1.7.5.7 (0.0.07)


------   Network Setup    -----------------------------------------------

-listenPort (SMTP Listen Port ) 
The port number on which ASSP will listen for incoming SMTP connections (normally 25). You can specify both an IP address and port number to limit connections to a specific interface. Multiple ports  (interface:port) are possible separated by a pipe (|).Examples: 25 123.123.123.1:25|123.123.123.5:25 
Default: 25 

-smtpDestination (SMTP Destination) 
The IP address and port number of the MTA you want ASSP to proxy the messages to. If multiple servers are listed and the first listed MTA does not respond, each additional MTA will be tried. If only a port number is entered, or the dynamic keyword INBOUND is used with a port number, then the connection will be established to the local IP address on which the connection was received. This is useful when you have several IP addresses with different domains or profiles in your MTA. If INBOUND:PORT is used you need to set up EmailReportDestination (for Email-Interface, Blockreporting and Notifies) and sendAllDestination (Copy Spam )Examples:125123.123.123.1:125 123.123.123.1:125|123.123.123.5:125 
Default: 125 

-EmailReportDestination (ASSP Internal Mail Destination) 
Port to connect to when  ASSP sends replies to email-interface mails, notifications and block reports. Must be set when smtpDestination contains INBOUND. For example "10.0.1.3:1025", etc.  

-listenPort2 (Second SMTP Listen Port) 
A secondary port number on which ASSP can accept SMTP connections. This is useful as a dedicated port for VPN clients or for those who cannot directly send mail to a mail server outside of their ISP's network because the ISP is blocking port 25. You may also specify an IP address to limit connections to a specific interface. Multiple ports  (interface:port) are possible separated by a pipe (|).Examples: 587465|587192.168.0.100:587192.168.0.100:587|192.168.0.101:587  

-smtpAuthServer (Second SMTP Destination) 
The IP address! and port number to connect to when mail is received on the second SMTP listen port. If the field is blank, the primary SMTP destination will be used. The purpose of this setting is to allow remote users to make authenticated connections and transmit their email without encountering SPF failures.Examples:127.0.0.1:687, [::1]:687  

-EnforceAuth (Force SMTP AUTH on Second SMTP Listen Port) 
Force clients connecting to the second listen port to authenticate before transferring mail. To use this setting, both listenPort2 (Second SMTP Listen Port) and smtpAuthServer (Second SMTP Destination) must be configured.  

-DisableAuth (Disable SMTP AUTH for External Clients) 
If you have enabled SMTP AUTH on your MTA and you do not want  external clients to use SMTP AUTH - select this option.  

-ConnectionLog (Connections Logging) 
  

-enableINET6 (Enable IPv6 support) 
For IPv6 to be enabled, check this box. NOTE: Changing this requires a restart of ASSP.  

-smtpDestinationRT (SMTP Destination Routing Table ) 
If INBOUND is used in the SMTP Destination field, the rules specified here are used to route the inbound IP address to a different outbound IP address. You must specify a port number with the outbound IP address. This feature works by assigning as many IP numbers to ASSP as you have different receiving Mailservers. This can be avoided by using the advanced flow we recommend: 
  Example:141.120.110.1=>141.120.110.129:25|141.120.110.2=>141.120.110.130:125|141.120.110.3=>141.120.110.130:125 requires ASSP restart
Notes On Network Setup
  

------   SMTP Session Limits    -----------------------------------------------

-MaxErrors (Maximum Errors Per Session) 
The maximum number of SMTP session errors encountered before the
connection is dropped. Scoring is done  with meValencePB. 
Default: 5 

-maxSMTPSessions (Maximum Sessions) 
The maximum number of simultaneous SMTP sessions. This can prevent server overloading and DoS attacks. 64 simultaneous sessions are typically enough. No entry or zero means no limit. 
Default: 64 

-noMaxSMTPSessions (No Maximum Sessions IP numbers*) 
Mail from any of these IP numbers will pass through without checking maximum number of simultaneous SMTP sessions. For example: 145.145.145.145  

-maxSMTPipSessions (Maximum Sessions Per IP Number) 
The maximum number of SMTP sessions allowed per IP number. Use this setting to prevent server overloading and DoS attacks. 5 sessions are typically enough. If left blank or set to 0 there is no limit imposed by ASSP. ispip (ISP/Secondary MX Servers) and acceptAllMail (Accept All Mail) matches are excluded from SMTP session limiting. Scoring is done  with iplValencePB. 
Default: 5 

-maxSMTPipSessionsISPIP (ispip is included in Maximum Sessions Per IP Check) 
ispip (ISP/Secondary MX Servers) matches are not excluded from SMTP session limiting  

-SessionLog (Session Limit Logging) 
 
Default: standard 

-HeaderMaxLength (Maximum Header Size) 
The maximum allowed header length, in bytes. At each mail hop header information is added by the mail server. A large mail header can indicate a mail loop. If the value is blank or 0 the header size will not be checked. 
Default: 100000 

-MaxEqualXHeader (Maximum Equal Header Lines) 
The maximum allowed equal X-header lines - eg. "X-SubscriberID:". "Content-Transfer-Encoding" is also checked.
the value is set to 0 the header will not be checked for equal X-header 
lines. 
Default: 10 

-detectMailLoop (Detect Possible Mailloop) 
If set to a value higher than 0, ASSP count its own Received-header in the header of the mail. If this count exceeds the defined value, the transmission of the message will be canceled. 
Default: 3 

-maxSize (Max Size of Local Message) 
If the value of ([message size]) exceeds maxSize in bytes the transmission of the local message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the transmit size.  

-maxSizeExternal (Max Size of External Message) 
If the value of ([message size]) exceeds maxSizeExternal in bytes the transmission of the external message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the transmit size.  

-maxSizeError (Max Message Size Error) 
SMTP error message to reject maxSize / maxSizeExternal exceeding mails. For example:552 message exceeds MAXSIZE byte (size)! MAXSIZE will be replaced by the value of maxSize / maxSizeExternal. 
Default: 552 message exceeds MAXSIZE byte (size) 

-maxRealSize (Max Real Size of Local Message) 
If the value of (number of [rcpt to] * [message size]) exceeds maxRealSize in bytes the transmission of the local message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the total transmit size.  

-maxRealSizeExternal (Max Real Size of External Message) 
If the value of (number of [rcpt to] * [message size]) exceeds maxRealSizeExternal in bytes the transmission of the external message will be canceled. No limit is imposed by ASSP if the field is left blank or set to 0. This option allows admins to limit useless bandwidth wasting based on the total transmit size.  

-maxRealSizeError (Max Real Size Error Message) 
SMTP error message to reject maxRealSize exceeding mails. For example:552 message exceeds MAXREALSIZE byte (size * rcpt)! MAXREALSIZE will be replaced by the value of maxRealSize. 
Default: 552 message exceeds MAXREALSIZE byte (size * rcpt) 

-smtpIdleTimeout (SMTP Idle Timeout) 
The number of seconds a session is allowed to be idle before being forcibly disconnected. The default is 300 seconds. No limit is imposed by ASSP if the field is left blank or set to 0. If you have not defined an IdleTimeout on your MTA, this value should not be set to 0, because then a connection will never be timed out! Scoring is done  with toValencePB. 
Default: 300 

-CheckEarlyTalker (Check for Misbehaving SMTP session) 
  

-smtpNOOPIdleTimeout (SMTP Idle Timeout after NOOP) 
The number of seconds a session is allowed to be idle after a "NOOP" command is received, before being forcibly disconnected. The default is 0 seconds. No limit is imposed by ASSP if the field is left blank or set to 0.
  This should prevent hackers to hold and block connections by sending "NOOP" commands short before the "smtpIdleTimeout" is reached.  

-smtpNOOPIdleTimeoutCount (SMTP Idle Timeout after NOOP Count) 
The number of counts a session is allowed send "NOOP" commands following on each other, before being forcibly disconnected. The default is 0. No limit is imposed by ASSP if the field is left blank or set to 0.
  This in cooperation with "smtpNOOPIdleTimeout" should prevent hackers to hold and block connections by sending repeatedly "NOOP" commands short before the "smtpNOOPIdleTimeout" is reached. If "smtpNOOPIdleTimeout" is not defined or 0, this value will be ignored!Notes On SMTP Session Limits  

------   TestMode/Spam Control   -----------------------------------------------

-blockTestModeExtreme (Block when Scoring is in Extreme range) 
If set, TestMode will be ignored when the total score from DoPenaltyMessage surpasses MessageScoringExtremeLimit or the total score from DoPenalty surpasses PenaltyExtreme.  

-allTestMode (All TestModes ON ) 
Set all filters to TestMode   

-attachTestMode (Bad Attachment TestMode) 
-> DoBlockExes  

-baysTestMode (Bayesian TestMode) 
-> DoBayesian 
Default: On 

-blTestMode (BlackDomain TestMode) 
-> DoBlackDomain  

-bombheaderTestMode (Bomb Header Regex TestMode) 
-> DoBombHeaderRe  

-bombTestMode (Bomb Regex TestMode) 
-> DoBombRe  

-blackTestMode (Black Regex TestMode) 
-> DoBlackRe  

-fhTestMode (Forged Helo TestMode) 
-> DoFakedLocalHelo  

-fromTestMode (No From TestMode) 
-> DoNoFrom  

-flsTestMode (No Spoofing TestMode) 
-> DoNoValidLocalSender, DoNoSpoofing  

-hlTestMode (Helo Blacklist TestMode) 
-> useHeloBlacklist  

-ihTestMode (Invalid Helo TestMode) 
-> DoInvalidFormatHelo  

-msTestMode (Message Scoring TestMode) 
-> DoPenaltyMessage  

-mxaTestMode (Missing MX Record TestMode) 
-> DoMXACheck  

-pbTestMode (Penalty Box TestMode) 
-> DoPenalty, DoPenaltyExtreme  

-ptrTestMode (Reversed Lookup TestMode) 
-> DoReversed  

-rblTestMode (DNSBL TestMode) 
-> ValidateRBL  

-scriptTestMode (Script Regex TestMode) 
-> DoScriptRe  

-sbTestMode (SenderBase TestMode) 
-> DoSenderBase DoCountryBlocking DoOrgBlocking   

-sigTestMode (Message-ID Signing TestMode) 
-> DoMSGIDsig  

-spfTestMode (SPF TestMode) 
-> ValidateSPF  

-srsTestMode (SRS TestMode) 
-> EnableSRS  

-uriblTestMode (URIBL TestMode) 
-> ValidateURIBL  

-spamSubject (Prepend Spam Subject ) 
Setting a filter to testmode will tell ASSP not to reject the mail but rather build up the whitelist and spam and notspam collections. This can go on for some time without disturbing normal operation. After this very important phase TestMode can be used to tag the message: if TestMode and the message is spam Spam Subject gets prepended to the subject of the email. For example: [SPAM]  

-spamTag (Prepend Spam Tag) 
ASSP uses many methods. The method which caught the spam  will be prepended to the subject of the email. For example: [DNSBL]Notes On Testmode  

-SpamError (Spam Error) 
SMTP error message to reject spam. The literal LOCALDOMAIN will be replaced by the recipient domain or defaultLocalHost. SESSIONID will be replaced by the unique ASSP identifier. REASON will be replaced by the actual reason. 
Default: 554 5.7.1 Mail (SESSIONID) appears to be unsolicited - REASON - contact postmaster@LOCALDOMAIN for resolution 

-redRe (Regular Expression to Identify Redlisted Mail*) 
If an email matches this Perl regular expression it will be 
considered redlisted.
The Redlist serves two purposes:
1) the Redlist is a list of addresses that cannot contribute to the 
whitelist and which are not considered local even if their mail is 
from a local computer. For example, if someone goes on a vacation and 
turns on their autoresponder, put them on the redlist until 
they return. Then as they reply to every spam they receive they won't 
corrupt your non-spam collection or whitelist: \[autoreply\]
2) Redlisted addresses will not be added to the Whitelist.
3) Redlisted messages will not be stored in the 
SPAM/NOTSPAM-collection if DoNotCollectRedList and/or DoNotCollectRedRe is set. 
As all fields marked by * this field accepts 
a list separated by | or a plain ASCII file one address per line: 'file:files/redre.txt'.  
Default: file:files/redre.txt 

-send250OK (Send 250 OK ) 
Set this checkbox if you want ASSP to reply with '250 OK' instead of SMTP error code '554 5.7.1'.  

-AddSpamHeader (Add Spam Header) 
Adds a line to the email header "X-Assp-Spam: YES" if the message is spam. 
Default: On 

-AddCustomHeader (Add Custom Header) 
Adds a line to the email header if the message is spam. For example:  
Default: X-Spam-Status:yes 

-AddLevelHeader (Add Graphical Level Header) 
Adds a line to the email header "X-Assp-Spam-Level:**** " showing the totalscore represented by stars.  

