IPv4-compatible IPv6 address (::0:IPv4) and IPv4-mapped IPv6 address (::FFFF:IPv4) were not processed as IPv4 addresses in some check engines - so some IP checks were not working in this case
  • large reduce of memory usage and much less leaked memory for the Perl module autoupdater - most of the upgrade functions are moved in to a new process
  • the rebuild spamdb task has not ignored DMARC reports, which was leading in to wrong HELO database entries
  • the mobile GUI view was no longer working
  • incoming DMARC reports were no longer detected
  • the automatic perl module update function was not working in Service/AsADaemon mode using CPAN, if newer CPAN modules were installed
  • the new browser history function in the GUI was only working in browsers with a webkit available
  • the IP-address links in the top-ten statistic were not working in every case
  • the assp.pl autoupdate feature was STILL somehow brocken after
  • Added:
  • 'DoReversedSPFOK','Do Reversed Lookup for SPF passed Mails'
  • 'Do reversed lookup also for mails that have passed the SPF check. Default is unchecked.
  • Which means, that the PTR check will be skipped, if the mail has passed the SPF check'
  • sender addresses with leading '*' (like: *[email protected]) caused a LDAP query error
  • Changed:
  • '^*' is added to the default value of 'bombSenderRe'
  • folder and file permissions on nix systems are only set at startup, if they are not meet the minimum required permission (and owner)
  • the code integrity check failed, if the first line of assp.pl was changed to use another perl interpreter
  • if a database parameter (for example : whitelistdb) is changed from a filename to 'DB' the used file is copied to the importdb folder, to provide an database import at the next assp start
  • 'noModuleAutoUpdate' is changed from a checkbox to a multi value option
  • 'noModuleAutoUpdate','No Automatic Perl Module update',
  • '0:no skip - update all | 1:skip all | 2:skip installed but not used by assp'
  • 'If set, ASSP will skip the automatic Perl module update for the selected. On NIX systems this value is ignored, if runAsUser is used! The automatic perl module upgrade is only done, if assp is running as OS user 'root'.

New in Anti-Spam SMTP Proxy Server 2.5.5 build 16366 (Jan 2, 2017)

  • improved handling of the internal caches
  • some minor GUI changes
  • improved attachment level handling

New in Anti-Spam SMTP Proxy Server 2.5.3 build 16347 (Dec 12, 2016)

  • improved 'DoNoFrom' check - the existence of the email address in the FROM: header line is now also checked

New in Anti-Spam SMTP Proxy Server 2.5.3 build 16294 (Oct 20, 2016)

  • Some 5XX replies in the handshake part of a SMTP connection were some times ignored and not sent to the client

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16177 (Jun 27, 2016)

  • customized language files were not processed correctly

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16100 (May 18, 2016)

  • assp fails to start with an error
  • setting up modules....Can't call method VERSION on an undefined value at sub main::init line 312 if the ClamAVd is not available.

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16097 (May 18, 2016)

  • the DoRFC822 failed, if the host name of a envelope sender address was valid but the domain nearest to the TLD was invalid, like in co.delaware.pa.us where delaware.pa.us is invalid

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16096 (May 18, 2016)

  • improved performance for high workload systems
  • better garbage detection for the HMM and Bayesian engine
  • changed:
  • if a message is scored in SMTP-handshake and/or header and noprocessing and/or whitelisting is detected
  • in the body check, the message scrore is reduced to prevent false positives

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16093 (May 18, 2016)

  • stored files were scanned for viruses even ClamAVLogScan was set to scan resend folder only
  • some file action on unicode filenames caused a SEGV on some systems
  • changed:
  • the default values for FileLogScan and ClamAVLogScan are changed from
  • scan resend folder only(1) to scan resend folder and collected files(2)
  • it is now posssible to define more than one ClamAV-Host (AvClamdPort)
  • It is possible to define multiple hosts to balance the workload - define them separated by pipe (|)
  • example: clamhost:3310|192.168.0.1:3310
  • If multiple hosts are defined, they are used in a random round-robin mode.
  • if early SMTP-handshake checks are configured (e.g. HELO ...) and noprocessing and/or
  • whitelisting is detected in the header check, the message score will be reduced to prevent
  • false positives

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16091 (May 18, 2016)

  • better performance for large mails
  • changed:
  • If the ASSP_AFC plugin is installed and configured, all resend mails are scanned for viruses and
  • bad attachments using the configured rules - except, that bad parts are replaced and the cleanedup
  • mail is resent every time.
  • To force the resend of the infected mail, the MIME-header tag X-ASSP-ForceResend: has to be
  • manualy added to the file. It is also possible for admins to force the resend ba adding something
  • like force or do not scan, dont scan for attachment at the end of a resend request line like:
  • ### file_to_be_resend ### do not scan
  • If a resend could not be done for any reason, the user will get a notification mail about this.

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16090 (May 18, 2016)

  • Large performance improvement for systems under havy and very havy workload with 10 or more configured
  • SMTP workers NumComWorkers. The thread handling and logging mechanism is changed.
  • Notice: the performance impact for debugging and enhanced logging settings, in relation to the default
  • (now increased) performance, can be higher than in previous versions!

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16089 (May 18, 2016)

  • under certain conditions it was possible, that mails blocked by any Plugin were not correctly
  • collected and the final file name was not written to the maillog.txt

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16083 (May 18, 2016)

  • the resend link in BlockReports was missing, if a collected file was moved from spam to discarded

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16081 (May 18, 2016)

  • internal folder content listings were not working, if the foldername contained spaces
  • the collection of mails blocked by the ASSP_AFC Plugin was not working
  • ASSP_AFC 3,33 or 4.25 are required to solve this problem

New in Anti-Spam SMTP Proxy Server 2.5.1 build 16080 (May 18, 2016)

  • enhancedOriginIPDetect wrong detected tunneled IPv4 addresses
  • the SSLfailed-Cache was not cleanedup from invalid IP-addresses if noBanFailedSSLIP was changed
  • changed:
  • faster SSL-linstener handling improves DoS and DDoS handling of SSL-negotiation attacks
  • MaxAllowedDups acts more aggressive to keep the configured duplicate filenames