Info released today on a new technique called MalDoc in PDF
https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html
Will ASSP_AFC be able to block these if we already reject VBS / OLE / VBA
in Office docs? Will it know it's an office doc, or will it think PDF?
_
I never saw this prior to 22326, but have seen it twice on 22326 running on
Windows. ASSP will run for days/weeks without issue, but once the UDP
socket errors start, I need to restart or else they'll continue every 5
minutes or so. I get 2 of the same error messages in a row, every 5 min or
so,
Minor issue/bug with ASSP_AFCKnownGoodEXE config file comments.
I've got 2 sha256 entries in my ASSP_AFCKnownGoodEXE. The file looks like
# PDF from accounting Dec 2022
7B366390CD4E3DB19E06009FCE54DF272BEE0D3B34003F3A786C4835239BFDFF
# PDF from IRS Dec 2022
1EBE9B7DC3AEF7F492FCD22D4430123FEEA
quick question - before I dig deeper, did the previous AFC plugin not block
javascript in HTML at all?
On Mon, Oct 31, 2022 at 10:21 AM K Post wrote:
> The new AFC is blocking a nightly report that comes in HTML format with
> javascript in it -- as I would expect, but before his new AFC
The new AFC is blocking a nightly report that comes in HTML format with
javascript in it -- as I would expect, but before his new AFC, they were
erroneously slipping through.
I don't know why these reports weren't being blocked before, it's basic
HTML with a short block of javascript at the end.
inuation was not working for
> the analyzer - the matching line in a file was not found (and not shown)
>
> This will be fixed.
>
> Thomas
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourceforge.n
Back in November 2011, I saw:
fixed in assp 2.6.6 *SPAM-Evaporator* build 21317:
- files used in configuration parameters are now supporting line
continuation by adding a backslash '\' at the end of a line
I'm just trying this now, but it doesn't seem to be working.
*When you say "files used in
e of time, both engines will have learned also
> obscured words (word combinations).
>
>
> Thomas
>
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourceforge.net>
> Datum:06.09.2022 21:3
hings are easy to find
> for example : <<<\P{Cyrillic}\p{Cyrillic}+\P{Cyrillic}>>>
> finds a sequence where cyrillic (a p b ) are used in words - commonly
> used by spammers
>
> Thomas
>
>
>
> Von:"K Post"
> An:"ASSP
Is there a way to improve the way that ASSP parses certain special,
non-printing, characters? I'm having trouble with spam emails that have
their body heavily obfuscated with "soft hyphens" slipping through. They
all seem to have multipart bodies, first with an iso-8559-1 text part with
*=AD* int
Has anything changed with recent dev versions of ASSP in terms of
warnings in the logs for being unable to lookup an IP?
For example:
warning: can't resolve the IP-address for the destination
stonewallkitchenvip.com using the configured DNS-servers
Nothing's wrong with assp, stonewallkitchenvip
they are added to
> the mail header
> translateReply - translate MTA SMTP reply codes (some MTA's provides bad
> reply codes)
> customAnalyze - called before a mail is parsed and processed by the
> analyzer
>
> from ASSP_AFC.pm:
>
> AFC_Executa
alty of 20 points, which is
> harmless if there is everything else ok with the mail
> if dkim fails, the penalty limit will be reached and the mail will be
> blocked
> this can be finetuned using :>NWLI
>
> You are also able to implement code in to the regex (for example to chec
(more or less strict, overwrite, skip ), some these options also exists
> for DKIM.
> If we ignore/change/override sender policies for SPF and DKIM, it is
> not wise to honor the reject DMARC policy strictly.
>
> Thomas
>
>
>
>
> Von:"
The ability to block failed SPF, instead of just scoring them, for
delect regex matches has been a terrific feature of ASSP for a long time.
(Block SPF Processing Regex* (blockstrictSPFRe) ) *Would you please
consider adding a feature to do the same for a failed DKIM signature?*
Outright blocki
will be able to detect the malicious download and playload.
