ASPF (Discounted, see: ASPF-MILTER)

Published Date: 2020/05/03 by: DaVieS

ASPF (Discounted, see: ASPF-MILTER)

ASPF is an Advanced Spam Processing Filter.
ASPF is a centralized SPAM mitigation tool for both incoming and outgoing mails.
ASPF has built-in greylisting & anti-spoofing service , allowing Operators to configure limits and spam detection level per Server / Domain / User level. 
Can be blacklisting and whitelisting and doing its automatically.

ASPF can catch 99% of SPAM.

Incoming Email Validation

- Round-1 | Checking MXes on domain

  • Mechanism: ASPF will query MX Server on sender domain
  • On Error: ASPF: Your message is rejected due no MX record found on your sender domain, try later.
  • On Accept as SPAM: Marked-As-SPAM due no MX record found on sender domain


- Round-2 | Checking Reverse

  • Mechanism: ASPF will query PTR Record from Sender Domain and check if its points back to server IP or matches with HELO name.
  • On Error: ASPF: Your message is rejected due your hostname is not equal with your reverse domain or with HELO/EHLO name, try later.
  • On Accept as SPAM: Marked-As-SPAM due hostname is not equal with reverse domain or with HELO/EHLO name


- Round-3 | Probing MX

  • Mechanism: ASPF will trying to determine if at least one MX has an SMTP Server available for incoming messages.
  • On Reject: ASPF: Your message is rejected due no valid SMTP Server found on domain.
  • On Accept as SPAM: ASPF: Marked-As-SPAM due no valid SMTP Server found on domain


- Round-4 | RBL Checking

  • Mechanism: ASPF will query various SPAM lists (DNSBL).
  • On Reject: ASPF: Your message is rejected due sender host is on list
  • On Accept as SPAM: ASPF: Marked-As-SPAM due sender host is found on list

 

- Round-5 | Checking sender origin

  • Mechanism: ASPF will check who the sender is, noreply, no-reply ...
  • On Reject: ASPF: Your message is rejected due our system is only accept messages from real ppl.
  • On Accept as SPAM: ASPF: Marked-As-SPAM due our system is only accept messages from real ppl

 

 

Management

ASPF uses mySQL / mariaDB Database and have bootstrap-based webadmin to manage and handle things. 

ASPF likely help system administrators to track messages and limiting incoming & outgoing messages too. 

Allowing Blacklist & Whitelist, Search, Real-Time analysis. 

 

Future Plans

Country Based Scoring & Demand on MAP

Content Filtering: Like Amavisd-New ASPF can be a content filter too, this can enable analysis deep mail scan, URL checking, Phishing Checking, also with placing fast menu on mail footer, like: Mark this mail as SPAM so personal feedback can be processed automatically.

 

ASPF Written in PHP Language, works as Daemon, tested on FreeBSD / Debian. 
ASPF is OpenSource, licensed under BSD License.

(!) Warning: ASPF part of our Enterprise (MVCP) Hosting Panel, currently backported.

https://github.com/davies007/ASPF

Outgoing Mail Rate Limiting

  • ASPF not only checking incoming mails it is also defending outgoing SPAMMING. Server / User / Domain based limiting if set, for X messages / 5 minutes.
  • When Sender reach this limit, any other mails are forbidden to send within a time period.
  • This will be also shown on Dashboard, and there is an option to notify system administrators about the incident. 

Auto-Learning & Cache

  • ASPF can auto-learn trusted mails for a specified time. This can be explained with a little sample:
  • Alice <alice@example.com> sending mails behind ASPF to Bob <bob@example.com> in this case Bob with his mail added to database as (temporary-whitelist) so even if Bob using wrong mail server ASPF will let he in.
  • Important to say that, ASPF is only check_policy_service, does not analyse the content (yet), and just one defense line its possible that amavisd-new or spamassasin will also marks your message as SPAM even if ASPF not. 

Per - Server Configuration seamless global space

ASPF can be setup by per server basis, such as Greylisting, Timeout, Auto-Learn, Limits, ... since ASPF can handle multiple server at once.

All gathered data stored in global space and delay & catch & mark spam works globally.

 

Greylisting, Reject mails, ANTI-SPOOF (NEW!)

ASPF only flag mails when its suspicous at default not rejecting them, now there are more options.

New algorythm help identify malicious mails which rejected before queue. 

This method guard the entire mail system, also all newbie deferred for a short time (greylisting), then if they are trying to send again ASPF check the history about the sender and decide to delay, defer or reject the message.

ASPF now can detect spoofing attempt on both sides:

Email is designed to be sent from real mailboxes. RFC 2822 and RFC 5322 say:
In all cases, the "From:" field SHOULD NOT contain any mailbox that does not belong to the author(s) of the message.

 

ASPF (Discounted, see: ASPF-MILTER)
ASPF (Discounted, see: ASPF-MILTER)


If you are here because you seen rejected message which started with ASPF. 

Please make sure you are not blacklisted on any DNSBL or ask your mail provider if the mail server is configured well.
Also maybe our tools may help you identify your mail server problems:
https://npulse.net/en/tools



If you like the article then don't forget to share!

Nexus Datalogger 2023

Our first version of Datalogger Software released back in 2012. What we made is a simple and continuous datalogging software with a reliable..


TrackIT-PortGuard

This is a simple TCP Gateway or proxy with advanced security features.The mechanism similar to port knocking, however much more safe..


[P]artial [F]ile [R]ecovery in case of badSector, HDD Error

Our new Software released under Open Source license.PFR is a cross-platform easy-to-use powerfull tool to recover broken files that caused HDD or..


BVCP: FreeBSD Bhyve Web UI

This is a personal project from the author of nPulse.net, Viktor Hlavaji (DaVieS).nPulse.net is always willing to share knowledge and resources..


Kinga-Framework

This is an industry-class cross-platform complete Framework written in C/C++ with many built-in functions implemented and designed with..


SSH Two-Factor Authentication

SSH Twofactor Authentication is our "still-under-development" project.It for Android mobile phones and linux / FreeBSD servers.The goal is make..


sysAdmin ToolBox v2.0

We are happily announce that our second version of sysAdmin ToolBox for Adnroid mobile phones published into live.The first version of this..


ASPF-Milter

ASPF-Milter is our next generation Centralised SPAM Filter on both directions (sending, receiving).ASPF-Milter as it's name suggest uses MILTER..


Trackit-2019

Trackit-2019 is our enterprise class /very advanced/ all-in-one monitoring/datalogger application for IT / ICT Infrastructure. This is the 5th..

Credits and Partners

All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP2 / BVCP / ASPF-MILTER / PHP 8.3 / NGINX / FreeBSD