ASPF

Published Date: 2018/11/02 by: DaVieS

ASPF

ASPF is an Advanced Spam Processing Filter.
ASPF is a centralized SPAM mitigation tool for both incoming and outgoing mails.
ASPF has built-in greylisting & anti-spoofing service , allowing Operators to configure limits and spam detection level per Server / Domain / User level. 
Can be blacklisting and whitelisting and doing its automatically.

ASPF can catch 99% of SPAM.

Incoming Email Validation

- Round-1 | Checking MXes on domain

  • Mechanism: ASPF will query MX Server on sender domain
  • On Error: ASPF: Your message is rejected due no MX record found on your sender domain, try later.
  • On Accept as SPAM: Marked-As-SPAM due no MX record found on sender domain


- Round-2 | Checking Reverse

  • Mechanism: ASPF will query PTR Record from Sender Domain and check if its points back to server IP or matches with HELO name.
  • On Error: ASPF: Your message is rejected due your hostname is not equal with your reverse domain or with HELO/EHLO name, try later.
  • On Accept as SPAM: Marked-As-SPAM due hostname is not equal with reverse domain or with HELO/EHLO name


- Round-3 | Probing MX

  • Mechanism: ASPF will trying to determine if at least one MX has an SMTP Server available for incoming messages.
  • On Reject: ASPF: Your message is rejected due no valid SMTP Server found on domain.
  • On Accept as SPAM: ASPF: Marked-As-SPAM due no valid SMTP Server found on domain


- Round-4 | RBL Checking

  • Mechanism: ASPF will query various SPAM lists (DNSBL).
  • On Reject: ASPF: Your message is rejected due sender host is on list
  • On Accept as SPAM: ASPF: Marked-As-SPAM due sender host is found on list

 

- Round-5 | Checking sender origin

  • Mechanism: ASPF will check who the sender is, noreply, no-reply ...
  • On Reject: ASPF: Your message is rejected due our system is only accept messages from real ppl.
  • On Accept as SPAM: ASPF: Marked-As-SPAM due our system is only accept messages from real ppl

 

 

Management

ASPF uses mySQL / mariaDB Database and have bootstrap-based webadmin to manage and handle things. 

ASPF likely help system administrators to track messages and limiting incoming & outgoing messages too. 

Allowing Blacklist & Whitelist, Search, Real-Time analysis. 

 

Future Plans

Country Based Scoring & Demand on MAP

Content Filtering: Like Amavisd-New ASPF can be a content filter too, this can enable analysis deep mail scan, URL checking, Phishing Checking, also with placing fast menu on mail footer, like: Mark this mail as SPAM so personal feedback can be processed automatically.

 

ASPF Written in PHP Language, works as Daemon, tested on FreeBSD / Debian. 
ASPF is OpenSource, licensed under BSD License.

(!) Warning: ASPF part of our Enterprise (MVCP) Hosting Panel, currently backported.

https://github.com/davies007/ASPF

Outgoing Mail Rate Limiting

  • ASPF not only checking incoming mails it is also defending outgoing SPAMMING. Server / User / Domain based limiting if set, for X messages / 5 minutes.
  • When Sender reach this limit, any other mails are forbidden to send within a time period.
  • This will be also shown on Dashboard, and there is an option to notify system administrators about the incident. 

Auto-Learning & Cache

  • ASPF can auto-learn trusted mails for a specified time. This can be explained with a little sample:
  • Alice <alice@example.com> sending mails behind ASPF to Bob <bob@example.com> in this case Bob with his mail added to database as (temporary-whitelist) so even if Bob using wrong mail server ASPF will let he in.
  • Important to say that, ASPF is only check_policy_service, does not analyse the content (yet), and just one defense line its possible that amavisd-new or spamassasin will also marks your message as SPAM even if ASPF not. 

Per - Server Configuration seamless global space

ASPF can be setup by per server basis, such as Greylisting, Timeout, Auto-Learn, Limits, ... since ASPF can handle multiple server at once.

All gathered data stored in global space and delay & catch & mark spam works globally.

 

Greylisting, Reject mails, ANTI-SPOOF (NEW!)

ASPF only flag mails when its suspicous at default not rejecting them, now there are more options.

New algorythm help identify malicious mails which rejected before queue. 

This method guard the entire mail system, also all newbie deferred for a short time (greylisting), then if they are trying to send again ASPF check the history about the sender and decide to delay, defer or reject the message.

ASPF now can detect spoofing attempt on both sides:

Email is designed to be sent from real mailboxes. RFC 2822 and RFC 5322 say:
In all cases, the "From:" field SHOULD NOT contain any mailbox that does not belong to the author(s) of the message.

 

ASPF
ASPF


If you are here because you seen rejected message which started with ASPF. 

Please make sure you are not blacklisted on any DNSBL or ask your mail provider if the mail server is configured well.
Also maybe our tools may help you identify your mail server problems:




Trackit v3.0

Trackit v3.0

Trackit is an enterprise class /very advanced/ all-in-one monitoring/datalogger application.   ... Click and Read More!
MVCP

MVCP

MVCP is our 5th generation of Mass Virtual Hosting Control Panel. Unlike any-other versions MVCP is written in PHP instead of C/C++/LUA.MVCP uses bootstrap and built-in to FreeBSD 11.2 with ... Click and Read More!

All rights reserved nPulse.net 2009 - 2019
Powered by: MVCP / ASPF / PHP 7.2 / NGINX / FreeBSD