Knowledgebase

How to use ASSP spam filter Print

  • 0

In our search for an efficient, powerful spam filtering tool we’ve decided to trial The Anti-Spam SMTP Proxy (ASSP) Server for cPanel.

Our research showed us that this spam filtering solution provides excellent protection for user email accounts, as well as a wide range of additional features – without adversely affecting server performance. We’ve used many spam filtering solutions over the years and we’re always looking for the most effective solution that allows us to maintain the highest level of performance on our shared servers.

So far our experience with ASSP has been very positive. Aside from some initial teething problems early on, the spam filtering system has exceeded our expectations and provided great protection for customer email accounts, as well as providing a WHM interface for easy management.

In this guide we aim to explain how ASSP works, and to show you how you can use the most important features of the ASSP spam filtering system on your hosting account.

https://sive.host/titfombe/repository/advertising-in-the-olded-mailboxes-spam-concept_t20_6mANJp.jpg.webp

What is ASSP spam filter?

The Anti-Spam SMTP Proxy (ASSP) is an open-source spam filtering solution based on the Perl programming language. ASSP is designed to be platform-independent, for use on any common web hosting server. With a GNU General Public License, ASSP is completely free to download, with no hidden charges.

ASSP uses a variety of methods to filter incoming spam including the Bayesian method and Hidden Markov Model spam filtering. The end-user won’t see most of what ASSP does in the background with incoming emails, so we won’t get into the very technical details here.

How does ASSP work?

ASSP primarily works as an SMTP proxy, which operates on the SMTP listen ports in front of an SMTP server. ASSP then relays the SMTP data from an incoming email client and the SMTP server (in our case Exim), intercepting the dialog as necessary.

In other words, ASSP sits on the server and listens to all incoming and outgoing email transactions, scanning the data against it’s spam filtering algorithms, and carrying out various actions on the email based on the results of these scans.

When ASSP’s spam checks detect a spam message, ASSP will immediately return a 5xx SMTP error code back to the sending client. If the incoming email passes the spam checks and is treated as non-spam, it’s passed to the mail server (exim) and delivered to the recipient.

For a more detailed look at the architecture of ASSP, take a look at the following diagram:

https://sive.host/titfombe/repository/pasted%20image%200.png

Managing the spam filter

So we’ve covered what ASSP is and how it works, so let’s move on to actually using the spam filter in some example scenarios.

While the ASSP interface in cPanel does let you configure some elements of the spam filtering system, you’ll find that you won’t need to use it very often. The most important features of ASSP can be used by just sending or forwarding relevant emails to the ASSP mailboxes on your domain.

With ASSP spam filtering solution, you’ll often find that it works just as you need without actually having to make any changes. In certain circumstances however, you may need to make slight changes to suit your email sending and receiving preferences.

So let’s get into the most useful features that ASSP has to offer.

https://sive.host/titfombe/repository/padlock-lying-on-the-computer-keyboard-ZDDX93E-min-1024x475.jpg.webp

Whitelisting incoming email

Whitelisting an email address is when you signal to the spam filter that the email address in question is legitimate and not a spammer. Emails from whitelisted addresses will always be received successfully.

There are several ways to whitelist incoming email addresses on your hosting account.

Whitelisting an email address

The most straightforward and easy way to whitelist an email address is to simply send an email to the email address you want to whitelist. As soon as you send an email to a certain email address, that email address is automatically whitelisted by the spam filter. It’s as straightforward as that!

Another method of whitelisting an email address is to send an email to assp-notspam@yourdomain.com (replacing yourdomain.com with your domain name). In the body of the email, just include the email address you need to whitelist.

Whitelisting a domain name

ASSP also lets you whitelist all incoming emails from a certain domain name. The method for achieving this is much the same as for whitelisting a single email address.

Send an email to assp-notspam@yourdomain.com (replacing yourdomain.com with your domain name), and in the body of the email just include the domain name you need to whitelist. This should be in the form of *@domain.com (where domain.com is the domain name to be whitelisted).

