DIY: Add a spam filter to your mail server with ASSP

For businesses that don’t have the budget for costly hardware or services to fight spam, the problem seems to grow exponentially. Fortunately, there are open source developers who are working hard on projects to help you secure your network and keep your end users sane. One of these solutions is Anti-Spam-SMTP-Proxy (ASSP).

ASSP’s features include:

• Bayesian analysis
• Penalty Box (PB) trapping
• Realtime Blackhole Listing DNSBL/RBL
• Uniform Resource Identifier Black Listing (URIBL)
• Multi-level Sender Policy Framework (SPF) validation and blocking
• Sender Rewriting Scheme (SRS) fix-up
• Session Delaying/Greylisting and connection response delaying
• Sender validation and recipient validation (LDAP)
• Multi-level attachment blocking (based on block lists or allow lists)
• Multiple RFC validation mechanisms

ASSP works with these platforms:

• Mac OSX
• Win32 (with or without Dual NIC)
• Debian/Ubuntu
• Exchange 2003
• Exchange 2007
• Windows Exchange
• CentOS
• UNIX

ASSP also works with different MUAs. Because there are so many MUAs, you will need to look into your setup to make sure ASSP will play well with your mail environment.

The easiest way for me to demonstrate ASSP is to illustrate how it is installed on my usual Ubuntu environment. Depending on the environment you use, major changes to the steps in the following tutorial may be required.

Step 1: Install the dependencies

A number of dependencies (mostly Perl modules) must be installed, but thanks to apt-get, this can all be done with one command:

sudo apt-get install libcompress-zlib-perl libemail-valid-perl libfile-readbackwards-perl libmail-spf-perl libemail-mime-perl libemail-mime-modifier-perl libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl unzip clamav clamav-daemon libemail-send-perl libio-socket-ssl-perl libio-socket-inet6-perl libnet-cidr-lite-perl libmail-spf-query-perl

Step 2: Download the latest version and create folders

Download the latest version of ASSP. (Note: You are looking for the entire folder, not just the assp.pl.gz file.) Then create the folders that will house the application and its various pieces. Here are the commands (to be run from a terminal window) to create the folders:

• sudo mkdir -p /usr/share/assp/spam
• sudo mkdir /usr/share/assp/notspam
• sudo mkdir /usr/share/assp/errors
• sudo mkdir /usr/share/assp/errors/spam
• sudo mkdir /usr/share/assp/errors/notspam

Step 3: Unpack and move the ASSP folder

Unpack the ASSP folder with the following steps (run from within the terminal window):

• unzip ASSP_1.XXX-Install.zip (XXX is the release number)
• sudo mv -f ASSP_1.XXX-Install/ASSP/* /usr/share/assp
• Change the ownership of the ASSP folder with this command:
  chown -R nobody:nogroup /usr/share/assp

Step 4: Install CPAN and the necessary Perl modules

The first step in this process is to make sure you have the tools necessary to build CPAN modules. To do this, the build-essential package must be installed. With the following command, you should be good to go:

sudo apt-get install build-essential

Now you’re ready to start the installation of the CPAN modules. Here are the commands to run for each:

You can get into the CPAN shell with this command:

perl -MCPAN -e shell

Now issue the following:

• install File::Scan::ClamAV
• install Net::IP::Match::Regexp
• install Net::SenderBase
• force install Tie::RDBM
• force install Net::Syslog
• force install Time::HiRes

Exit out of the CPAN shell with the exit command.

Step 5: Create a startup script for ASSP

Create a startup script (/etc/init.d/assp) with the following contents:

#!/bin/sh -e
# Start or stop ASSP
#
# original version by Ivo Schaap <ivo@lineau.nl> had issues on Debian4. Modified by atramos.
#
### BEGIN INIT INFO
# Provides:          ASSP (Anti-Spam SMTP Proxy)
# Required-Start:    $syslog, $local_fs
# Required-Stop:     $syslog, $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start ASSP
# Description:       Enable service provided by daemon.
### END INIT INFO

PATH=/bin:/usr/bin:/sbin:/usr/sbin

case "$1" in

start)
echo -n "Starting the Anti-Spam SMTP Proxy"
cd /usr/share/asp
perl assp.pl 2>&1 > /dev/null &
;;

stop)

echo -n "Stopping the Anti-Spam SMTP Proxy"

kill -9 `ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'`

;;

restart)

$0 stop || true

$0 start

;;

*)
echo "Usage: /etc/init.d/assp {start|stop|restart}"
exit 1
;;

esac

exit 0

After you save that file, add it to the rc.d runlevels with the command:

sudo update-rc.d assp defaults

Step 6: Run ASSP

It’s time to fire this baby up. From the same terminal window you’ve been working in, issue the commands:

cd /usr/share/assp

sudo perl assp.pl

A lot of information should appear on your screen. You can now connect to the assp web interface at the address: http://ADDRESS_TO_SERVER:55555. When prompted, you should use any string of characters for the username and nospam4me as the password.

You will find that your mail server cannot bind to port 25; in order to get around this, set your email server to use port 26. Then, shut down the ASSP daemon by pressing [Ctrl][C] from within the terminal window you ran the command from earlier, and then start ASSP with this command:

sudo /etc/init.d/assp start

You should have a basic anti-spam proxy running. Give ASSP a go, and see if it can help you defend your users from the constant deluge of spam.

Daily Tech Insider Newsletter

Stay up to date on the latest in technology with Daily Tech Insider. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that will help you stay ahead of the game.

Delivered Weekdays

Sign up today