ASSP V Spamassassin?

[phil54]

I've just managed to get ASSP setup on a test machine, quite straight forward to get it up and running via 127.0.0.1:55555, i've done no configuration yet.

Before i actually get this up and running in a proper test environment with an active domain or two, i'm wondering what are peoples thoughts on the two Hmail spam killers?

Which is best? What do people perfer? Whats most effective? etc etc

[martin]

Which is best? What do people perfer? Whats most effective?

That's almost entirely a matter of personal taste and how much work you want to spend with it. I'm guessing (not sure) that SpamAssassin have more built-in spam proteciton methods than ASSP but whether or not they are more effiicient in total I do not know.

[phil54]

Hi Martin, thanks for the reply.

I think i'm going to go with assp for now, i'll do some tests with hmail server and a couple of test domains, see how the spam likes that

[bmorejon]

ASSP works great for me.

[iprat]

Here too ! Working great for more than a year.

[phil54]

Sounds good guys, saying that the inbuilt spam software in Hmail Server is doing a great job as well.

When using Assp, do you turn off the inbuilt Hmail spam protection or use both at once?

[iprat]

Yes, it is very important to turn off all of them: greylisting, DNS, tarpitting, etc...

[iprat]

And remember that all external traffic will come from 127.0.0.1, so it is important to force authenticated SMTP on this range.

[phil54]

ah right i see, so just let assp do all the work?

[iprat]

Basically all of spam work.

I just let one thing for hMailserver: send all spam messages I let get through ASSP for whatever reason in test mode into special IMAP foders of my users (a SPAM folder for every user). It's a rule very easy to write.

[duke16]

And remember that all external traffic will come from 127.0.0.1, so it is important to force authenticated SMTP on this range.

Can you explain this a little. I've had ASSP running for a year or so now and I don't believe I've changed any settings relating to this. I'm wondering if maybe I have something configured wrong.

[iprat]

And remember that all external traffic will come from 127.0.0.1, so it is important to force authenticated SMTP on this range.

Can you explain this a little. I've had ASSP running for a year or so now and I don't believe I've changed any settings relating to this. I'm wondering if maybe I have something configured wrong.

When you run ASSP all external SMTP transactions come from 127.0.0.1 (localhost) if it is on the same server as hMailserver.

Say you have admin@yourdomain.com. It would be very easy to send email to another account if the SMTP server doesn't ask for SMTP authentication, I mean one just has figure some typical accounts like administrator@ or admin@ or support@ etc... and then try to deliver local-local emails using that trick.

I think it is the default configuration in hMailServer to not leave external-external deliveries without authentication, but usually (don't remember if it was default or not) internal-internal deliveries are allowed to be done without authentication, specially when it comes from your own LAN. As external deliveries of an spammer will come from ASSP proxy which is in 127.0.0.1, the delivery policies applied will be the one's of 127.0.0.1 range which a lot of people tend to relax allowing SMTP deliveries without any authentication to ease some configurations.

It is not a very high risk but I thought I should mention.

[mbreitba]

Just an FYI - we tried running ASSP in front of our Hmail system, with greylisting enabled. We had an entire dedicated server (dual xeon 2.6g procs, 3GB RAM) and it couldn't keep up with our usage. Granted, our usage is excessive to say the least, but if you intend on scaling, ASSP does not appear to handle it well.