What is ASSP ?
The Anti-Spam SMTP Proxy (ASSP) Server is an antispam SMTP Proxy server which implements auto-whitelists, self learning Hidden-Markov-Model and/or Bayesian, Greylisting, DNSBL, DNSWL, URIBL, SPF, SRS, Backscatter, Virus scanning, attachment blocking, Senderbase and multiple other filter methods. ASSP can be controlled using an ASSP Web interface (GUI).
What is ASSP Deluxe for cPanel ?
"ASSP Deluxe for cPanel" is an ASSP frontend/integration for cPanel ; it's a set of PHP scripts which allow to install, configure, run and monitor ASSP in a cPanel server. ASSP Deluxe for cPanel includes an ASSP WHM interface, spambox IMAP for each email user, email queue finder, spam outgoing notifications, clamAV unofficial signatures support, Pyzor plugin for ASSP, automatic updates, Daily blocked email report, a cPanel ASSP frontend for users, ASSP SSL SNI and ASSP MySQL or BerkeleyDB automatic setup, ASSP Perl module automatic installation and other features.
Time required to complete ASSP v2 installation 45~60 minutes.
Open cPanel WHM Service Configuration Service Manager and Disable/turn OFF SpamAssassin by unchecking SpamAssassin as shown below
Now go up in the page and be sure RecentAuthedMailIpTracker ( or the obsolete antirelayd cPanel service ) service is enabled as shown below
Now turn OFF SMTP alternative port(s) as shown below. You can setup SMTP alternative port(s) later using the ASSP Web Interface (post installation steps).
Now turn OFF cPanel Greylisting Daemon as shown below. You can enable ASSP Delaying/Greylasting later if you want.
Save Settings in Service Manager
Now click PHP tab and enable ioncube as shown below.
Save Settings in Tweak Settings
Why all EXIM ACLs settings should be set OFF in EXIM Configuration Manager ?
Simply because we want avoid antispam redundancy while running ASSP. For example we turn OFF RBL checks in EXIM because these checks are already executed by ASSP ( ASSP checks the email before EXIM ) there is no reason to do this twice.
Open cPanel WHM cPanel Manage Plugins and install ClamAV as shown below
Only if you have CSF firewall installed go to cPanel WHM Plugins ConfigServer Security & Firewall and click Firewall Configuration.
Adds ,125,25,26,587,55553,55555,2703 to TCP_IN =
Adds ,25,26,587,55553,55555,2703 to TCP_OUT =
Adds ,6277,24441 to UDP_IN =
Adds ,6277,24441 to UDP_OUT =
Set DENY_IP_LIMIT = to 2000
Save Settings in CSF firewall and restart it.
Ok... WHM cPanel is configured to install ASSP. Now we can start the installation.
Now execute following commands to install ASSP Deluxe and ASSP WHM files
Once completed the commands above you can install Perl. ASSP 2.x requires a linux-thread-multi Perl and latest recommended Perl for ASSP v2 is 5.30.0 ; it will be installed in /usr/local/perls . You can remove this custom Perl (/usr/local/perls) if you'll decide to uninstall ASSP. Execute following commands to install Perl 5.30.0 in /usr/local/perls now
Perl installation will require about 15-20 minutes , at the end of Perl installation execute following command to install ASSP Perl modules.
Perl module installation will require other 20-25 minutes, if it returns some perl module errors you may ignore them for now. Once completed execute this
All Perl module should install without errors . Only if you have OS Almalinux 8.x and you receive a DB_File installation failure execute this
and add following rows ( later in the FAQs section you can learn what does these cronjobs )
Save cronjob list and exit.
Be sure to enter the rows MAILTO="" and MAILTO=root as shown above.
Every cron executed between MAILTO="" and MAILTO=root will not receive email cron notifications (each time the cron executes).
If you do not use MAILTO your email queue could be filled with email (email cron notification) generated by the crons above very fast !
Do not use > /dev/null since it will NOT work with these scripts.