>
>
> Solutions for CVE-2022-30190 are provided by Microsoft:
>
>
> https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
>
> Thomas
>
>
>
Hi Scott,
Did you ever figure this out?
I'm no regex wiz like Thomas is, but what you have appears pretty simple to
me -- and I don't see anything wrong with it...
I tried
from\:.*\_
in testRE and see it matching everything too. I don't understand why. I
know this doesn't help you with why this
Hello Thomas,
Any way for ASSP to block this kind of thing?
https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme+CVE202230190/28694
Hopefully clamav will eventually catch it, but be nice great to be able
strip documents off using AFC if they contain the
Nicely done! How'd you get this done it's released at strawberryperl.com?
On Tue, Mar 8, 2022 at 10:18 AM Thomas Eckardt
wrote:
> Hi all,
>
> the assp development is switched to perl 5.34.0
>
> strawberry perl 5.34.0 (for win_x64) is available at the sourceforge assp
> download repository
>
> A
Thank you Thomas.
You know that I love the SPF addition option for IP address lists!! Happy
to no longer need to use the script I wrote to accomplish this. I'm glad
(and proud) that you've recognized this as a good idea.
I have some questions about the new SPF functionality as well as the
auto-
ay use the forum, where everyone is free to skip reading your endless
> posts and blogs. It takes simply too much time to pick up the 1 to 5% of
> helpful content and to be forced by you to answer also the rest.
>
>
> Thomas
>
>
>
>
>
> Von:"K Post&qu
ultimately bring some
good to the ASSP world by offering suggestions and asking questions.
On Sat, Nov 13, 2021 at 3:56 AM Thomas Eckardt
wrote:
> Ken , it would be nice if you consider to signoff this list or at least to
> no longer post here.
>
> Thank you.
>
> Thomas
pamdb records in 25 seconds
> building 7.200.000 hmmdb records in 1:33 seconds
>
> complete processing time is 6 minutes.
>
> populating the records to the mysql database takes some minutes longer
>
>
> So - maxBytes:=100.000 seems to be a possible setting (but this wi
age sized spam
> and average sized not-spam message.
>
> DID YOU EVER thougth about that ??????? Or do you only write
> something to fillup the community mailing list?
>
> No - no way!
>
> Thomas
>
>
>
>
>
>
>
> Von:"K Post"
>
ge sized
not-spam message.
On Mon, Nov 1, 2021 at 2:43 PM K Post wrote:
> When looking at the "Use this HTML Parser" section on the GUI, I found
> this line:
>
> it is recommended to set MaxBytes to 5 (be carefull on heavy load
> systems - spam bomb regular expressi
the bonus score,
>
> Invalid DKIM signatures should be blocked or scored very high, so the
> bonus score does not matter
>
> Thomas
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.s
ah, wait, are you saying that BombRe will look at headers that ASSP ads,
like X-ASSP-DKIM-Identity (which would only be added for a valid
signature)? (!) I always assumed that the bomb functionality was
only on the mail's original headers.
On Mon, Nov 8, 2021 at 2:28 PM K Post
nted_negative_score
> - e.g. -10
> (?(DEFINE)(?the_wanted_identity|ident5|ident6|..))\nDKIM-Signature:(?:[
> \t]*[^= \;]+=[^= \;]+\;(?:\r\n)?)+?[
> \t]*([di]=\@?(?&IDENTITY20))\;=>the_wanted_negative_score
> - eg -20
> ...
>
> CLOSED for me
>
it can be, except one small trick - the negative
> lookahead (?!\k). So, yes - looking around the string without moving
> the position around makes some things more easy.
>
>
> This thread should be stopped here. This is a test list for development
> versions - it is not a blog and it
#x27;s a
good idea.
On Fri, Nov 5, 2021 at 10:37 AM Thomas Eckardt
wrote:
> Another useless post about concepts without reading the manual.