-AddSubjectHeader (Add X-ASSP-Original-Subject Header) 
Adds a line to the email header "X-ASSP-Original-Subject: the subject". 
Default: On 

-AddIPHeader (Add IP Match Header) 
Add X-Assp- header for all IP matches. 
Default: On 

-AddRegexHeader (Add  RegEx Match Header) 
 
Default: On 

-AddSpamReasonHeader (Add Spam Reason Header) 
Adds a line to the email header "X-Assp-Spam-Reason: " explaining why the message is spam.Notes On Spam Control 
Default: On 

------   SPAM Lover/Hater   -----------------------------------------------

-spamSubjectSL (Suppress SpamSubject to SpamLover-Messages) 
If set spamSubject does NOT get prepended to the subject of any SpamLover-Message.  

-spamLoverSubjectSelected (Suppress SpamSubject For Selected Recipients*) 
spamSubject does NOT get prepended to the subject for these recipients. To enable the selection you need to uncheck spamSubjectSL. 
Default: ALL 

-SpamLoverTag (SpamLover Tag) 
 
Default: [sl] 

-spamTagSL (Suppress spamTags to SpamLover-Messages) 
If set, spamTags does NOT get prepended to the subject of the SpamLover-Message. 
Default: On 

-baysSpamLovers (Bayesian SpamLover*) 
  

-spamLovers (All SpamLover*) 
spamLovers are lists of criteria that when matched will allow a SMTP session through ASSP's filter process, regardless of what blocking functions match and would otherwise cause the message to be rejected. However, there is an exception to this when there are multiple recipients that do not all match the criteria of the spam Lovers match. In this exception the message will be processed normally and will be subjected to all blocking criteria.
 This can be specified per filter or for all messages. Messages to SpamLovers are processed and filtered by ASSP, but get tagged with spamSubject and are not blocked ( spamSubjectSL will suppress this. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).  
Default: abuse 

-SpamLoversRe (Regular Expression to Identify  SpamLover*) 
If a message matches this regular expression it will be considered a SpamLover message.  

-blockSpamLoversExtreme (Block SpamLovers when Scoring is Extreme ) 
If set, spamlovers will be blocked when the total score from DoPenaltyMessage surpasses MessageScoringExtremeLimit or the total score from DoPenalty surpasses PenaltyExtreme.  

-strictSpamLovers (Strict SpamLover*) 
Ignore MessageScoringExtremeLimit for these recipients  

-baysSpamLovers (Bayesian SpamLover*) 
  

-baysSpamLoversRe (Regular Expression to Identify Bayesian SpamLover*) 
If a message matches this regular expression it will be considered a Bayesian SpamLover message. For example: passwor|news  

-baysSpamLoversRed (Do not store Bayesian SpamLover in SpamDB) 
If set, prevents mail to Bayesian SpamLover from being stored in Spam/Notspam folder.  

-blSpamLovers (SpamLover Blacklisted Domains Check*) 
  

-blackSpamLovers (SpamLover Black Regex Check*) 
  

-bombSpamLovers (SpamLover Bomb Check*) 
  

-hlSpamLovers (SpamLover Blacklisted HELO Check*) 
  

-hiSpamLovers (SpamLover Valid/Invalid Helo Check*) 
  

-atSpamLovers (SpamLover Bad Attachment & Virusscan  Check*) 
  

-spfSpamLovers (SpamLover SPF Check*) 
  

-rblSpamLovers (SpamLover DNSBL Check*) 
  

-uriblSpamLovers (SpamLover URIBL Check*) 
  

-srsSpamLovers (SpamLover SRS Signed Bounces Check*) 
  

-delaySpamLovers (SpamLover Greylisting/Delaying*) 
These Recipients will not be delayed/greylisted.  

-isSpamLovers (SpamLover Invalid Sender Check*) 
  

-mxaSpamLovers (SpamLover Missing MX Check*) 
  

-ptrSpamLovers (SpamLover Invalid/Missing PTR Check*) 
  

-pbSpamLovers (SpamLover PenaltyBox Check*) 
  

-sbSpamLovers (SpamLover Country Check*) 
  

-spamHaters (All SpamHaters*) 
SpamHaters are used to override SpamLovers / Testmodes / Tagmodes.
 If a recipient is set as as SpamHater, all spam-messages are blocked, no tagging only will work.
 Example: If you have set your entire domain as a SpamLover(s), but there are still some addresses you still wish to block spam for. The message will only be blocked if all recipients are SpamHaters. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).For example: *fribo@example.com|jhanna|@example.org   

-baysSpamHaters (Bayesian SpamHater*) 
  

-rblSpamHaters (DNSBL Failures SpamHater*) 
  

-hlSpamHaters (HELO Blacklisted SpamHater*) 
  

-pbSpamHaters (PenaltyBox Blocking SpamHater*) 
 Notes On SpamLover  

------   NoProcessing   -----------------------------------------------

-npSizeIncoming (Incoming Messages NoProcessing Size) 
This limit ensures that only incoming messages smaller than this limit are processed by ASSP. Most spam
isn't bigger than a few k. ASSP will treat incoming messages larger than this SIZE (in bytes) as 'NoProcessing' mail. Empty or 0 disables the feature. 
Default: 256000 

-noProcessingIPs (NoProcessing IPs*) 
Mail from any of these IP numbers will pass through without processing. 
 For example: 145.145.145.145|146.145.  All fields marked by '*' accept  a filepath/filename : 'file:files/ipnp.txt'. 
Default: file:files/ipnp.txt 

-noProcessing (NoProcessing Addresses*) 
Mail solely to or from any of these addresses are proxied without processing. Like a more efficient version of SpamLovers and redlist combined. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).  

-noProcessingFrom (NoProcessing Addresses From*) 
Mail solely from any of these addresses are proxied without processing. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).  

-noProcessingDomains (NoProcessing Domains*) 
Domains from which you want to receive all mail and  proxy without processing. Your ISP, domain registration, mail list servers, stock broker, or other key business partners might be good candidates. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that buy.com would also match spambuy.com but .buy.com won't match buy.com. For example: sourceforge.net|@google.com|.buy.com 
Default: sourceforge.net 

-noNoProcessing (Do not mark these Addresses as Noprocessing*) 
Enter senders email addresses that you want to be processed, even if they are in noprocessing lists. You can list specific addresses (user@anydomain.com), addresses at any domain (user), or entire domains (@anydomain.com).  Wildcards are supported (fribo*@domain.com).For example: fribo@anydomain.com|jhanna|@sillyguys.org or place them in a plain ASCII file one address per line: 'file:files/nodelayuser.txt'.  

-npRe (Regular Expression to Identify NoProcessing External Mails*) 
If a message matches this Perl regular expression ASSP will treat the message as a 'NoProcessing' mail. For example: aspecialpassingkey  

-processOnlyAddresses (Process Only These Addresses*) 
Mail solely to or from any of these addresses will be processed by ASSP. All others will be proxied without processing. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com). Note that if an address matches both the NoProcessing and the OnlyTheseProcessing lists, the NoProcessing rules take precedence.  

-poTestMode (Enable Process Only Addresses) 
Notes On NoProcessing  

------   Whitelisting/RWL   -----------------------------------------------

-whiteListedIPs (Whitelisted IPs*) 
They  contribute to the Whitelist and to Notspam. For example: 145.145.145.145|146.145.  All fields marked by '*' accept  a filepath/filename : 'file:files/ipwl.txt'.  

-whiteRe (Regular Expression to Identify Non-Spam** ) 
If an incoming email matches this Perl regular expression it will be considered non-spam.For example: Secret Ham Password|307\D{0,3}730\D{0,3}4[12]\d\d  

-whiteReMaxHits (Maximum Hits in whiteRe) 
Number of matches to be max scored. If the total sum of matches is >= whiteValencePB the message will be considered 'whitelisted'. 
Default: 1 

-whiteListedDomains (Whitelisted Domains and Addresses*) 
Domains and addresses from which you want to receive all mail. Your ISP, domain registration, mail list servers, stock broker, or other key business partners might be good candidates. Be careful not to put widely used domains here like google.com or hotmail.com. Our recommended approach is to put whitelisted domains into whiteSenderBase. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that example.com would also match spamexample.com but .example.com won't match example.com. Wildcards are supported. For example: sourceforge.net|group*@google.com|.example.com. *You may place them in a plain ASCII file one address per line:'file:files/whitedomains.txt' 
Default: sourceforge.net 

-whiteListedDomainsPassSPF (Use SPF to validate whiteListedDomains) 
Check this if you don't want ASSP to use whiteListedDomains without a corresponding SPF record.  

-wildcardUser (Wildcard User to Whitelist a Domain ) 
If you add this user (eg: *@example.com) via email-interface ( EmailWhitelistAdd ), the whole domain will be whitelisted. 
Default: * 

-WhitelistOnly (Reject All But Whitelisted Mail) 
Check this if you don't want Bayesian filtering and want to reject all mail from anyone not whitelisted.  

-NoAutoWhite (Only Email-Interface Addition to Whitelist.) 
Check this box to  allow additions to the whitelist by EmailWhitelistAdd only.  

-NotGreedyWhitelist (Only the envelope-sender is added/compared to the whitelist) 
Normal operation includes addresses in the FROM, SENDER, REPLY-TO, ERRORS-TO, or LIST-* header fields.This allows nearly all list email to be whitelisted. Check this option to disable this. Will not apply if you add/remove whitelist entries via email-interface.  

-WhitelistLocalOnly (Only local or authenticated users contribute to the whitelist.) 
Normal operation allows all local, authenticated, or whitelisted users to contribute to the whitelist.Check this box to not allow whitelisted users to add to the whitelist.  

-WhitelistLocalFromOnly (Only users with a local domain in mailfrom contribute to the whitelist.) 
Check this box to prevent sender with non-local domains ( not in localDomains) from contributing to the whitelist. (for example: redirected messages). 
Default: On 

-WhitelistAuth (Whitelist authenticated users.) 
  

-UpdateWhitelist (Save Whitelist) 
Save a copy of the white list every this many seconds. Empty or Zero will prevent any saving.Note: the current timeout must expire before the new setting is loaded, or you can restart.Notes On Whitelist 
Default: 3600 

-MaxWhitelistDays (Max Whitelist Days) 
This is the number of days an address will be kept on the whitelist without any email to/from this address. 
Default: 999 

-DoOKCaching (Enable OKAddress Cache) 
OKAddress: If a message is marked 'Message OK' the sender addresses are called 'OK Addresses'. These are addresses which are not whitelisted but the sender did not send spam and did send notspam several times . Whitelisting and/or Exporting is done according to OKminhits and OKtoWhitelistAge. Scoring is done  with okaValencePB.  
Default: export 

-NoOKCachingRe (Regular Expression to Identify NoCaching Addresses*) 
If an address matches this Perl regular expression ASSP will not cache them in OKAddress Cache.  For example: reply|bounce|www|daemon|master|\.info|\.biz|^prvs 
Default: reply|bounce|www|daemon|master|\\.info|\\.biz|^prvs 

-OKCacheExp (OK Cache Refresh Interval) 
OK Adresses in cache will be removed after this interval in days. 0 will disable the cache.   
Default: 90 

-OKminhits (Minimum Hits in OK Cache) 
If a message is marked 'Message OK' the sender addresses are stored in the OK cache. The address will be exported / added to the whitelist if the number of hits in the cache reaches OKminhits. 
Default: 3 

-OKexportFile (Exported OK Adresses ) 
OK adresses in cache reaching OKminhits will be regularly stored into this file.  
Default: file:files/okexport.txt 

-OKtoWhitelistAge (OK Cache Age for Exporting/Whitelisting) 
OK Adresses in cache can be exported and/or whitelisted after reaching this age in hours. 0 will allow export regardless of age. OK Adresses are removed from cache by Spam coming from them.  
Default: 48 

-ValidateRWL (Enable Realtime Whitelist Validation) 
RWL: Real-time white list. These are lists of IP addresses that have somehow been verified to be from a known good host. Senders that pass RWL validation will pass IP-based filters. Scoring is done  with rwlValencePB for 'pass' and rwlnValencePB for 'neutral' results.  