Now execute this
ASSP should start correctly and you should be able to see its activity in ASSP log using this way
You should remember this important log /usr/local/assp/maillog.txt ; ASSP logs every incoming and outgoing email in this log . It's refreshed each 7 days automatically. A backup of your old ASSP logs are stored in /usr/local/assp. Each incoming and outgoing email has its own ASSP ID (e.g. id-83437-03814 ), the ASSP ID will be added in email headers too so you can identify an email blocked in ASSP log very easily. Email blocked will be collected in spambox while good email will be processed by EXIM and you will see them in EXIM log /var/log/exim_mainlog too.
Now return to ASSP WHM INTERFACE and enable ASSP SCORING MODE as shown below
By default ASSP installation the ASSP Delaying filter starts enabled. It's recommend to set if OFF now; your user can decide to swtich it ON/OFF using their cPanel user interface.
Go to ASSP WHM INTERFACE ASSP DOMAIN CONFIG , and turn/set OFF Delaying filter for ALL your domain/users, click Submit button to save settings.
Now go to ASSP WHM INTERFACE ASSP FILTER CONFIG and press button DELAYING DEFAULT as shown below (default disabled status for new hosting accounts).
Even if the ASSP setup have to be completed (setting up ASSP SSL , SPAMBOX , an ASSP database and other some settings) your ASSP is now already running and processing email, each incoming email is filtered and proxied to EXIM. All email will be checked using multiple spam filters and a numeric score point will be added by each filter ( scoring mode ) . If the scoring Penalty limit value (PenaltyMessageLimit) will be surpassed the email will be collected as SPAM ( and tagged [ SPAM FOUND ] in ASSP log) , and you will see a 127.0.0.1 disconnection in EXIM log. If the scoring Penalty limit value will not be surpassed the email will be accepted ( and tagged [ MESSAGE OK ] in ASSP log ). Blocked email will be collected in /usr/local/assp/spam folder (and used to build the HMM and Bayesian database) and collected by the spambox spammaster email which delivers the SPAM in the imap /spambox folder of your users email (the spambox feature will be setup later in this HOW TO). Good email will be collected in /usr/local/assp/notspam folder (and used to build the HMM and Bayesian database) and proxied internally (127.0.0.1:125) to EXIM which will deliver the email in user INBOX .
Now you can install the ASSP Deluxe cPanel frontend for your users. Open the ASSP WHM INTERFACE and go down to Software Updates, and click "UPDATE FRONTEND" for "ALL themes" as shown below.
The ASSP Deluxe cPanel frontend for your users will be installed in /usr/local/cpanel/base/frontend/yourskin/asspdeluxe and you can view the user interface by pointing your browser https://www.domain.com:2083/frontend/yourskin/asspdeluxe/index.php or click the ASSP SPAM Filter icon in the EMAIL section.
ASSP Deluxe for cPanel frontend for your users
The SPAMBOX red icon shown below will appear later when the spambox feature will be installed some step below. The HELP section is very important because explains you and your users how works the ASSP spam and notspam email interface reporting . Also after pressing the SPAMBOX red button your users can configure the spambox .
spambox requirements :
If adding a new account is an issue for you (e.g. you have a WHM license with single account limit) you can install the spambox over any existent domain . In this case follow the spambox how to for your domain name instead of fake domain spamxyz.us . In each case do NOT to install the spambox over the server hostname because it will NOT work.
note : the /spambox IMAP folder will be created after the email will receive the first SPAM email message. spambox IMAP folders are cleared automatically using the clear_spambox.php cronjob , read the FAQs section for more details.
After the spambox installation you'll see new spambox features in your ASSP WHM INTERFACE which allows you to check spamboxes (SPAM FINDER) , enable/disable spambox for your users, and set spambox IMAP default status for new accounts.
BerkeleyDB ASSP Setup
Open your console and execute following command which will install BerkeleyDB 5.3.28 in /usr/local/BerkeleyDB.5.3 and the BerkeleyDB Perl module for your ASSP Perl
Open the ASSP WHM INTERFACE and click STOP ASSP. Once ASSP is fully stopped execute this to configure ASSP to use BerkeleyDB
Open the ASSP WHM INTERFACE and click START ASSP. Your ASSP should start correctly and you should see a new menu in your ASSP WHM INTERFACE as shown below.