>
> >dkimBonusValancePB
>
> there is already dkimOkValencePB - increase it
>
> and
>
> reduce the score for certain domains
optimized - default is : 'no extra group capturing is allowed'
>
> >I've got to be missing something incredibly obvious.
>
> assp-do-not-optimize-regex
>
> > (?:^|\n\r).*(searchstring).*@.*\1.*
>
> assp makes it:
>
> (?is:(?:^|\n\r).*(searchstring)
SUMMARY: Would there be benefit (that wouldn't be terrible to code) in
adding the ability for use to assign a score to emails that match a list of
DKIM signature identities?
The DKIMWLAddress and DKIMNPAddress functionality has been an absolute game
changer here. Thank you so much for implementi
I've got nothing in my TestRe file except for a single line:
~<<<(?:^|\n\r).*(searchstring).*@.*\1.*>>>~
The idea is to log any time there's a line that includes "searchstring" on
the right and left of an @. This is just a very rudimentary test because
backreferences seem to error for me. I wo
Under the spam control section, I suggest:
1) Moving the "Redlist serves 2 purposes..." bit from the GUI up to its own
explanation section instead of having it in the RedRE section. That useful
description applies to more than just RedRE
2) Adding some information to the redlist description. My
ion of the
GUI?
On Fri, Oct 29, 2021 at 8:40 PM K Post wrote:
> Summary:
> *Should/could any consideration be given to having ASSP scan the entire
> message at the time it is received for Bombs (only), while still using
> MaxBytes for Bayesian/HMM?*
>
> We've been havin
Outlook itself is a typo. I think it's supposed to be called LookOut!
-Using the outlook function "send email as attachment" or "forward email as
attachment" has NEVER worked - because outlook destroys the original MIME
header. But the original header is particularly important for analysis
system
test of report message[CR][LF]
>
>
>
> Is there any one else on this mailing list, who expects an email received
> by assp to start with an empty line followed by (html code) or that
> the first header line of such a mail is the subject header line ?
>
> Thomas
>
s the subject header line ?
>
> Thomas
>
>
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourceforge.net>
> Datum:30.10.2021 09:15
> Betreff:Re: [Assp-test] fixes in assp
sorry, I sent the last message before proofing or finishing. Grr, gmail.
I'll wait to hear from you. I have more thoughts on NWLI and other
sections.
On Fri, Oct 29, 2021 at 6:00 PM K Post wrote:
> This is simply terrific. You keep making ASAP better! The rebuild config
>
Summary:
*Should/could any consideration be given to having ASSP scan the entire
message at the time it is received for Bombs (only), while still using
MaxBytes for Bayesian/HMM?*
We've been having some cleverly crafted messages slipping through all
filters that would be easy to catch with Bombs i
This is simply terrific. You keep making ASAP better! The rebuild config
efficiency improvements are especially appreciated. Thanks so much as
usual for spending what must have been a long time thinking about and
making all of these changes.
SURPRISE, I have questions and comments:
*Fix to ema
threading/workers actually work, why is
the regex rebuild seemingly using all workers and not just the maintenance
worker, leaving the other workers available?
thanks
On Wed, Oct 27, 2021 at 1:40 PM K Post wrote:
> > Apart from the fact that the MaintThread (1) does not store the
>
the statusassp gui
> 1 33 s call to
> ConfigChangeTLSPorts->(TLStoProxyListenPorts,'',,Initializing)
>
>
>
> This is the last finished (debug) step (and the seconds since then - 33)
> in rereading the config, before the new regular expressions (IP) are build
> by each
*SUMMARY*: Emailed analyze reports when in response to a forward as
attachment error report .eml from Outlook, doesn't seem to find the
subject, from, and potentially more. The .eml is extracted and saved
properly in the error-spam/error-notspam folder though, with the
subject/from/etc.
For the
"Edit included file " button. It looks normal, not hex
encoded.