-RWLtoWhitelist (Add MailFrom to Whitelist) 
If ValidateRWL is set to 'whiting' and the trustworthiness is medium/high , the MailFrom address will be added to the whitelistdb.
Trustworthiness : (127.0.x.T):
0 = none 
1 = low
2 = medium
3 = high 
Default: On 

-RWLServiceProvider (RWL Service Providers*) 
Hostnames of RWLs to use separated by "|".Examples are: list.dnswl.org|query.bondedsender.org 
Default: list.dnswl.org|query.bondedsender.org 

-RWLmaxreplies (Maximum Replies) 
A reply is affirmative or negative reply from a RWL. The RWL module will wait for this number of replies (negative or positive) from the RWLs listed under Service Provider for up to the Maximum Time below. This number should be equal to or less than the number of RWL Service Providers listed to allow for randomly unavailable RWLs.  
Default: 1 

-RWLminhits (Minimum Hits) 
A hit is an affirmative response from a RWL. The RWL module will check all of the RWLs listed under Service Provider, and flag the email with a RWL 'pass' flag if equal to or more than this number of RWLs return a postive whitelisted response. If the number is less but not zero the email is marked 'neutral' 
Default: 1 

-RWLmaxtime (Maximum Time) 
This sets the maximum time to spend on each message performing RWL checks 
Default: 5 

-noRWL (Dont Validate RWL for these IPs*) 
Enter IP addresses that you don't want to be RWL validated, separated by pipes (|). For example: 145.145.145.145|146.145.  

-AddRWLHeader (Add X-Assp-Received-RWL Header) 
Add X-Assp-Received-RWL header to header of all emails processed by RWL. 
Default: On 

-RWLCacheExp (RWL Cache Expiration Time) 
IPs in cache will be removed after this interval in hours. 0 will disable the cache.   
Default: 72 

-RWLLog (Enable RWL logging) 
Notes On RWL 
Default: standard 

------   Relaying    -----------------------------------------------

-acceptAllMail (Accept All Mail*) 
Relaying is allowed for these IPs. They  contribute also to the whitelist. This can take either a directly entered list of IP numbers separated by pipes or place them in a plain ASCII file one address per line: 'file:files/acceptall.txt'.An IP range is defined e.g. '182.82.10.'. CIDR notation is accepted (182.82.10.0/24). Hyphenated ranges can be used (182.82.10.0-182.82.10.255)  

-relayHostFile (Relay Host File ) 
Similar to  acceptAllMail, but this is a file with an ABSOLUTE path, not relative to base. No IP-blocks supported. For example: /usr/local/assp/relayhosts  

-localDomains (Local Domains*) 
Check local domains against these addresses.  Separate addresses with |  or place them in a plain ASCII file one address per line: 'file:files/localdomains.txt'. Wildcards are supported. For example: example.org|*example.com
 
 You can use the syntax: mydomain.com=>smtp.mydomain.com|other.com=>mx.other.com:port to verify the recipient addresses with the SMTP-VRFY  (if VRFY is not supported 'MAIL FROM:' and 'RCPT TO:' will be used)  command on other SMTP servers. The entry behind => must be the hostname:port or ip-address:port of the MTA which is used to verify 'RCPT TO' addresses with a VRFY command! If :port is not defined, port :25 will be used. You have to enable the SMTP 'VRFY' command on your MTA - the 'EXPN' command should be enabled! This requires an installed  module in PERL. 
 If you have configured LDAP and enabled DoLDAP and ASSP finds a VRFY entry for a domain, LDAP search will be done first and if this fails, the VRFY will be used.

 It is recommended to configure ldaplistdb in the 'File Paths and Database' section when using this verify extension - so ASSP can store  all verified recipient addresses to minimize the querys on MTA's. There is no need to configure LDAP, but both VRFY and LDAP are using ldaplistdb. 
Default: file:files/localdomains.txt 

-localDomainsFile (Local Domains File) 
Similar to localDomains, but with absolute path to the file. Wildcards are not supported. For access to MTA generated files.   

-DoLocalIMailDomains (Local IMail domains) 
Consider domains in the IMail registry to be local  

-nolocalDomains (Skip Local Domain Check) 
Do not check relaying for invalid domains - let the MTA do it. This can be set to prevent "Relaying not allowed" errors during setup and testing. Attention: Checking this will make ASSP an open relay.  

-ldLDAP (Do LDAP lookup for local domains) 
Check local domains against an LDAP database.Note: Checking this requires filling in LDAP DomainFilter ( ldLDAPFilter ).This requires an installed  module in Perl.  

-ldLDAPFilter (LDAP Filter for Local Domains) 
This filter is used to query the LDAP database. This strongly depends on the LDAP structure.The filter must return an entry if the domain must be relayed.The literal DOMAIN (case sensitive) will be replaced by the domain name during the search.  

-ispip (ISP/Secondary MX Servers*) 
Enter any addresses that are your ISP or backup MX servers, separated by pipes (|). These addresses will (necessarily) bypass Griplist, IP Limiting, Delaying, PenaltyBox, SPF, DNSBL and SRS checks unless the IP can be determined by ispHostnames (ISP Connecting IP). For example: 145.145.145.145|145.145.145.146.  

-contentOnlyRe (Regular Expression to Identify Forwarded Messages*) 
Put anything here to identify messages which should bypass all IP based filter like PB, Sender Validation, Griplist, IP Limiting, Delaying, SPF, DNSBL and SRS. For example:  email addresses of people who are forwarding from other accounts to their mailbox on your server.  

-ispHostnames (Regular Expression to Identify Originating IP*) 
If ASSP runs behind another server(s), no IP/HELO based filter will work. If you put here the receiving Host(s) of the frontend server(s) ASSP will use the originating IP to perform IP and HELO checks.For example: mx1.yourisp.com or mx1.yourisp.net|mx2.yoursecondary.com. This hostnames are found in the 'Received:' header, like  'Received: from ...123.123.123.123... by mx1.yourisp.com'.   

-OriginatingIP (Text to Identify Originating IP Header*) 
If ASSP runs behind another server(s), no IP/HELO based filter will work. If a special header with the originating IP is inserted from the frontend serber ASSP will use the originating IP to perform IP and HELO checks.For example: X-Forwarded-For|X-Originating-IP  
Default: X-Forwarded-For|X-Originating-IP 

-reply250OKtoISP (Send 250 OK To ISP/Secondary MX Servers) 
Set this checkbox if you want ASSP to reply to IP numbers in ispip with '250 OK' instead of SMTP error code '554 5.7.1'.   

-ispgripvalue (ISP/Secondary MX Grip Value) 
It is recommended  to set it to 0.5 (Completely GReyIP) for ISP and Secondary MX servers. If left blank the Griplist X value is used (percentage of spam messages in relation to total). Note: value should be greater than 0 and less than 1, where 0 = never spam and 1 = always spam 
Default: 0.5 

-BounceSenders (Bounce Senders*) 
Envelope sender addresses treated as bounce origins. Null sender (\) is always included.
 Accepts specific addresses (postmaster@example.com), usernames (mailer-daemon), or entire domains (@bounces.domain.com)Separate entries with pipes: |. For example: postmaster|mailer-daemon 
Default: postmaster|mailer-daemon 

-PopB4SMTPFile (Pop Before SMTP DB File) 
Enter the DB database filename of your POP before SMTP implementation with records stored for dotted-quad IP addresses.For example: /etc/mail/popip.db  

-PopB4SMTPMerak (Pop Before SMTP Merak Style) 
If set Merak 7.5.2 is supported.  

-relayHost (Relay Host) 
Your isp's mail relayhost (smarthost). For example: mail.isp.com:25if you run Exchange/Notes and you want assp to update the nonspam database and the whitelist, then enter your isp's smtp relay host here. Blank means no relayhost.   

-relayAuthUser (User to Authenticate to Relay Host) 
The username used for SMTP AUTH authentication to the relayhost  - for example, if your ISP need authentication on the SMTP port! Supported authentication methodes are PLAIN, LOGIN, CRAM-MD5 and DIGEST-MD5 . If the relayhost offers multiple methodes, the one with highest security option will be used. The Perl module  must be installed to use this feature! The usage of this feature will be skipped, if the sending MTA uses the AUTH command. Leave this blank, if you do not want use this feature.  

-relayAuthPass (Password to Authenticate to Relay Host) 
The password used for SMTP AUTH authentication to the relayhost ! Leave this blank, if you do not want use this feature.  

-relayPort (Relay Port) 
Tell your mail server to connect to this port as its smarthost/relayhost. For example: 225 Note that you'll want to keep the relayPort protected from external access by your firewall.You can supply an interface:port to limit connections.  

-allowRelayCon (Allow Relay Connection from these IPs*) 
Enter any addresses that are allowed to use the relayPort , separated by pipes (|). If empty, any ip address is allowed to connect to the relayPort. If this option is defined, keep in mind : Addresses defined in acceptAllMail are NOT automaticly included and have to be also defined here, if they should be allowed to use the relayPort. For example: 127.0.0.1|172.16..  

-RelayLog (Enable Relay logging) 
 
Default: standard 

-NoRelaying (Relaying Error ) 
SMTP error message to deny relaying. 
Default: 530 Relaying not allowed 

-NoRelayingStrict (Drop Connection if Relaying Error) 
Set this checkbox if you want ASSP to drop the connection immediately after an Relaying Error is encountered.  

-defaultLocalHost (Default Local Domain) 
If you want to be able to send mail to local users without a domain name then put the default local domain here.  Blank disables this feature. For example: example.comNotes On Relaying 
Default: assp.local 

------   Control Outgoing    -----------------------------------------------

-NoExternalSpamProb (No Outgoing Spam-Prob header) 
Check this box if you don't want your X-Assp-Spam-Prob header on outgoing mail
 Note this means mail from local users to local users will also be missing the header. 
Default: On 

-npLocalRe (Regular Expression to Identify NoProcessing Local Mails*) 
If a external message matches this Perl regular expression ASSP will treat the message as a 'NoProcessing' mail. For example: autoreply  

-LocalFrequencyInt (Local Frequency Interval) 
The time interval in seconds in which the number of envelope recipients per sending address has not to exceed a specific number ( LocalFrequencyNumRcpt ).
  Use this in combination with LocalFrequencyNumRcpt to limit the number of recipients in a given interval, to prevent local abuse - for example from highjacked local accounts. A value of 0 (default) will disable this feature and clean the cache within five minutes. It is recommended to enable DoLocalSenderAddress and/or DoLocalSenderDomain, if you want to use this feature. To give users the chance to inform an admin about such blocked mails, local mails to EmailAdmins are never blocked because of that feature.
    

-LocalFrequencyNumRcpt (Local Frequency Recipient Number) 
The number of envelope recipients per sending address that has not to exceed in a specific time interval ( LocalFrequencyInt ).
  Use this in combination with LocalFrequencyInt to limit the number of recipients in a given interval, to prevent local abuse - for example from highjacked local accounts. A value of 0 (default) will disable this feature and clean the cache within five minutes. It is recommended to enable DoLocalSenderAddress and/or DoLocalSenderDomain, if you want to use this feature. To give users the chance to inform an admin about such blocked mails, local mails to EmailAdmins are never blocked because of that feature. 
    

-LocalFrequencyOnly (Check local Frequency for this Users only*) 
A list of local addresses, for which the 'local frequency check' should be done. Leave this field blank (default), to do the check for every address.
  Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).  Wildcards are supported (fribo*@domain.com).
  For example: fribo*@thisdomain.com|jhanna|@sillyguys.org   

-NoLocalFrequency (Check local Frequency NOT for this Users*) 
A list of local addresses, for which the 'local frequency check' should not be done. Noprocessing messages will skip this check.
  Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).  Wildcards are supported (fribo*@domain.com).
  For example: fribo*@thisdomain.com|jhanna|@sillyguys.org   

-DoLocalSenderDomain (Do Local Domain Check for Local Sender) 
If activated, each local sender address must have a valid Local Domain - needs localDomains or localDomainsFile or ldLDAP or DoLocalIMailDomains.  

-DoLocalSenderAddress (Do Local Address Check for Local Sender) 
If activated, each local sender must have a valid Local Address - needs DoVRFY or DoLDAP or LocalAddresses_Flat.  

-LocalSender2NULL (Move Local Connection with wrong Sender Address to NULL) 
If set, ASSP will move all Local connections where the sender failed DoLocalSenderDomain or DoLocalSenderAddress to a NULL-connection. The sender will receive "250 OK".Notes On Control Outgoing  

------   Validate Recipients   -----------------------------------------------

-ValidateUserLog (Enable User Validation logging) 
 
Default: standard 

-LocalAddresses_Flat (Lookup Local Addresses from Here*) 
This is an optional list of local addresses for all MTAs behind ASSP. If it is empty ASSP will look for other methods of verification (DoLDAP, DoVRFY). All verifications need a localDomains list to work properly. If no ASSP-verification is used, the MTA behind ASSP will do it. You can list specific addresses (user@example.com), addresses at any local domain (user), or entire domains (@example.com).  Wildcards are supported (fribo*@example.com). Separate entries with a pipe (|).For example: fribo@example.com|jhanna|@example.org . You may use a plain ASCII file 'file:files/localuser.txt'.  