Blacklisting incoming email

Blacklisting an email address is when you signal to the spam filter that said email address is a spammer, and you don’t wish to receive any more emails from this address.

Once an email address is blacklisted, the email server will reject any incoming emails from that email address, preventing it from ever hitting your inbox.

You’ll find that ASSP takes care of the overwhelming majority of incoming spam for you, so you probably won’t need to blacklist addresses often. But in case spam emails do slip through the cracks and land in your inbox, it’s easy to fix.

Blacklisting an email address

Blacklisting an email address with ASSP is straightforward, and the method is very similar to whitelisting an email address.

Just send an email to assp-spam@yourdomain.com (replacing yourdomain.com with your domain name), and include the email address to blacklist in the body of the email. This will instruct ASSP to blacklist the email address.

Blacklisting a domain name

As with whitelisting a domain name, blacklisting a domain name is easy.

Send an email to assp-spam@yourdomain.com (replacing yourdomain.com with your domain name), and in the body of the email just include the domain name you need to whitelist. This should be in the form of *@domain.com (where domain.com is the domain name to be whitelisted).

The ASSP Interface

Accessing ASSP is simple and just takes a through clicks through the cPanel control panel.

From the cPanel interface, find the ASSP Spam Filter option within the Email section. You can either scroll down and click the icon, or search for it in the search bar.

https://sive.host/titfombe/repository/Screenshot%20from%202021-08-20%2009-35-37.png

You’ll then be taken to the ASSP interface where you can manage various options for your hosting account.

https://sive.host/titfombe/repository/tempsnip.png

Typically you’ll find that you don’t need to change many, or any, of these settings. In fact, changing certain settings can have adverse effects on your incoming emails. So bear that in mind when making any changes through this interface.

With that said, we will briefly explain each section of the ASSP interface, and what they are used for.

Spambox

The Spambox feature of ASSP allows you to check spam messages for your email addresses, in a separate inbox to your main inbox. This effectively separates legitimate emails from spam emails, rather than just deleting the spam emails.

https://sive.host/titfombe/repository/tempsnip%20(1).png

Here you can enable or disable the spambox for both IMAP and POP3, on any domains in your hosting account.

This can be helpful in examining which email addresses are sending you lots of spam but it’s not absolutely essential – so use this at your own discretion.

Note: all the SPAM messages older than 7 days , will be removed automatically from your account each day to avoid disk space problems.

Spam Scoring

As the name suggests, the SPAM scoring section allows you to determine the spam scoring threshold for incoming emails on any of your domain names.

“Normal” is the default Antispam server sensitivity level. You can decrease this using the Low, Lower or Lowest settings, or increase it by using High, Higher or Highest settings to block as much spam as possible. If you decrease sensitivity more spam could pass however you reduce the risk of blocking any good emails. If you increase spam sensitivity you can successfully block all spam which is passing however an occasional good email could be collected in the spambox.

So you have the option to change the spam scoring for each domain or disable it altogether – we recommend leaving this enabled and at the default score.

Delaying filter

The Delaying filter, or greylisting, is a method of blocking all incoming emails, except from senders that have already been whitelisted.

This should not be enabled unless in very specific circumstances, and in that scenario our support team would assist with this.

No local addresses filter

The No local filter allows your mailserver to receive email only for existing email addresses on your accounts (forwarders included). This prevents all spam dictionary type email attacks.

When a sender attempts to send an email to a non-existent email address on your domain, they will receive the following error :  550 5.1.1 User unknown: random_word@yourdomain.com.

We strongly recommend that you leave this setting always enabled.

Note: This does remove support for the catch-all email address.

Virus protection

This section allows you to toggle the virus protection for emails on specific domain names in your hosting account.

We strongly advise to never disable this feature – it’s one of the most important features of ASSP, and disabling virus protection will only open you up to potential issues in the future.

 


Was this answer helpful?
Back