Note: the bottom of the editor window says: "First line specifies text that
appears in the subject of report message. The remaining lines are the
report message body." I'm guessing that's just an oversight.
npRe, DKIMWLAddresses, DKIMNPAddresses,
> redRe - for assp/spam
> - checking denySMTPConnectionsFromAlways, denySMTPConnectionsFrom,
> blackListedDomains for assp/notspam
>
> The slowest case is 12 times slower than the fastest.
>
> Thomas
>
>
>
>
>
n
> Oct-25-21 23:13:07 [Worker_5] Worker_5 will sleep now
> Oct-25-21 23:13:08 [Worker_1] Worker_1 finished reloading
> configuration
> Oct-25-21 23:13:10 [Worker_10001] Worker_10001 finished reloading
> configuration
> Oct-25-21 23:13:29 [Worker_1] Downloading Ext
Question summary:
*In the mLog function where ASSP does the NotifyRe comparison, does it make
sense to consider having ASSP look at $comment instead of the full $m
variable which starts with the timestamp?*
For a long time, I've had the GUI example of
warning:
in my NotifyRe configuration. It
n message queued to sent to
assp-not...@ourcharity.org
Oct-25-21 11:30:04 Warning: Main_Thread is unable to transfer connection to
any worker - try again!
On Mon, May 17, 2021 at 8:53 PM K Post wrote:
> I'm desperate for help. It seems that ASSP has thread problems frequently
>
AM Thomas Eckardt
wrote:
> >During rebuild, ASSP runs rb_whitelisted against each message in the
> spam corpus
>
> only for spam (not for corrected spam) AND only if enabled (DoRBWhite ,
> DoRBRed) !
>
> Thomas
>
>
>
>
>
> Von:"K Post"
>
(I believe I have this working, see code please)
I estimate that at least 90% of the time that I want to add an entry to
DKIMWLAddresses that I put two lines, one for @domain.com and the other to
match the subdomains, so .domain.com.
That's fine,and works well, but I'd like to see ASSP allow admi
*Would it be possible to have ASSP consider DKIMWLAddress matches during
rebuild, removing matching messages from spam, without rebuild taking too
much of a performance hit? *
During rebuild, ASSP runs rb_whitelisted against each message in the spam
corpus, and if a match is found against the whit
Thanks for giving this more consideration. I think these GUI changes will
help many! The examples of NWLI are great and clarify a lot.
The only thing I don't see in the example is* the use of the + (only)
switch and how it differs from just having a N instead of N+ for example. *
I see where you
!! and I stop here - otherwise I would
> lose my way and my composure
>
>
>
> Thomas
>
> NWLI will get an improvement and a small fix in the next version.
>
>
>
>
> Von:"K Post"
> An:"ASSP
I guess I should have written
. !!!N-W-L-I-!!! option to override this default behavior
On Mon, Oct 18, 2021 at 11:24 AM K Post wrote:
> Well that'll do it! I incorrectly thought all these years that "no
> processing" actually meant NO processing.Looking back, th
sp is configured to score
> noprocessing mails.
> bombReNP
> or
> =>NWLI is used (N at least for this regex)
>
> Thomas
>
>
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourcefor
I had an inbound message rejected by ASSP, where the DKIM signature matched
DKIMNP. I would have thought that if there's a DKIMNP match, that the
message will just be passed and saved in discarded.
Also, Senderbase is white for the network that it came from. so that should
have reduced the score b
679) line 5.
- BDB:
On Fri, Oct 15, 2021 at 12:51 PM K Post wrote:
> Again, thanks.
> So are you recommending that $BDBerrLog stay at the default of 0 under
> normal circumstances, and only be changed to 1 if there appears to be
> something awry with one or more BDB actions?
>
>
ASSP catches all errors at init-time of BerkeleyDB (and recovers if
> possible). If there occure errors at runtime for BerkeleyDB, someone can
> enable 'BDBErrLog' to get the runtime errors recorded.
>
> Thomas
>
>
>
> Von:"K Post"
> An:&qu
Whew you've been busy! Thank you.