-LocalAddresses_Flat_Domains (Use Entries without leading @ as Domains) 
If set entries in LocalAddresses_Flat without leading '@' are handled as domains,for example 'example.com' means an entire domain.  

-LocalAddressesNP (Do Not Validate Local Addresses if in NoProcessing List) 
If a recipient is found in NoProcessing, the user validation is skipped.   

-RejectTheseLocalAddresses (Bounce These Local Addresses*) 
If ANY recipient is on reject list, the message will not be delivered. Used for disabled legitimate accounts, where a user may have left the company. This stops wildcard mailboxes from getting these messages. You can list specific addresses (user@example.com), addresses at any local domain (user), or entire domains (@example.com).  Wildcards are supported (fribo*@example.com). The field (indicated by the '*') accepts a list separated by '|' (for example: fribo*@example.com|@example.com|user) or a file designated as follows (path relative to the ASSP directory): 'file:files/filename.txt'. Putting in the file: will prompt ASSP to put up a button to edit that file. files is the subdirectory for files. The file must not exist, you can create it by saving it. The file must have one entry per line; anything on a line following a numbersign or a semicolon ( #  is ignored (a comment)  

-BlockLocalAddressesRe (Block Local Addresses Regular Expression*) 
Block all addresses which match this RegEx. Note: if you want to block the pipe char '|' it must be masked with the mask character '\' . You may also use metacharacter brackets ([]) for this purpose. 
Default: [|] 

-AllowLocalAddressesRe (Allow Local Addresses Regular Expression*) 
Allow only addresses which match this RegEx.  

-TrapLog (Enable Trap logging) 
  

-spamtrapaddresses (Trap Addresses* ) 
Mail to any of these addresses will be blocked and the scoring value is added. These addresses are not checked for validity. Entries are separated by '|' where '*' can be used as a match anything wildcard. Entries that start with '@' indicate that all addresses with that domain should match. Entries without '@' indicate the user part of email addresses with any domain.
Valid entries are:
john.doe@example.tld|jane.doe|@example.tld|*.department@example.tld 
Default: put|your@penaltytrap.com|addresses|@example.org 

-SpamTrap2NULL (Move Connection with Trap Addresses to NULL) 
If set, ASSP will move connections with spamtrapaddresses to a NULL-connection. The sender will receive "250 OK". 
Default: On 

-TrapReply (Trap Reply) 
SMTP reply for trapaddresses. Default: '550 5.1.1 User unknown: EMAILADDRESS'  The literal EMAILADDRESS (case sensitive) is replaced by the fully qualified SMTP recipient (e.g., thisuser@example.com). Make this empty if you do not want to be polite. 
Default: 550 5.1.1 User unknown: EMAILADDRESS 

-DoPenaltyMakeTraps (Cache Unknown Addresses) 
If enabled, unknown addresses are cached. If set to 'use for spamtrapaddresses' very activ addresses will be used like spamtrapaddresses. If set to 'use for spamaddresses'  they will work like spamaddresses. If set to 'use for validation' all entries regardless of their frequency will be used to validate incoming addresses. Note: LocalAddresses_Flat or DoLDAP or DoVRFY must be enabled. 
Default: use for spamaddresses 

-PenaltyMakeTraps (Unknown Address Frequency  Limit) 
Minimum number of times an address must appear during PBTrapCacheExp before it will be used as spamaddress/spamtrapaddress. For example: 10. 
Default: 10 

-noPenaltyMakeTraps (Exceptionlist for Address Cache*) 
Addresses which should not be cached. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).  

-PBTrapCacheExp (Address Cache Expiration) 
Addresses will be removed after this interval in hours if the 'Invalid Addresses Frequency Limit' is not reached. For example 3.  
Default: 3 

-DoVRFY (Verify Recipients with SMTP-VRFY) 
If activated and the format 'Domain=>MTA' is encountered in
 localDomains recipient addresses will be verified with SMTP-VRFY (if  VRFY is not supported 'MAIL FROM:' and 'RCPT TO:' will be used).
 If you know that VRFY is not supported with a MTA, you may put the MTA into VRFYforceRCPTTO. 
Default: On 

-VRFYQueryTimeOut (SMTP VRFY-Query Timeout) 
The number of seconds ASSP will wait for an answer of the MTA that is queryed with the VRFY command to verify a recipient address. See description of localDomains for the necessary modification to localDomains to run this feature 
Default: 5 

-VRFYforceRCPTTO (Force the usage of RCPT TO*) 
Define local MTAs here for which you want ASSP to force the usage of 'MAIL FROM:' and 'RCPT TO:' instead of the VRFY command. The definition of the MTA(s) has to be exactly the same as already defined in localDomains (after the '=>') for example: smtp.mydomain.com|mx.other.com:port|10.1.1.1|10.1.1.2:125 .  

-DisableVRFY (Disable VRFY for External Clients) 
If you have enabled VRFY on your MTA to allow ASSP to verify addresses and you do not want external clients to use VRFY/EXPN - select this option. 
Default: On 

-MaxVRFYErrors (Maximum recipient verification Errors) 
The maximum number of failed 'RCPT TO' or 'VRFY' commands encountered before the connection is dropped. ASSP will drop the connection, if the count of '550 unknown user' errors, received from your 'smtpDestination'(MTA), reached this value! 
Default: 5 

-VRFYFail (VRFY failures return false) 
VRFY failures return false when an error occurs in VRFY lookups.  

-VRFYLog (Enable VRFY logging) 
 
Default: standard 

-DoMaxDupRcpt (Block Max Duplicate Recipients) 
Block remote servers that uses the same recipient address more times, than the number defined in MaxDupRcpt in the RCPT TO: command. Scoring is done with mdrValencePB . This check is skipped for outgoing, noprocessing, whitelisted and spamlovers mails. If a message has to be delayed, this check will score before the delay if set to block or score - and score and/or block on the next server request. 
Default: score 

-MaxDupRcpt (Maximum Allowed Duplicate Recipient Adresses) 
The maximum number of duplicate recipient addresses that are allowed in the sequence of the RCPT TO: commands!
  The number per mail is calculated by 'number of RCPT TO: commands  -  number of unique recipient addresses'.
  For example: if one address is used three times or two addresses are used each two times, will result in the same count - 2. Or if both is the case in one mail, the count will be 4.  

-sendAllPostmaster (Catchall Address for Messages to Postmaster) 
ASSP will deliver messages addressed to all postmasters of your local domains to this address. For example: postmaster@example.com  

-sendAllPostmasterNP (Skip Spam Checks for Postmaster Catchall) 
  

-sendAllAbuse (Catchall Address for Messages to Abuse) 
ASSP will deliver messages to all abuse addresses of your local domains to this address. For example: abuse@example.com  

-sendAllAbuseNP (Skip Spam Checks for Abuse Catchall) 
  

-DoRFC822 (Validate Recipient Address to Conform with RFC5322 ) 
If activated, each local address is checked to conform with the email format defined in RFC5322 .This requires an installed  module in PERL. 
Default: On 

-CatchAll (Catchall per Domain*) 
ASSP will send to these addresses if no valid user is found in LocalAddresses_Flat or LDAP. For example: catchall@domain1.com|catchall@domain2.com  

-CatchallallISP2NULL (Move ISP Connection with wrong Recipient Address to NULL) 
If set, ASSP will move all ISP connections with wrong recipient addresses to a NULL-connection. The ISP will receive "250 OK" until the mail has passed, but the mail will not be sent to your MTA. This is done after CatchAll but before CatchAllAll is checked.  

-CatchAllAll (Catchall for All Domains) 
ASSP will send to this address if no valid user is found  in LocalAddresses_Flat or LDAP and no match is found in Catchall per Domain. For example: catchall@example.com  

-NullAddresses (NULL Connection Addresses*) 
ASSP will dump a message silently when encountering such an address. Accepts specific addresses (null@example.com), user parts (nobody) or entire domains (@example.com).  

-InternalAddresses (Accept Mail from Local Domains only*) 
These local addresses do not accept mail externally. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com). Scoring is done  with iaValencePB.  

-SepChar (Separation Character for Subaddressing) 
RFC 3598 describes subaddressing with a Separation Character. A star ('*') is not allowed as Separation Character. Everything between Separation Character and @ is ignored (including Separation Character). For Example = '+' will allow user+subaddress@example.com. 
Default: + 

-EnableBangPath (Support Bang Path) 
If set, ASSP will support addresses like domainx!user@domainy and will convert them to user@domainx .  

-NoValidRecipient (No-Valid-Local-User Reply) 
SMTP reply for invalid Users. Default: '550 5.1.1 User unknown: EMAILADDRESS'  The literal EMAILADDRESS (case sensitive) is replaced by the fully qualified SMTP recipient (e.g., thisuser@example.com).Notes On Local Addresses 
Default: 550 5.1.1 User unknown: EMAILADDRESS 

------   Validate Helo   -----------------------------------------------

-useHeloBlacklist (Use the Helo Blacklist) 
Use the list of blacklisted-helo hosts built by rebuildspamdb. Scoring is done  with hlValencePB, testmode with hlTestMode. 
Default: score 

-ValidateHeloLog (Enable Validate Helo Logging) 
 
Default: standard 

-DoSucpiciousHelo (Score Suspicious HELOs) 
Score servers with SuspiciousHeloRe in Helo. Scoring is done  with shValencePB 
Default: score 

-SuspiciousHeloRe (Regular Expression to Score Suspicious HELO**) 
Score Suspicious HELOs will check incoming HELOs for this. 
For example: 'dsl|br(e|oa)dband|ppp|pppoe|dynamic|dynip|ADSL|dial(up|in)|pool|dhcp|leased)'   
Default: dsl|br(e|oa)dband|ppp|pppoe|dynamic|dynip|ADSL|dial(up|in)|pool|dhcp|leased 

-DoFakedLocalHelo (Block Forged Helos) 
Block remote servers that claim to come from our Local Domain/Local IPs/Local Host. Scoring with fhValencePB, testmode with fhTestMode. 
Default: block 

-ForceFakedLocalHelo (Enforce Check of Forged Helos Before User Validation) 
If set and DoFakedLocalHelo is enabled, ASSP will  check faked Helos before Delaying. Note: fhTestMode or allTestMode will disable the early execution.  

-DoFakedUseLocalDomain (Use Local Domain List for Blocking Forged Helos) 
If set, DoFakedLocalHelo will  use localDomains. 
Default: On 

-DoFakedWL (Do Not Block Whitelisted Forged Helos) 
Disable "Block Forged Helo's" for whitelisted addresses (not recommended).  

-DoFakedNP (Do Not Block Noprocessing Forged Helos) 
Disable "Block Forged Helo's" for addresses identified as noprocessing (not recommended).  

-myServerRe (Local Domains,IPs and Hostnames*) 
Local Domains, IP numbers and Hostnames are often use to fake (forge) the Helo. Include all IP addresses and hostnames for your server  here, localhost is already included. Include Local Domains of your choice here, if you deactivated the automatic use of the localDomains list.  For example: 11.22.33.44|mx.example.com|example.org  

-noHelo (Dont Validate HELO for these IPs*) 
Enter IP addresses that you don't want to be HELO validated.
   For example: 145.145.145.145|146.145  

-heloBlacklistIgnore (Dont block these HELOs*) 
HELO / EHLO greetings on this list will be excluded from the HELO checks. For example: host123.isp.com|host456.*.com  

-ForceValidateHelo (Enforce Early Helo Checks) 
If set and DoInvalidFormatHelo is enabled, ASSP will do DoInvalidFormatHelo before Delaying. Note: ihTestMode or allTestMode will disable the early execution.  

