Anti-SPAM SMTP Proxy (ASSP) has been installed on a client’s FreeBSD 6.1 mail server for a couple of days now and I have nothing but positive things to say. We’re still “training” the Bayesian filter at this point, so some SPAM is still getting through, but we are blocking the majority of the SPAM simply using a combination of greylisting, Real-time Blackhole Lists (RBL) checks, forged HELO checks, etc. Once we’ve built up a sizable amount of SPAM and HAM messages I’ll rebuild the Bayes database and we should be in serious SPAM busting business.

Nobody can accuse the ASSP developers of leaving out features or not providing enough flexibility! It is HIGHLY configurable for almost any situation. For example, in my client’s situation we setup ASSP to listen on TCP port 25 (SMTP) and then forward on messages to the Postfix MTA on TCP port 125 on the localhost.

The thing I LOVE about ASSP is the fact that everything is self contained, leverages all the best open source anti-SPAM technologies, and comes essentially pre-configured with a nice web interface. My Postfix, Spamassassin, Amavis, ClamAV solutions work, but they are WAY more work and don’t come with a nice web interface! The other nice thing about ASSP is the fact that it will run on Windows since everything is PERL and will run as a Windows service.

As far as I can tell, FreeBSD is probably the best platform for ASSP. I say that because the ASSP port is kept up-to-date and the install does all the work in terms of Perl dependencies.

I’ll update once I’ve had it running for a while and maybe even put up a short tutorial on how to get it running with Postfix on FreeBSD.

ASSP’s primary target audience is mail administrators or system administrators at smallish institutions. If you operate an ISP or a mailhost with a heterogeneous user base you may not have a good enough consensus about what spam is or is not. It should work well with between 1 and 300 client addresses and a mail volume of up to around 100,000 messages per day.

Looking for a way to protect your MS Exchange, Postfix, Sendmail, or virtually any other type of SMTP mail server? There’s a few ways to go about it:

• A commercial hardware based solution (e.g. Barracuda Networks) – $$$$$ – Super easy to implement. Just plug it in…
• A commercial software based solution (e.g. GFI Mail Essentials) – $$$ – Installs on an existing server and typically requires little in the way of administration.
• Put together a custom solution using open source software like Postfix, SpamAssassin, Postgrey, Amavis, etc. – Free but requires a fair amount of ongoing administration to keep all the pieces up to date. Requires a fair amount of expertise to configure and maintain.
• An open source solution like Anti-SPAM SMTP Proxy (ASSP) which is an integrated and mostly pre-configured solution – Free, relatively easy to configure and maintain, and runs on Windows, Mac, Linux, OpenBSD, FreeBSD, Solaris, and other platforms.

ASSP in a Nut Shell

ASSP sits between the internet and your existing mail server. Inbound email is processed by ASSP, filtered, and then passed on to your mail server. Installation involves installing Perl, installing a few Perl modules, installing ASSP, and then configuring ASSP through its own web interface. The entire process is very well documented on the ASSP wiki.

I have yet to install ASSP, but it looks very promising. I look after at least 5 email servers, all of which run combinations of Postfix, Spamassassin, Postgrey, ClamAV, Razor, DCC, and Amavis. They work very well, but its a lot of work keeping them up to date and fully functional. I have high hopes that ASSP will make my life my easier! I’ll report back as soon as its up and running.

Some interesting links:

• ASSP Testimonials
• ASSP Wiki

The best way to avoid getting Spam in your inbox is by preventing it from getting to your server in the first place. That is where “greylisting” comes in.

I recently installed a Greylisting daemon called Postgrey on my Ubuntu Linux mail server and it is awesome. It has reduced the amount of Spam that makes it to my Postfix mail server by at least 90%. The result? My server wastes far less resources on categorizing mail (Spamassassin is awesome, but its a resource hog). And much less Spam in my inboxes.

For a technical explanation of greylisting, checkout www.greylisting.org.

Whether you run Sendmail, Qmail, Exim, or Postfix, I highly recommend checking out the range of greylisting daemons that are available. It is time well spent.

If you run a Microsoft Exchange server, there are commercial greylisting solutions available. But your most secure, and likely most affordable, solution is to put a Linux or BSD based server between your Exchange server and the Internet.