- If msvcrt is being used, would 512 open files ever not be enough? I
feel like I was getting the file issues when many links to BDB-error.txt
files were getting stuck open, so exceeding 512, but that was ultimately
because of my stupid griplist dire
a bad path to the griplist!!!
Thank you, as always, to Thomas for helping figure this one out!!
On Wed, Oct 6, 2021 at 1:35 PM K Post wrote:
> Looking way better Thomas. Thank you.
>
> Connected: session:23D15F00 154.21.28.20:60788 > (assp internal ip):25 >
> (smtp internal ip):25
a bad path to the griplist!!!
Thank you, as always, to Thomas for helping figure this one out!!
On Fri, Oct 8, 2021 at 8:34 PM K Post wrote:
> So this is odd running handle on perl.exe gives me stuff I'd expect
> (though I don't know what it all is)
>
>78: File
thread max handles : ~ 10.000 (configurable in the registry -
> hex(2710))
>
> use Testlimit.exe / Testlimit64.exe -h
>
> How ever - the c-library used by the process sets the handle (and other)
> limits! If a valid but not-default-system c-lib is found in the PATH, it
> will b
-
> hex(2710))
>
> use Testlimit.exe / Testlimit64.exe -h
>
> How ever - the c-library used by the process sets the handle (and other)
> limits! If a valid but not-default-system c-lib is found in the PATH, it
> will be used (with there internal limit settings).
>
> a
And I'm noticing that each time rebuildspamdb runs, at least one more (it
>think< it may be two every time) handle to
\tmpDB\rebuildDB\BDB-error.txt is left open.
On Sat, Oct 9, 2021 at 4:35 PM K Post wrote:
> answering part of one of my own questions - I hope correctly.
>
>
t, so I believe that's where the explanation should go, instead of
in the section where you decide to share and use a shared griplist.
(I still can't figure out if you do share and download the griplist it that
download replaces your local griplist or what)
On Sat, Oct 9, 2021
Several related items here:
1. Bug? Rebuild process still uploading griplist, even if disabled, due
possibly to case error in code.
2. ASSP not checking for valid griplist, if an invalid folder name is
entered
3. On windows, Rebuild process
leaving \tmpDB\rebuildDB\BDB-error.tx
problem at all.
I feel like some loop happens when there TLS errors with the new versions
though that somehow gets more of these griplist\dbd-error.txt handels to
open until there no more file handles left
On Fri, Oct 8, 2021 at 7:27 PM K Post wrote:
> That's funny Bob, I wa
at 1:56 PM Robert K Coffman Jr. -Info From Data Corp. <
bcoff...@infofromdata.com> wrote:
> I'm curious what handle (Sysinternals tool) says when you hit the file
> limit...
>
> - Bob
>
> On 10/8/2021 10:47 AM, K Post wrote:
> > And a similar thing just happened
And a similar thing just happened again with 21280. ASSP gets to the point
where it can't open any more files, griplist can't be opened, and it goes
into a shutdown process.
On Thu, Oct 7, 2021 at 2:50 PM K Post wrote:
> Here's excerpts from my log. Odd stuff and concerni
Thanks for the fix in 21280!
" the definition of an invalid regular expression in 'NotifyRe' may caused
a crash of the assp process"
On Wed, Oct 6, 2021 at 1:53 PM K Post wrote:
> Nothing urgent, but I managed to completely crash assp by entering an
> invalid regex.
&g
21 12:00:03 Error: unable to rename file d:/assp/assp.cfg.tmp to
d:/assp/assp.cfg - No such file or directory
Oct-07-21 12:00:03 Finished saving config
Oct-07-21 12:00:03 BerkeleyDB-ENV-ERROR Griplist: Cannot open file
d:/assp/tmpDB/Griplist/BDB-error.txt: Too many open files
at (eval 3745) line 1
Uh oh. I haven't moved away from the test version you provided yesterday
yet, but I just got a complete ASSP crash, which was preceded by:
error: Worker_1 accept to client failed IO::Socket::INET=GLOB(0x881a0c40)
(timeout: 2 s) : Too many open files
error: Worker_2 accept to client failed IO::S
Nothing urgent, but I managed to completely crash assp by entering an
invalid regex.