-DoInvalidFormatHelo (Validate Format of HELO) 
If activated, the HELO is checked against the expression below. If the Regular Expression matches, the HELO is not ok. Scoring is done  with ihValencePB, set testmode with ihTestMode. 
Default: block 

-invalidFormatHeloRe (Regular Expression to Validate Format of HELO**) 
Invalidate Format HELO will check incoming HELOs for this. Each regex can be assigned a weight. If the score which results from weight is less than ihValencePB, the message will not be blocked (even if 'block' is set) but scored. 
 For example: \.user=>0.5|^\d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$  or place them in a plain ASCII file one address per line: file:files/invalidhelo.txt 
Default: file:files/invalidhelo.txt 

-validFormatHeloRe (Regular Expression to Validate Format of HELO*) 
Validate Format HELO will check incoming HELOs according to rfc1123. For example: ^(([a-z\d][a-z\d-]*)?[a-z\d]\.)+[a-z]{2,6}$   
Default: ^(([a-z\\d][a-z\\d-]*)?[a-z\\d]\\.)+[a-z]{2,6}$ 

-DoHeloWL (Do Validate Helo for Whitelisted) 
Do validate Helo for whitelisted addresses. 
Default: On 

-DoHeloNP (Do Validate Helo for Noprocessing) 
Do validate Helo for messages marked 'noprocessing'.
  Notes On Validate Helo
   
Default: On 

------   Validate Sender   -----------------------------------------------

-DoBlackDomain (Do Blacklisted Addresses and Domains) 
 Scoring is done  with blValencePB, testmode with blTestMode. 
Default: block 

-NotGreedyBlackDomain (Only the envelope-sender is added/compared to the BlackDomainlist) 
Normal operation includes addresses in the FROM, SENDER, REPLY-TO, ERRORS-TO, or LIST-* header fields.Check this option to disable this.   

-DoBlackDomainWL (Blacklisting Addresses/Domains will overwrite White) 
Do blacklisting addresses & domains in messages which are marked whitelisted by whiteRe, whiteListedDomains, whiteListedIP or whitelistdb. 
Default: On 

-DoBlackDomainNP (Blacklisting Addresses/Domains will overwrite NoProcessing) 
Do blacklisting addresses & domains in messages marked 'noprocessing' by npRe, npSize, noProcessingDomains, noProcessingIPs or noProcessing.  

-blackAddresses (Blackish & Whitish Addresses** ) 
 Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported.  A positive weight will make the address 'blackish'. A negative weight will make the address into 'whitish'. For example: fribo*@example.com|@*.gov=>-0.5|@*.biz=>0.5 . 
Default: file:files/blackaddresses.txt 

-blackListedDomains (Blacklisted Domains*) 
Addresses  and Domains from which you always want to reject mail, they only send you spam. Note this matches the end of the address, so if you don't want to match subdomains then include the @. Note that example.com would also match spamexample.com but .example.com won't match example.com. abc@example.com will match abc@example.com but won't match bbc@example.com. Wildcards are supported. For example: biz|seller@bayer.com 
Default: file:files/blackdomains.txt 

-noBlackDomain (Dont do Blacklisted for these Addresses and Domains* ) 
 Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com).  

-DoMsgID (Check Message IDs) 
Score messages with missing/suspicious/invalid Message-ID (midmValencePB, midsValencePB, midiValencePB). 
Default: score 

-noMsgID (Dont Validate Message-IDs for these IPs*) 
Enter IP addresses that you don't want to be Message-ID validated, separated by pipes (|). For example: 127.0.0.1|192.168. 
Default:  127.0.0.|192.168.|10. 

-validMsgIDRe (Regular Expression to Validate Format of Message-ID*) 
Check Message IDs will check incoming messages for valid Message-IDs. For example: ^.*@.*\..*$   
Default: ^.*@.*\\..*$ 

-invalidMsgIDRe (Regular Expression to Invalidate Format of Message-ID**) 
Check Message IDs will check incoming messages for invalid Message-IDs.  

-DoNoValidLocalSender (Check External Sender for Valid Local Address  ) 
If activated, each external sender with a domain in localDomains is checked against LocalAddresses_Flat, LDAP or is verified using VRFY. Scoring is done  with flValencePB, testmode with flsTestMode. 
Default: block 

-ForceNoValidLocalSender (Enforce Early Checking of External Sender with Local Address ) 
If set and DoNoValidLocalSender is enabled, ASSP will do DoNoValidLocalSender before Delaying. Note: flsTestMode or allTestMode will disable the early execution.  

-DoNoSpoofing (Block Local Address from External Sender Alltogether) 
If activated, each external sender address built with a domain in localDomains is regarded a spoofed address. An external sender is a sender from an IP not in acceptAllMail, not authenticated and not coming from relayPort. flValencePB is used for scoring, testmode is set with flsTestMode. 
Default: score 

-noSpoofingCheckIP (Dont do Spoofing Check for these IPs* ) 
Enter IP numbers that you don't want to be checked for spoofing. For example:145.145.145.145|145.146.  

-noSpoofingCheckDomain (Dont do Spoofing Check for these Addresses/Domains* ) 
 Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com).  

-DoRFC822Sender (Validate Sender Address to conform with RFC5322) 
Sender must be a valid address to conform with RFC5322.  

-DoPTRCheck (Reversed Lookup) 
If activated, each sender IP is checked for a PTR record. This requires an installed  module in PERL. Scoring is done  with ptmValencePB, testmode is set with ptrTestMode.  

-DoPTRCheckWL (Do Reversed Lookup for Whitelisted) 
Do reversed lookup for whitelisted addresses.  

-DoPTRCheckNP (Do Reversed Lookup for Noprocessing) 
Do reversed lookup for noprocessing addresses.  

-DoPTRCheckInvalid (Reversed Lookup FQDN Validation) 
If activated - and Reversed Lookup is activated -, the PTR-FQDN record is checked against the Regex. Scoring is done  with ptiValencePB  
Default: On 

-invalidPTRRe (Regular Expression to Invalidate Format of PTR**) 
Validate Format PTR will check PTR records for this. 
  For example:  ^\d+\.\d+\.\d+\.\d+$|^[^\.]+\.?$  or place them in a plain ASCII file one address per line: file:files/invalidptr.txt 
Default: file:files/invalidptr.txt 

-validPTRRe (Regular Expression to Validate Format of PTR*) 
Validate Format PTR will check PTR records for this. If found, the PTR will be considered valid
  For example:  'static' or place them in a plain ASCII file one address per line: file:files/validptr.txt 
Default: file:files/validptr.txt 

-PTRCacheExp (Reversed Lookup Cache Refresh Interval) 
IPs in cache will be removed after this interval in hours. 0 will disable the cache.   
Default: 72 

-DoMXACheck (Validate MX or A Record) 
If activated, each sender address is checked for a valid MX or A record. Scoring is done  with mxValencePB for missing MX-record, mxaValencePB for missing A & MX records. Testmode is set with mxaTestMode.  

-MXACacheExp (Validate Domain MX Cache Refresh Interval) 
IPs in cache will be removed after this interval in hours. 0 will disable the cache.   
Default: 72 

-DoNoFrom (Check For Existing From Header ) 
Scoring is done  with fromValencePB, testmode is set with fromTestMode. 
Default: score 

-ValidateSenderLog (Enable Validate Sender Logging) 
 
Default: standard 

-SenderInvalidError (Sender Validation Error) 
SMTP error message to reject invalid senders. The literal REASON is replaced by (missing MX, missing PTR, invalid Helo, invalid user) depending on the check. If this is empty SpamError will be used. The literal LOCALDOMAIN will be replaced by the recipient domain or defaultLocalHost. SESSIONID will be replaced by the unique ASSP identifier. REASON will be replaced by the actual reason.
  Notes On Validate Sender
   
Default: 554 5.7.1 Mail (SESSIONID) appears to be unsolicited - REASON - contact postmaster@LOCALDOMAIN for resolution 

------   IP Blocking   -----------------------------------------------

-DelayIP (Simple IP Greylisting) 
Enable simple delaying for IP's in black penalty box.  

-DelayIPTime (Simple IP Greylisting Embargo Time) 
Enter the number of minutes for which delivery, related with IP address of the sending host, is refused with a temporary failure. Default is 5 minutes. 
Default: 5 

-noBlockingIPs (Do not block Connections from these IPs*) 
Manually maintained list of IP numbers which should not be blocked.  An IP range is defined e.g. '182.82.10.'. CIDR notation is accepted (182.82.10.0/24). Hyphenated ranges can be used (182.82.10.0-182.82.10.255)  

-DoDropList (Do Deny Connections from these IPs) 
If activated, the IP is checked against the Droplist . The droplist is downloaded if a new one is available and contains the Spamhaus DROP List. See "http://www.spamhaus.org/drop/drop.lasso". 
Default: block 

-DropList (Drop Connections from these IPs*) 
Automatically downloaded (http://www.spamhaus.org/drop/drop.lasso) list of IP numbers which should be blocked right away. 
Default: file:files/droplist.txt 

-DoDenySMTP (Do Deny Connections from these IPs) 
If activated, the IP is checked against denySMTPConnectionsFrom (Deny Connections from these IPs). 
Default: block 

-denySMTPConnectionsFrom (Deny Connections from these IPs*) 
Manually maintained list of IP numbers which should be blocked. IP numbers in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, penalty-whitebox will pass. For example: 145.145.145.145|145.146.  

-DoDenySMTPstrict (Do Deny Connections from these IP numbers Early) 
If activated, the IP is checked against denySMTPConnectionsFromAlways. It is posiible to use an automated approach to fill denySMTPConnectionsFromAlways. Use exportExtremeBlack for this, make sure DoExtremeExport and DoExtremeExportAppend are enabled. You can then export into the denySMTPConnectionsFromAlways file. However it may be easier to enable ForcePBExtreme, which will block then automatically right after the connection based on the (extreme) value of the PenaltyBox entry. 
Default: block 

-denySMTPConnectionsFromAlways (Deny Connections from these IP numbers Early*) 
Manually maintained list of IP numbers which should  be blocked imediately after connection. IP numbers in noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs will  pass.  Place them in a plain ASCII file one address per line: file:files/denyalways.txt  

-denySMTPLog (Enables Logging for Deny SMTP Connections From) 
 
Default: standard 

-DenyError (Deny Error) 
SMTP error message to reject connections. Will be used from  and denySMTPConnectionsFromAlways and DoPenaltyExtreme. For example: 554 5.7.2 Service denied, closing transmission channel.  
Default: 554 5.7.2 Service denied, closing transmission channel 

-DoCheckFrequencyIP (Check Frequency - Maximum Connections Per IP) 
Scoring is done  with ifreqValencePB.  

-maxSMTPipConnects (Maximum Frequency of Connections Per IP ) 
The maximum number of SMTP connections an IP Address can make during the maxSMTPipDuration (IP Address Frequency Duration). If a server makes more than this many connections to ASSP within the maxSMTPipDuration (IP Address Frequency Duration) it will be banned from future connections until the maxSMTPipExpiration (IP Address Frequency Expiration) is reached. This can be used to prevent server overloading and DoS attacks. 10 connections are typically enough. If left blank or 0, there is no limit imposed by ASSP. IP numbers in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, PB-whitebox are excluded from SMTP session limiting, whitelisted and noprocessing addresses are honored.  
Default: 10 

-maxSMTPipDuration (Maximum Frequency of Connections Per IP Duration) 
The window (in seconds) during which the maxSMTPipConnects (IP Frequency) (see above for more details) will be scrutinized for each IP. The default is 90 seconds. 
Default: 90 

-maxSMTPipExpiration (Expiration of Maximum Frequency) 
The number of seconds that must pass before an IP address blocked by the maxSMTPipConnects (IP Address Frequency) setting is allowed to connect again. The default is 3600 (seconds) . 
Default: 3600 

-DoNumberDomainIP (Check Number of IP numbers Per Domain) 
Scoring is done  with idomValencePB.  

-maxSMTPdomainIP (Limit Number of IP numbers  Per Domain) 
The number of IP(subnet) switches a domain may have during the maxSMTPdomainIPExpiration (Limit Different IP numbers Per Domain Expiration). If a domain switches more often than this it will be banned from future connections until the Expiration is reached. This is NOT a spam blocking filter, it is a tool to fight dictionary attacks, server overloading and DoS attacks. 10 connections are typically enough. If left blank or 0, there is no limit imposed by ASSP. IP numbers in noPB, noDelay, acceptAllMail, ispip, whiteListedIPs, noProcessingIPs, PB-whitebox are excluded, whitelisted and noprocessing addresses are honored. 
Default: 10 

-maxSMTPdomainIPExpiration (Expiration of Limit Number) 
The number of seconds that must pass before a domain blocked by the maxSMTPdomainIP (Limit Subnet IP numbers Per Domain) setting (see above for more details) is allowed to connect again. The default is 1800 (seconds). 
Default: 1800 

-maxSMTPdomainIPWL (Do Not Limit Different IP numbers For These Domains*) 
This prevents specific domains from limiting. For example: yahoo.com|hotmail.*.com|gmail.com
  Notes On IP Blocking
   
Default: gmx.de|t-online.de|yahoo.com|hotmail.com|gmail.com 

------   SenderBase    -----------------------------------------------

-SBtimeout (Net::SenderBase Timeout) 
Net::SenderBase will timeout after this many seconds. 
Default: 10 

-DoOrgWhiting (Do Organization Whiting ) 
If activated, each sending IP address has its assigned organization
looked up. This requires an installed  module in PERL. Scoring is done  with sworgValencePB. 
Default: whiting 

-whiteSenderBase (White Organizations and Domains in SenderBase**  ) 
If the organization or domain  in the  IP description matches this Perl regular expression the message will be considered non-spam, the total messagescore will be decreased by sworgValencePB. Place them in a plain ASCII file one address per line: file:files/whiteorg.txt 
Default: file:files/whiteorg.txt 

-DoOrgBlocking (Do Organization Blocking) 
If activated, each sending IP address has its assigned organization
looked up . This requires an installed  module in PERL. Scoring is done  with sborgValencePB, Testmode is set with sbTestMode. 
Default: monitor 

-blackSenderBase (Blacklisted Organizations and Domains in SenderBase** ) 
If the organization or domain in the  IP description matches this Perl regular expression the message will be considered spam.  

