Arabic  Chinese (simplified)  Chinese (traditional)  French  German  Italian  Japanese  Korean  Portuguese  Russian  Spanish 

Processing order

From ASSPSMTP

Jump to: navigation, search
Advice
This article is incomplete. It is currently under construction and review for content, clarity and format. Help the community by adding content directly to this page or discuss what should go in this article on the discussion page!

This article describes the SMTP connection and transaction process, as well as the ASSP functions that take place during each step of the transaction.

On This Page


IP Connection

When the sending server first establishes an IP connection with ASSP.

  • denySMTPConnectionsFrom - deny connections from a static IP address list
  • exportExtremeFile - deny connections from a dynamic IP address list generated by the Penalty Box

SMTP Session Initialization

An SMTP session is initiated when a SMTP client opens a connection to a SMTP server and the server responds with an opening (banner) message.

Client Initiation (HELO/EHLO)

Once the SMTP server has sent the opening message and the client has received it, the SMTP client sends the HELO/EHLO command to the server, indicating the client's identity.

Mail Transactions

There are three steps to SMTP mail transactions. The transaction starts with a MAIL command which gives the sender identification. A series of one or more RCPT commands follows giving the receiver information. Then a DATA command initiates transfer of the mail data and is terminated by the "end of mail" data indicator, which also confirms the transaction.

Sender Identification (MAIL)

  • PenaltyExtreme - Penalty Box extreme blocking
  • ForgedHELO - verify HELO against localhost info (built-in)
  • DoRBLCache - reuse of cached DNSBL/RBL hits

Recipient Information (RCPT)

  • LocalAddresses_Flat - recipient verification via flat file
  • DoLDAP - recipient verification via LDAP look up
  • EnableDelaying - SMTP session delaying (greylisting)
  • DoFakedLocalHelo - verify HELO against localDomains
  • DoValidFormatHelo - format of HELO validation
  • DoInvalidFormatHelo - format of HELO invalidation
  • DoNoValidLocalSender - block spoofed sender addresses
  • DoNoSpoofing - block spoofed localDomains
  • DoReversed - verify that a PTR record exists in DNS
  • DoDomainCheck - verify that an MX and an A record exists in DNS
  • DoPenalty - Penalty Box standard blocking
  • ValidateSPF - SPF validation
  • ValidateRBL - DNSBL/RBL validation
  • DoBombHeaderRe

Message Body (DATA)

  • DoBombRe - Bomb list blocking
  • DoScriptRe - Script list blocking
  • UseAvClamd - ClamAV virus scanning
  • DoBayesian - Bayesian analysis

Bayesian Database Training

Once the mail is classified as ham or spam, the first MaxBytes of each spam message are logged in the corresponding spamlog corpus directory. Whitelisted and local mail is logged in the notspamlog directory. External non-spam mail is logged in the incomingOkMail directory, if enabled. Headers are updated as configured.

Messages in the corpus are processed and trained into the Bayesian database when the rebuildspamdb.pl script is run.

SMTP Session Termination (QUIT)

If at any point in the SMTP connection and/or transaction ASSP disconnects the client, the MTA will be sent a QUIT message so the session will not be left to time-out.

Retrieved from "http://www.asspsmtp.org/wiki/Processing_order"
These icons link to social bookmarking sites where readers can share and discover new web pages. Blinklist  del.icio.us  digg  Furl  Google  ma.gnolia  Reddit  Slashdot  Spurl  YahooMyWeb 
Personal tools