MySQL ASSP Setup
If you prefer to use MySQL and you did NOT enable BerkeleyDB above you can setup MySQL for your ASSP using following way.
Open the WHM cPanel SQL Services MySQL/MariaDB Upgrade and check your current MySQL version. You should have at least MySQL 5.7 or MariaDB 10.x . If you have an older MySQL version you should upgrade it . If an upgrade is not possible it's better to use the BerkeleyDB database using the BerkeleyDB HOW TO above.
Ok now open your MySQL /etc/my.cnf configuration file using your preferred console editor and add following rows required by ASSP to avoid MySQL disconnections ( add them at the end of [mysqld] section )
Save the file and restart MySQL in this way
Now open the ASSP WHM INTERFACE and click MYSQL SETUP and follow simple instructions to activate MySQL.
Once MySQL has been setup return to ASSP WHM INTERFACE and you should see a new menu as shown below.
Installation is almost complete, at this point your ASSP should be running correctly with SSL, database, spambox and preconfigured with moderate antispam settings. There are few more simple steps required to run your ASSP at the best.
Open the ASSP WHM INTERFACE , go to "ASSP 2.x core settings" and choose number of SMTP workers following the instructions. 5 is default and should be good in most cases . You can increase or reduce based on your server RAM and SMTP traffic . If you receive a lot of SMTP traffic you may consider a bigger value (8-12 e.g.). A value above 15 is not recommended. If your server has less than 8 GB RAM set to 3 max 5 workers. Remember that more workers means more SMTP processing speed, so if your users are experiencing delay to send email you should try to increase number of ASSP worker one step at time. Each time you change number of workers ASSP needs to execute a restart.
Open the ASSP WHM INTERFACE , go to "ASSP 2.x core settings" and click enable PYZOR and ANTIVIRUS CHECKS . Pyzor checks will improve antispam performance while ANTIVIRUS CHECKS permits to scan also compressed email attachments.
Pyzor requires at least Python version 2.7.5 if you have an old OS (Centos 6 e.g.) Pyzor could not work.
After enabling Pyzor and Antivirus execute this to activate immediately the new features (ASSP will be restarted to load the new feature)
Finally it's time to open the ASSP GUI to set ASSP GUI password and activate DCC and Razor plugins. Go to ASSP WHM INTERFACE and click ASSP WEB INTERFACE . Your ASSP WEB INTERFACE (GUI) should open you can login with..
note : there are various ASSP web interface parameters which are controlled by ASSP Deluxe for cPanel. All parameters controlled by ASSP Deluxe are listed in ASSP WHM INTERFACE AUTOMATION SETTINGS . If you are an experienced ASSP administrator and you want customize some of these parameters you should set OFF the parameter you want customize in AUTOMATION SETTINGS page.
Now, to complete the ASSP v2 setup I recommend you to take only a fast look to your ASSP GUI and to apply following final few steps. First of all your ASSP should appear like this below, you should see a green dot, which means all ASSP DBs are working correctly. If you see a red dot , close the ASSP GUI, STOP and START your ASSP using ASSP WHM INTERFACE , then open again the ASSP GUI .If the problem does not fix you should have failed the database installation some step above.
Now open the ASSP Razor Plugin menu and set DoASSP_Razor to score, then open the ASSP DCC Plugin menu and set DoASSP_DCC to score.
Now to change the default ASSP GUI password go to "General Server Setup" , go down to "Web Admin Password - Masterpassword (root) (webAdminPassword)" and set a new password. Be sure to note the new password carefully because the password will be encrypted and cannot be changed by editing the assp.cfg file.
Ok you can SAVE/APPLY ASSP settings in your ASSP GUI. You can close the ASSP WEB INTERFACE now.
Ok... ASSP v2 installation is completed and all should work correctly . All incoming email should be filtered and everything should work correctly. Now you can check the Post installation steps and FAQs page. You can learn how to STOP fully ASSP and return instantly to cPanel only , how to restart ASSP from console, and other important user and administrative tasks.