-DoCountryBlocking (Do Country Blocking) 
If activated, each sending IP address has it's assigned country
looked up and compared to CountryCodeBlockedRe. This requires an installed  module in PERL. Testmode is set with sbTestMode, Messages from these countries will increase the total MessageScore using bccValencePB. 
Default: monitor 
0 - disabled
1 - Block
2 - monitor
3 - score

-CountryCodeBlockedRe (Blocked Countries**) 
Messages from IP numbers based in these countries will be blocked if DoCountryBlocking is set accordingly. For example: CN|KR|RU|JP|TR|TH|PL|LT|CL|RO. "all" will block all foreign countrycodes which are not in 'Suspicious Country Codes' or 'Ignore Country Codes'. See: .   

-DoCountryBlockingWL (Do Country Blocking for Whitelisted ) 
Enable Country Blocking for whitelisted messages.  

-DoCountryBlockingNP (Do Country Blocking for NoProcessing) 
Enable Country Blocking for noprocessing messages.  

-DoSenderBase (Do Suspicious Country Scoring) 
If activated, each sending IP address has it's assigned country
looked up and compared to CountryCodeRe. This requires an installed  module in PERL. Testmode is set with sbTestMode. 
Default: score 

-CountryCodeRe (Suspicious Countries**) 
Messages from IP numbers based in these countries will increase the MessageScore. For example: UA|GR|HU|SA|IN|IE|PT|MD|PE|CZ|TW|BR|CL|ID|PH. Messages from these countries will increase the total MessageScore using sbsccValencePB.  

-NoCountryCodeRe (Ignore Country Codes from these Countries*) 
Messages from IP numbers based in these countries will not be blocked. For example: US|CA|DE 
Default: US|CA|DE 

-MyCountryCodeRe (Home Countries**) 
Put here your own country code(s) (for example: US). Messages from IP numbers based in these countries will decrease the total MessageScore using sbhccValencePB, messages from other countries will increase the total MessageScore using sbfccValencePB if ScoreForeignCountries is set.   

-ScoreForeignCountries (Score Foreign Countries) 
Messages from countries not in MyCountryCodeRe will increase the total messageScore using sbfccValencePB. 
Default: On 

-SenderBaseLog (Enable SenderBase Logging) 
 
Default: standard 

-SBCacheExp (Country Cache Refresh Interval) 
IPs in cache will be removed after this interval in hours. 0 will disable the cache.  
  Country Codes
   
Default: 240 

------   Message Scoring    -----------------------------------------------

-DoPenaltyMessage (Message Scoring) 
If this feature is selected, the total score for all checks during a message is used to determine if the email should be considered Spam. If the combined score is greater than MessageScoringLowerLimit (MessageLimit for Tagging) and less than or equal MessageScoringUpperLimit (MessageLimit for Blocking) the message will not be blocked but tagged. If the combined score is greater than the MessageScoringUpperLimit, the message will be blocked. Testmode is set with msTestMode.  
Default: block 

-MessageLog (Enable Message Scoring logging) 
 
Default: standard 

-MessageScoringWL (MessageScoring on Whitelisted Senders) 
  

-MessageScoringNP (MessageScoring on NoProcessing Messages) 
  

-MessageScoringLocal (MessageScoring on Local Senders) 
  

-MessageScoringLowerLimit (MessageScoring Lower Limit ) 
MessageScoring will tag messages with totalscore higher than this limit and not higher than MessageScoringUpperLimit.  For example: 47 
Default: 47 

-MessageScoringWarningTag (Warning Tag) 
Used if totalscore is  higher than MessageScoringLowerLimit and not higher than MessageScoringUpperLimit. For example: [?]  

-MessageScoringUpperLimit (MessageScoring Upper Limit) 
If MessageScoring is done  to block, it will block messages whose totalscore is  higher than this threshold. For example: 50 
Default: 50 

-MessageScoringExtremeLimit (MessageScoring Extreme Limit) 
Spamlover messages whose totalscore is  higher than this threshold will not pass but will be blocked. A value of 0 here or the recipient listed in strictSpamLovers will disable this option. For example: 75 
Default: 75 

-ConnectionScoringLimit (ConnectionScoring Limit) 
If this feature is selected, the total score for all checks of all messages during a connection is used to determine if the email should be considered Spam.  A value of 0 here will disable this option. Scoring value is conValencePB. For example: 150  

------   PenaltyBox    -----------------------------------------------

-DoPenalty (IP Scoring) 
The PenaltyBox is a temporary position of low esteem awarded for a perceived misdeed. It scores IP numbers based on some events ( ) and writes them into a BlackBox. If the score per specified time interval (PenaltyDuration) surpasses the warning threshold (PenaltyWarning) the message is marked with PenaltyWarningTag but not blocked. The next level is the PenaltyLimit Threshold. It can be used to block the message. There is also an extreme level, those 'top performers' can get a special treatment: PenaltyExtreme when DoPenaltyExtreme is enabled. The WhiteBox stores IP numbers  which should not be put into the BlackBox. The WhiteBox is always enabled. If an address is in the whitelist or whitedomain, the IP goes into the WhiteBox too. The WhiteBox is one of the sources  Delaying/Greylisting uses to determine when delaying should not be done. Entries in noPB (Don't do penalties for these IP numbers ) or ispip (ISP/Secondary MX Servers) will prevent from penalties. Select 'monitor' to fill WhiteBox and BlackBox. 'monitor' is also the right choice if you do not want to block IP numbers  but rather score messages with DoPenaltyMessage (Message Scoring Mode). Testmode is set with pbTestMode. 
Default: monitor 

-PenaltyDuration (Penalty Interval) 
IP numbers will be kept in the BlackBox if their score exceeds the Penalty Limit during this interval in minutes. 
Default: 60 

-PenaltyWarning (Penalty Warning) 
PB will tag messages from IP numbers whose totalscore exceeds this threshold during PenaltyDuration.  For example: 45 
Default: 45 

-PenaltyWarningTag (Penalty Warning Tag) 
For example: [??] 
Default: [??] 

-PenaltyLimit (Penalty Limit) 
PB will block messages from IP numbers whose totalscore exceeds this threshold during PenaltyDuration. For example: 50 
Default: 50 

-PenaltyExpiration (Expiration Time) 
Penalties with a score lower than PenaltyExtreme will expire after this number of minutes. If set to Zero the Penalty BlackBox will be deleted and started from scratch. 
Default: 360 

-PenaltyLog (Enable PenaltyBox logging) 
 
Default: standard 

-AddScoringHeader (Add IP/Message Scoring Header) 
Adds a line to the email header "X-Assp-XXX-Score: ", where XXX may be IP, Message or both. 
Default: On 

-pbdb (PenaltyBox Database) 
The directory/file with the penaltybox database files. For removal of entries from PenaltyBlackBox use .
 For removal of entries from WhiteBox  use . For  whitelisting IP numbers use whiteListedIPs or noProcessingIPs. For blacklisting IP numbers use denySMTPConnectionsFrom and denySMTPConnectionsFromAlways.  
Default: pb/pbdb 

-noPB (Dont do BlackBox for these IPs* ) 
Enter IP numbers that you don't want to be profiled. These IP numbers will also be automatically removed from PB-BlackBox. For example:145.145.145.145|145.146.  

-noPBwhite (Dont do WhiteBox for these IPs* ) 
Enter IP numbers that you don't want to be NOT profiled. These IP numbers will also be automatically removed from PB-WhiteBox. 
Default: nowhite.txt 

-WhiteExpiration (Expiration Time for WhiteBox Entries) 
The WhiteBox is always activated. The WhiteBox is similar to the  Whitelist  - but it is not a whitelist: content-related checks like Bayesian, URIBL, Bomb  will be done, IP-related checks will be skipped. WhiteBox entries will expire after this specified number of days. For example: 30 
Default: 30 

-PenaltyUseNetblocks (Use IP Netblocks) 
Perform the IP address checks of the sending host based on the /24 subnet  rather than on the specific IP. Part of DoPenalty  
Default: On 

-PenaltyError (Penalty Reply) 
If set SMTP reply for Penalty Denial. The literal LOCALDOMAIN will be replaced by the recipient domain or defaultLocalHost. SESSIONID will be replaced by the unique ASSP identifier. REASON will be replaced by the actual reason. 
Default: 554 5.7.1 Mail (SESSIONID) appears to be unsolicited - REASON - contact postmaster@LOCALDOMAIN for resolution 

-CleanPBInterval (Clean Up PB Databases) 
Delete outdated entries from blackbox and whitebox databases every this many hours.
  Note: the current timeout must expire before the new setting is loaded, or you can restart.
  Defaults to 6 hours. 
Default: 6 

-DoPenaltyExtreme (PenaltyBox Extreme IP Profiling) 
If set PBextreme will block IP numbers whose score meet or exceed Extreme Scoring Threshold. DoPenaltyExtreme blocks after the header is done, based on the IP numbers score from previous and current SMTP session, testmode is set with pbTestMode. 
Default: block 

-PenaltyExtreme (Extreme Scoring Threshold) 
PBextreme will use this to determine candidates for special treatment. For example: 500. 
Default: 500 

-ExtremeExpiration (Expiration Time for Extreme Penalties) 
Penalties with score higher than PenaltyExtreme will expire after this number of days. If set to Zero nothing will be deleted. For example: 7  

-ForcePBExtreme (Enforce Early PenaltyBox Extreme Blocking) 
If set and DoPenaltyExtreme is enabled, ASSP will do DoPenaltyExtreme immediately after connection.  

-ExtremeWL (Penalize Whitelisted) 
Enable extreme penalties for whitelisted addresses.  

-ExtremeNP (Penalize NoProcessing) 
Enable extreme penalties for noprocessing addresses.  

-DoExtremeExport (Do Export Penalty BlackBox Extreme) 
  

-DoExtremeExportAppend (Append Export File) 
Do not overwrite the export file but append to it.  

-exportInterval (Export BlackBox Extreme File Interval) 
 Exported Penalty Black Box Extreme File every this hours.
  Defaults to 6 hours. 
Default: 6 

-exportExtremeBlack (Exported BlackBox Extreme File ) 
IPs in Penalty BlackBox which surpassed the extreme level will be regularly stored into this file. 
Default: file:files/exportedextreme.txt 

-PenaltyExtremeLog (Enable PenaltyBox Extreme logging) 
 
Default: standard 

------   Scoring Settings    -----------------------------------------------

-DoNotPenalizeRed (Do Not Score IP numbers in Redlisted Messages) 
IPs matching Red Regex or Redlist will not collect scoring values from PenaltyBox.  

-DoNotPenalizeNull (Do Not Score IP numbers From Bounce/Null-Senders) 
IPs matching BounceSenders (Bounce Senders) will not be profiled.  