In trying to keep on eye on the annoying failed TLS smtp server pool, I
intended to put a NotifyRE together like:
connected: session:(.){8} 154\.21\.
To start, I entered, I was going to first try
Connected: se
ey just sending a handshake way too early for that to work?
On Wed, Oct 6, 2021 at 10:08 AM Thomas Eckardt
wrote:
> try https://sourceforge.net/p/assp/svn/HEAD/tree/assp2/trunk/test/
>
> tell me if and how it works for you
>
> Thomas
>
>
>
>
> Von:&q
Please see my "Too many open files" message as it related to 21277
On Tue, Oct 5, 2021 at 9:33 AM K Post wrote:
> I have about 4million HMM records, startup was 2-3 minutes, but ASSP is on
> Windows, in a VM, on a not so new (but new to the charity) host
> Whatever SQL yo
87 >
(internal smtp ip):25
154.21.114.200 disconnected: session:48196D90 154.21.114.200 - processing
time 1 seconds
Error: Worker_4 accept_SSL to client 154.21.114.200 failed
IO::Socket::SSL=GLOB(0x2b79ffd0) (timeout: 5 s) : SSL accept attempt failed
On Tue, Oct 5, 2021 at 9:18 AM K Post wrote:
>
statement for hmmdb and spamdb.
>
> In my case the delay was ~25 seconds for ~10 million database records.
>
> >Is that part of the improved error handling for SSL SMTP sessions over
> port 25?
>
> yes.
>
> Thomas
>
>
>
>
>
> Von:"K Post
I've seen this a couple times now with 21277. Windows.
error: unable to close Socket IO::Socket::INET=GLOB(0x10fd4f70) - - Bad
file descriptor
and
Oct-05-21 08:51:09 *** (our internal smtp ip):25 didn't work, trying
others... - Too many open files
Oct-05-21 08:51:09 Error: couldn't create ser
Thank you Thomas!!!
This version solved my very slow startup with the rebuild spamdb worker.
I am seeing some entries like:
got an unexpected TLSv1_2 handshake Client-Helo-Frame of version (3.3) from
IP '154.21.28.74' at local IP '(my ip here)' and Port '25' - this frame is
ignored
I don't believ
Confirmed! The new version starts up nice and quick
On Mon, Oct 4, 2021 at 4:56 AM Doug Lytle wrote:
> On 10/3/21 7:53 PM, K Post wrote:
> > Thanks Doug. How long does it take to start the rebuild SpamDB worker
> > though? Mine also runs 11, and seemingly fine,
Thanks Doug. How long does it take to start the rebuild SpamDB worker
though? Mine also runs 11, and seemingly fine, it just takes a long
time to start. I don't know why it starts before the GUI or SMTP, but
suspect that it needs to be running if it's going to track mail for the
rebuild as i
oesn't make sense to
first have SMTP and the GUI operational first?
On Wed, Sep 29, 2021 at 2:33 PM K Post wrote:
> Thank you Thomas!! I will run through these steps this weekend and report
> back.
>
> On Wed, Sep 29, 2021 at 12:03 PM Thomas Eckardt <
> thomas.ecka...@thock
GUI or cmdqueue (in doubt enable the
> debugging for the rebuild)
> - wait until this task is finished
> - stop assp
>
> - start assp from commandline - everythng should work like expected
> - stop assp
> - start the service
>
> Thomas
>
>
> Von:"K
If I restart my server or just the ASSP windows service, I've discovered
that ASSP generally will no longer fully start automatically as a service.
I'm sure there's something misconfigured, corrupt, or broken on my
machine. If the Windows server crashes or does an after hours update
restart, ASSP
the GUI the option
> 'ExportMysqlDB' and before importing the configuration and databases in the
> new operating system.
>
> Good luck
>
> Bye.