-baValencePB (Bad Attachment) 
For Message & IP scoring in DoBlockExes. 
Default: 20 

-baysValencePB (Bayesian) 
For Message scoring in DoBayesian. 
Default: 49 

-bccValencePB (Blocked Country Code) 
For Message & IP scoring in DoCountryBlocking. 
Default: 25 

-blValencePB (Blacklisted Domain) 
For Message & IP scoring in DoBlackDomain 
Default: 20 

-bombSuspiciousValencePB (Matching Suspicious Expression) 
message scoring in bombSuspiciousRe 
Default: 10 

-blackValencePB (Black Expression Matching) 
For Message & IP scoring in DoBlackRe 
Default: 40 

-bombValencePB (Bomb Expression Matching) 
For Message & IP scoring in DoBombRe, DoBombHeaderRe, DoBombSenderRe 
Default: 30 

-scriptValencePB (Script Expression Matching) 
For Message & IP scoring in DoScriptRe 
Default: 20 

-etValencePB (Early Talker Scoring) 
IP scoring for  clients who talk before server's greeting is sent. 
Default: 25 

-fhValencePB (Forged HELO Scoring) 
For Message & IP scoring in DoFakedLocalHelo. 
Default: 150 

-flValencePB (Invalid Local Sender Score) 
For Message & IP scoring in DoNoValidLocalSender. 
Default: 20 

-fromValencePB (No From Score) 
For Message & IP scoring  in DoNoFrom 
Default: 50 

-gripValencePB (Score for GRIPvalues) 
For Message scoring with griplist values. The final score for an IP is basically the gripvalue * gripValencePB. If the gripvalue is less 0.5 it will be negative. 
Default: 30 

-hlValencePB (Blacklisted HELO Score) 
For Message & IP scoring in useHeloBlacklist. 
Default: 20 

-idomValencePB (Number of IP numbers Per Domain Violation Score) 
For IP scoring in DoNumberDomainIP. 
Default: 40 

-ifreqValencePB (IP Frequency Violation Score) 
For IP scoring  in DoCheckFrequencyIP. 
Default: 40 

-ihValencePB (Invalid HELO Score) 
For Message & IP scoring in DoInvalidFormatHelo & DoValidFormatHelo. 
Default: 20 

-shValencePB (Suspicious HELO Score) 
For Message & IP scoring with SuspiciousHeloRe. 
Default: 10 

-iplValencePB (IP Maximum Parallel Sessions Violation Score) 
For IP scoring in maxSMTPipSessions. 
Default: 5 

-meValencePB (Max Errors Exceeded Score) 
IP scoring in MaxErrors. 
Default: 10 

-conValencePB (ConnectionScoring Limit Exceeded ) 
Message scoring in ConnectionScoringLimit. 
Default: 10 

-mdrValencePB (Duplicate Recipient) 
Message/IP scoring in DoMaxDupRcpt 
Default: 10 

-midmValencePB (Missing Message-ID Score) 
For Message & IP scoring in DoMsgID. 
Default: 19 

-midsValencePB (Suspicious Message-ID) 
For Message & IP scoring in DoMsgID. 
Default: 5 

-midiValencePB (Invalid Message-ID) 
For Message & IP scoring in DoMsgID. 
Default: 5 

-msigValencePB (Invalid MSGID-signature) 
For Message scoring 
Default: 25 

-msValencePB (Message Scoring Limit Exceeded) 
For IP scoring  with DoPenaltyMessage 
Default: 10 

-mxValencePB (Missing MX Record) 
For Message & IP scoring in DoMXACheck. 
Default: 10 

-mxaValencePB (Missing MX and A Record) 
For Message & IP scoring in DoMXACheck. 
Default: 15 

-nopbwValencePB (noPBwhite) 
For Message scoring if mail comes from noPBwhite IP numbers. 
Default: 10 

-pbwValencePB (<span class="positive"> PBwhite</span>) 
 Bonus  for Message scoring if mail comes from an IP in PBwhite. 
Default: -10 

-okValencePB (<span class="positive">Message OK</span>) 
IP Bonus for passing message 
Default: -25 

-okaValencePB (<span class="positive"> OK Address found</span>) 
Bonus for finding sender address in DoOKCaching 
Default: -25 

-pbValencePB (Bad IP History, TotalScore larger than PenaltyLimit) 
message scoring  in PenaltyBox ( DoPenaltyMessage ) 
Default: 10 

-pbeValencePB (Extreme Bad IP History, TotalScore larger than PenaltyExtreme) 
message scoring  in PenaltyBox ( DoPenaltyMessage ) 
Default: 15 

-ptiValencePB (Invalid PTR Record) 
For Message & IP scoring in DoPTRCheckInvalid 
Default: 10 

-ptmValencePB (Missing PTR Record) 
For Message & IP scoring in DoPTRCheck 
Default: 5 

-rblValencePB (DNSBL Failed) 
For Message & IP scoring in ValidateRBL 
Default: 45 

-rblnValencePB (DNSBL Neutral) 
For Message & IP scoring in ValidateRBL 
Default: 25 

-reValencePB (Recipients Empty Score) 
For IP scoring  in Recipient Section. 
Default: 5 

-riValencePB (Recipient Invalid) 
For Message & IP scoring in Recipient Section. 
Default: 5 

-rwlValencePB (RWL Pass) 
 Bonus  for Message & IP scoring in ValidateRWL 
Default: -25 

-rwlnValencePB (RWL Neutral) 
 Bonus  for Message & IP scoring in ValidateRWL 
Default: -15 

-rlValencePB (Failed Relay Attempt) 
For Message & IP scoring  in Relaying Section. 
Default: 25 

-saValencePB (Spam Collect Address) 
For IP scoring with spamaddresses 
Default: 25 

-sbfccValencePB (Foreign Country Code) 
message scoring in MyCountryCodeRe 
Default: 10 

-sbhccValencePB (<span class="positive">Home Country Code</span>) 
 Bonus for Message & IP Scoring with MyCountryCodeRe 
Default: -10 

-sborgValencePB (Blocked Organizations) 
For Message & IP scoring in DoOrgBlocking 
Default: 25 

-sbnValencePB (No Organization and No CountryCode) 
For Message & IP scoring in DoOrgBlocking and DoCountryBlocking 
Default: 10 

-sworgValencePB (White Organizations) 
 Bonus for Message & IP scoring in DoOrgWhiting 
Default: -25 

-sbsccValencePB (Suspicious Country Code) 
message scoring in CountryCodeRe 
Default: 10 

-spfValencePB (SPF Failed) 
For Message & IP scoring in ValidateSPF 
Default: 10 

-spfpValencePB (SPF Pass) 
 Bonus for Message & IP scoring with SPF 
Default: -5 

-spfnValencePB (SPF Neutral) 
For Message & IP scoring with SPFneutral 
Default: 5 

-spfsValencePB (SPF Softfailed) 
For Message & IP scoring with SPFsoftfail 
Default: 5 

-spfnonValencePB (SPF None) 
For Message & IP scoring with SPFnone  

-spfuValencePB (SPF Unknown) 
For Message & IP scoring  in SPFunknown  

-spfeValencePB (SPF Error) 
For Message & IP scoring in ValidateSPF 
Default: 10 

-srsValencePB (SRS Validate Bounce Failed) 
For Message & IP scoring in SRSValidateBounce 
Default: 10 

-stValencePB (Penalty Trap Address) 
For IP scoring  in with spamtrapaddresses 
Default: 50 

-teValencePB (TestRe Valence) 
For testmode with testRe 
Default: 20 

-vsValencePB (Virus Suspicious) 
message scoring in SuspiciousVirus 
Default: 25 

-tlsValencePB (OK, Is a SSL/TLS connection,) 
Message Scoring & IP scoring Bonus for SSL/TLS connections 
Default: -10 

-vdValencePB (Virus Detected) 
Message & IP scoring in UseAvClamd 
Default: 50 

-uriblnValencePB (URIBL Neutral) 
Message & IP scoring in ValidateURIBL 
Default: 20 

-uriblValencePB (URIBL Failed) 
For Message & IP scoring in ValidateURIBL  
Default: 40 

-uribleValencePB (URIBL Extras) 
For Message & IP scoring in URIBLNoObfuscated, URIBLmaxdomains, URIBLmaxuris,   
Default: 5 

-whiteValencePB (<span class="positive">White Expression Matching</span>) 
For Message & IP scoring with whiteReNotes On PenaltyBox
   
Default: -50 

------   Delaying/Greylisting    -----------------------------------------------

-EnableDelaying (Enable Delaying/Greylisting) 
Enable Greylisting as described at .
   Greylisting involves sending a temporary 451 SMTP error code to the sending server when a message is received, along with sending this error code ASSP creates a Triplet and stores this. On the second delivery attempt if the Embargo Time set by the ASSP admin for the Triplet has been surpassed the message will be accepted and a Tuplet will be created and not delayed again for an Expiry Time set by the ASSP admin. 
Default: On 

-DelayLog (Enable Greylisting/Delaying logging) 
  

-DelayGripvalue (Do Greylisting/Delaying above this Gripvalue) 
This will restrict Delaying/Greylisting to IP numbers with a a Gripvalue above this value. For example 0.4. You may set it higher to 0.5 if you want to delay only IP numbers with a higher probability to send Spam. The local griplist is build during rebuildspamdb and uploaded to a global database. In return the global griplist is downloaded.  The Gripvalue is calculated from the "spamminess" , where 0 means the IP-Block never sends spam and 1 it always send spam. 
Default: 0.4 

-DelayWL (Whitelisted Greylisting) 
Enable Greylisting for whitelisted users.  

-DelayNP (NoProcessing Greylisting) 
Enable Greylisting for noprocessing users.  

-DelaySL (SpamLovers Greylisting) 
Enable Greylisting for SpamLovers.  

-DelaySPF (SPF Pass Greylisting) 
Enable Greylisting for SPF=pass results. 
Default: On 

-DelayHC (HomeCountry Pass Greylisting) 
Enable Greylisting for HomeCountry based IPs. 
Default: On 

-DelayAddHeader (Add X-Assp-Delay Header) 
Add X-Assp-Delay header to all emails. 
Default: On 

-DelayEmbargoTime (Embargo Time) 
Enter the number of minutes for which delivery, related with new 'triplet' (IP address of the sending
  host + mail from + rcpt to), is refused with a temporary failure. Default is 5 minutes. 
Default: 5 

-DelayWaitTime (Wait Time) 
Enter the number of hours to wait for delivery attempts related with recognised 'triplet'; delivery is accepted 
  immediately and the 'tuplet' (IP address of the sending host + sender's domain) is safelisted. Default is 28 hours. 
Default: 28 

-DelayExpiryTime (Expiry Time) 
Enter the number of days for which whitelisted 'tuplet' is considered valid. Default is 36 days. 
Default: 36 

-DelayUseNetblocks (Use IP Netblocks) 
Perform the IP address checks of the sending host based on the /24 subnet it is at rather than the specific IP. 
  This feature may be useful for legitimate mail systems that shuffle messages among SMTP clients between retransmissions. 
Default: On 

-DelayNormalizeVERPs (Normalize VERP Addresses) 
Some mailing lists (such as Ezmlm) try to track bounces to individual mails, rather than just individual recipients, which creates a variation on the VERP method where each email has its own unique envelope sender. Since the automatic whitelisting (called savelisting to make a difference to the standard whitelisting) that is built into Greylisting depends on the envelope addresses for subsequent emails being the same, the greylisting filter will attempt to normalize the unique sender addresses, when this option is checked. 
Default: On 

-DelayMD5 (Use MD5 for DelayDB) 
Message-Digest algorithm 5 is a cryptographic hash function and adds some level of security to the delay database. Must be set to off if you want to list the database with DelayShowDB/DelayShowDBwhite. 
Default: On 

-DelayShowDB (Show Delay/Greylisting Database) 
The directory/file with the delay local file. Obsolete if you use 'mysql' in delaydb. 
Default: file:delaydb 

-DelayShowDBwhite (Show Delay/Greylisting Save Database) 
The directory/file with the white-delay local file. Obsolete if you use 'mysql' in delaydb. 
Default: file:delaydb.white 

-DelayExpireOnSpam (Expire Spamming Safelisted Tuplets) 
If a safelisted 'tuplet' is ever associated with spam, viri, failed rbl, spf etc, it is deleted from the safelist. 
  This renews the temporary embargo for subsequent mail involving the tuplet. 
Default: On 

-CleanDelayDBInterval (Clean Up Delaying Database) 
Delete outdated entries from triplets and safelisted tuplets databases every this many seconds.
  Note: the current timeout must expire before the new setting is loaded, or you can restart.
  Defaults to 3 hours. 
Default: 10800 

-noDelay (Dont Delay these IPs*) 
Enter IP addresses that you don't want to be delayed, separated by pipes (|). There are misbehaving MTAs that will not be able to get a legitimate email through a Greylisting server because they do not try again later.
  For example:  145.145.145.145|145.146. or place them in a plain ASCII file one address per line: 'file:files/nodelay.txt' 
Default: file:files/nodelay.txt 

-noDelayAddresses (Do not Delay these Addresses*) 
Enter senders email addresses that you don't want to be delayed, separated by pipes (|). You can list specific addresses (user@anydomain.com), addresses at any domain (user), or entire domains (@anydomain.com).  Wildcards are supported (fribo*@domain.com).For example: fribo@anydomain.com|jhanna|@sillyguys.org or place them in a plain ASCII file one address per line: 'file:files/nodelayuser.txt'.  