>
>
>
> Leo.
>
>
>
> *De:* K Post [mailto:nntp.p...@gmail.com]
> *Enviado el:* miƩrcoles, 08 de septiembre de
this using your own strategy - good luck!
> But keep in mind: bad conditions in any file caused by the fault, can lead
> in to bad behavior or crashes of assp in future (possibly in months or in
> years, depends on the config, GUI actions, configuration changes, perl
> module changes
Hi,
I'm excited to have received a new (to us but still old) donated server for
our charity. I'd like to move the current ASSP installation away from
Windows 2012 and install Windows 2019. (linux isn't an option due to
policy).
I'm running MySQL on the current installation. To migrate the ASSP
wrote:
> The state of the assp folders and files (also the assp.cfg !!!) may be
> unexpected after a 'disk full' condition happened.
>
> I recommend to restore a known good state.
>
> Thomas
>
>
>
>
> Von:"K Post"
>
option.
> No, this will not work. But links will work on windows.
>
> >I have everything on my C drive in c:\ASSP\logs.
> Is there any good reason to this at a production system???
>
> Thomas
>
>
>
>
>
>
> Von:"K Post"
> An:&
ines* (noLogLineRe)
> to
> signal SEGV in
>
> >I just don't know if putting a drive letter in the config is another
> option.
> No, this will not work. But links will work on windows.
>
> >I have everything on my C drive in c:\ASSP\logs.
> Is there any good reas
orge.net> wrote:
> On 2021-09-03 09:11, K Post wrote:
>
> > 1) Can the logfile configuration be set to use a different disk?
> >
> This was relatively easy on linux. I do not know if Windows has a similar
> functionality. Basically the ASSP log directories are re-directed
Summary:
1) Get log files to separate disk on Windows system
2) Stop repeating warnings from filling log?
Yesterday and today, my log filled with
Sep-03-21 02:50:05 Warning: got unexpected signal SEGV in Worker_10001:
package - Win32::Unicode::Dir, file -
c:/strawberry/perl/site/lib/Win32/Unicod
Hello everyone,
One department with their own subdomain at our charity is going to be
moving to Office365 for email. I want to be able to *keep ASSP in use for
this handful of users*, but could use some guidance from the community here.
My plan is:
1) Inbound mail to dept1.ourcharity.org will s
I'm desperate for help. It seems that ASSP has thread problems frequently
when it reloads the config. I see warnings that the Main_Thread is unable
to transfer connection to any worker, often every 5 minutes for hours.
May-17-21 20:40:35 Saving config
May-17-21 20:40:35 Info: no configuration ch
my suggestion:
>
> - minor code changes
> - flexible and more detailed error explanations - possibly in local
> language
> - much less (than in your suggestion) confusing reply configurations
> - keeps hardcoded (and required) 5xx reply codes
> - the assp code can force sk
Thomas,
First, as requested, I've tried to change the way I generally ask for
features. I hope this is better, helpful, and fully explains my reasoning.
Just like we can customize the spamError, DelayError, NoValidRecipient, and
other reasons that appear in rejection/delay messages to the sender
in the IANA web. Things like 'what is
> SPF, SRS, DKIM ?' will not become part of the assp manual - there are
> very good explanations and examples in the web.
>
> Suggestions for new features or changes are wellcome. How ever: I prever
> to see something like &
lo' settings, lists, hashes ...
> but who would need them?
>
> Thomas
>
>
>
>
>
> Von:"K Post"
> An:"ASSP development mailing list" <
> assp-test@lists.sourceforge.net>
> Datum:30.04.2021 17:39
> Betreff:
re this happens !
>
>
> >I see: HELO Blacklist: '*mta-85-129.sparkpostmail.com*
> <http://mta-85-129.sparkpostmail.com/>'
>
> this is the result line from the analyzer - the analyzer shows every
> match, it's on YOU to know that a heloBlacklistIgnor
1 - 100 of 1606 matches
Mail list logo