-noDelayHelosRe (Regular Expression to Identify noDelay Helos *) 
Put anything here to identify Helos which should be not delayed. 
Default: ^(mail|smtp|mout|mx) 

-DelayError (Reply Code to Refuse Delayed Messages) 
SMTP reply code to refuse delayed messages. Default: 451 4.7.1 Please try again later
  
  Notes On Delaying
   
Default: 451 4.7.1 Please try again later 

------   SPF/SRS    -----------------------------------------------

-ValidateSPF (Enable SPF Validation ) 
Enable Sender Policy Framework Validation as described at .
  This requires an installed  module in PERL. Testmode is set with spfTestMode, Scoring is done  with spfValencePB. 
Default: score 

-SPFLog (Enable SPF logging) 
 
Default: standard 

-SPFWL (Whitelisted SPF Validation) 
Enable Sender Policy Framework Validation for whitelisted users also.  

-SPFNP (noProcessing SPF Validation) 
Enable Sender Policy Framework Validation for nonprocessed messages also.  

-AddSPFHeader (Add Received-SPF Header) 
Add Received-SPF header to header of all emails processed by SPF. 
Default: On 

-SPFError (SPF Failed Reply) 
SMTP reply for SPF failed messages. Default: '554 5.7.1 failed SPF: SPFRESULT'
  The literal SPFRESULT is replaced by the actual result. 
Default: 554 5.7.1 failed SPF: SPFRESULT 

-noSPFRe (Regular Expression to Skip SPF Processing*) 
Put anything here to identify these messages in mailfrom or header  

-strictSPFRe (Strict SPF Processing Regex*) 
Softfail/Neutral/None will be failed for these sending addresses. Put anything here to identify the addresses. For example: '@gmail.com|@msn.com|@live.com|@ebay.com|@ebay.nl|@bbt.com|@paypal.com|@einsundeins.de|@microsoft.com' 
Default: @gmail.com|@msn.com|@live.com|@ebay.com|@ebay.nl|@bbt.com|@paypal.com|@einsundeins.de|@microsoft.com 

-blockstrictSPFRe (Strict SPF Blocking Regex*) 
All failed messages will be blocked for these sending addresses. Put anything here to identify the addresses. 
Default: @ebay.com|@paypal.com 

-SPFsoftfail (Fail SPF Softfail Validations) 
Intentionally fail SPF softfail status responses. The possible results of a query are:
pass:The client IP address is an authorized mailer for the sender. The mail should be accepted subject to local policy regarding the sender.
fail:The client IP address is not an authorized mailer, and the sender wants you to reject the transaction for fear of forgery.
softfail:The client IP address is not an authorized mailer, but the sender prefers that you accept the transaction because it isn't absolutely sure all its users are mailing through approved servers. The softfail status is often used during initial deployment of SPF records by a domain.
neutral:The sender makes no assertion about the status of the client IP.
none:There is no SPF record for this domain.
permerror&temperror:The DNS lookup encountered an error during processing.
unknown:The domain has a configuration error in the published data or defines a mechanism that this library does not understand.  

-SPFneutral (Fail SPF Neutral Validations) 
Intentionally fail SPF neutral status responses  

-SPFqueryerror (Fail SPF Error Responses) 
Intentionally fail SPF 'error' status responses  

-SPFnone (Fail SPF None  Responses) 
Intentionally fail SPF 'none'  status responses  

-SPFunknown (Fail SPF Unknown  Responses) 
Intentionally fail SPF 'unknown'  status responses  

-SPFCacheExp (SPF Cache Refresh Interval) 
SPF records in cache will be removed after this interval in hours. 0 will disable the cache.   
Default: 72 

-DebugSPF (Enable SPF Debug output to ASSP Logfile) 
Enables verbose debugging of SPF queries within the Mail::SPF::Query module.
 
 Notes On SPF
    

-EnableSRS (Enable Sender Rewriting Scheme) 
Enable Sender Rewriting Scheme as described at .
  This requires an installed  module in PERL.
  You should use SRS if your message handling system forwards email for domains with published spf records.
  Note that you have to setup the outgoing path (Relay Host and Port) to let ASSP see and rewrite your outgoing traffic.  

-SRSAliasDomain (Alias Domain) 
SPF requires the SMTP client IP to match the envelope sender (return-path). When a message is forwarded through
  an intermediate server, that intermediate server may need to rewrite the return-path to remain SPF compliant.
  For example: example.com 
Default: example.com 

-SRSSecretKey (Secret Key) 
A key for the cryptographic algorithms -- Must be at least 5 characters long.  

-SRSTimestampMaxAge (Maximum Timestamp Age) 
Enter the maximum number of days for which a timestamp is considered valid. Default is 21 days. 
Default: 21 

-SRSHashLength (Hash Length) 
The number of bytes of base64 encoded data to use for the cryptographic hash.
  More is better, but makes for longer addresses which might exceed the 64 character length suggested by RFC5321.
  This defaults to 4, which gives 4 x 6 = 24 bits of cryptographic information, which means that a spammer will have 
  to make 2^24 attempts to guarantee forging an SRS address. 
Default: 4 

-SRSValidateBounce (Enable Bounce Recipient Validation) 
Bounce messages that fail reverse SRS validation (but not a valid SMTP probe)
  will receive a 554 5.7.5 [Bounce address not SRS signed] SMTP error code. Testmode is set with srsTestMode, Scoring is done  with srsValencePB.  

-SRSno (Dont Rewrite These Addresses*) 
Don't rewrite addresses when messages come from/to these addresses. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). For example: fribo@example.com|jhanna|@example.org  

-noSRS (Dont Validate Bounces From these IPs*) 
Enter IP addresses that you don't want to validate bounces from, separated by pipes (|).
  For example:  145.145.145.145|145.146.
  Notes On SRS
    

------   DNSBL    -----------------------------------------------

-ValidateRBL (Enable DNS Blacklist Validation) 
This requires an installed  module in PERL. Scoring is done  with rblValencePB for 'fail' and rblnValencePB for 'neutral' results. Testmode is set with rblTestMode. 
Default: block 

-RBLLog (Enable DNSBL logging) 
 
Default: standard 

-noRBL (Dont do DNSBL for these IPs*) 
Enter IP addresses that you don't want to be DNSBL validated, separated by pipes (|). For example:  145.145.145.145|145.146.  

-RBLWL (Whitelisted DNSBL Validation) 
Enable DNSBL for whitelisted messages   

-RBLNP (NoProcessing DNSBL Validation) 
Enable DNSBL for noprocessing messages   

-AddRBLHeader (Add X-Assp-Received-DNSBL Header) 
Add X-Assp-Received-DNSBL header to messages with positive reply from DNSBL. 
Default: On 

-RBLError (DNSBL Failed Reply) 
SMTP reply for messages failed by DNSBL.
  The literal RBLLISTED (case sensitive) is replaced by the matching serviceprovider(s). 
Default: 554 5.7.1 DNS Blacklisted in RBLLISTED - contact postmaster@LOCALDOMAIN for resolution 

-RBLServiceProvider (RBL Service Providers* ) 
Names of DNSBLs to use separated by "|" or name of list 'file:files/dnsbls.txt'. Defaults are: zen.spamhaus.org=>1|bl.spamcop.net=>1|bb.barracudacentral.org=>1|combined.njabl.org=>1|safe.dnsbl.sorbs.net=>1|psbl.surriel.com=>2|ix.dnsbl.manitu.net=>2|dnsbl-1.uceprotect.net=>2|dnsbl-2.uceprotect.net=>4.
DNSBL providers can be classified like bl.spamcop.net=>1. '1' is the most trustworthy class. '6' is the least trustworthy class. Numbers above 6 will be used as score directly. The value of the class acts as a divisor of rblValencePB. So if rblValencePB = 50 bl.spamcop.net=>1 would be the same as bl.spamcop.net=>50, bl.spamcop.net=>2 would be the same as bl.spamcop.net=>25. 
If the sum of scores surpasses rblValencePB, the DNSBL check fails. If not the DNSBL hit is scored. 
Default: file:files/dnsbls.txt 

-RBLmaxreplies (Maximum Replies) 
A reply is affirmative or negative reply from a DNSBL.
  The DNSBL module will wait for this number of replies (negative or positive) from the DNSBLs listed under Service Provider for up to the Maximum Time(RBLmaxtime).
  This number should be equal to or less than the number of DNSBL Service Providers listed to allow for randomly unavailable DNSBLs.

 
Default: 13 

-RBLmaxhits (Maximum Hits) 
A hit is an affirmative response from a DNSBL.
  The DNSBL module will check all of the DNSBLs listed under Service Provider. If the number of hits is greater or equal Maximum Hits, the email is flagged Failed. If the number of hits is greater 0 and less Maximum Hits, the email is flagged Neutral. Note: This is legacy and not used when the Service Providers are classified. 
Default: 2 

-RBLmaxtime (Maximum Time) 
This sets the maximum time in seconds to spend on each message performing DNSBL checks. Default is 10. 
Default: 10 

-RBLsocktime (Socket Timeout) 
This sets the DNSBL socket read timeout in seconds. 
Default: 1 

-ForceRBLCache (Early DNSBL Cache Blocking) 
If set and ValidateRBL is enabled, ASSP will use cached DNSBL hits to block messages before  Delaying. Note: rblTestMode or allTestMode will disable the early execution.  

-RBLCacheExp (DNSBL Expiration Time) 
IPs in cache will be removed after this interval in hours. 0 will disable the cache. 
  Notes On DNSBL
   
Default: 24 

------   URIBL   -----------------------------------------------

-ValidateURIBL (Enable URI Blocklist Validation ) 
Enable URI Blocklist. Messages that fail URIBL validation will receive URIBLError SMTP error code. This requires an installed  module in PERL. 
   Scoring is done  with uriblValencePB, testmode is set with uriblTestMode. 
Default: block 

-URIBLLog (Enable URIBL logging) 
 
Default: standard 

-URIBLWL (Do URI Blocklist Validation for Whitelisted) 
URIBL check is done ignoring all spamlovers and testmodes!  

-URIBLNP (Do URI Blocklist Validation for NoProcessing) 
URIBL check is done ignoring all spamlovers and testmodes!  

-URIBLLocal (Do URI Blocklist Validation for Local Mails) 
  

-URIBLISP (Do URI Blocklist Validation for ISP/Secondary) 
 
Default: On 

-URIBLCCTLDS (URIBL Country Code TLDs*) 
List of  used to determine the base domain of the uri. Two level TLDs will be checked on third level, third level TLDs will be checked on fourth level. Any not listed domain will be checked in level two. 
Default: file:files/URIBLCCTLDS.txt 

-URIBLmaxuris (Maximum URIs) 
More than this number of URIs in the body will increase scoring with uribleValencePB. Enter 0 to disable feature.  

-URIBLmaxdomains (Maximum Unique Domain URIs) 
More than this number of unique domain URIs in the body will increase scoring with uribleValencePB. Enter 0 to disable feature.  

-URIBLServiceProvider (URIBL Service Providers*) 
Domain Names of URIBLs to use. It is possible to specify a weight value after '=>' , in this case this value will be used as hit value (see URIBLmaxhits ) for this service provider, for example multi.surbl.org=>1.5 . Default is: multi.surbl.org|black.uribl.com|uribl.swinog.ch 
Default: multi.surbl.org|black.uribl.com|uribl.swinog.ch 

-URIBLmaxreplies (Maximum Replies) 
A reply is affirmative or negative reply from a URIBL.
   The URIBL module will wait for this number of replies (negative or positive) from the URIBLs listed under Service Provider
   for up to URIBLmaxtime. This number should be equal to or less than the number of URIBL Service Providers
   listed to allow for randomly unavailable URIBLs. 
Default: 3 

-URIBLmaxhits (Maximum Hits) 
A hit is an affirmative response from a URIBL.
   The URIBL module will check all of the URIBLs listed under Service Provider,
   and flag the email with a URIBL failure flag if more than this number of URIBLs return a postive blacklisted response.
   This number should be less than or equal to URIBLmaxreplies and greater than 0.
   If the number of hits is greater or equal URIBLmaxhits, the email is flagged failed.
   If the number of hits is greater 0 and less URIBLmaxhits, the email is flagged neutral. 
Default: 1 

-URIBLmaxtime (Maximum Time) 
This sets the maximum time in seconds to spend on each message performing URIBL checks. 
Default: 10 

-URIBLsocktime (Socket Timeout) 
This sets the URIBL socket read timeout in seconds. 
Default: 1 

-URIBLwhitelist (Whitelisted URIBL Domains*) 
This prevents specific domains from being checked by URIBL module. For example:files/uriblwhite.txt. 
Default: file:files/uriblwhite.txt 

-noURIBL (Dont Check Messages from these Addresses*) 
Don't validate URIBL when messages come from these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). For example: fribo@thisdomain.com|jhanna|@sillyguys.org  

-AddURIBLHeader (Add X-Assp-Received-URIBL Header) 
Add X-Assp-Received-URIBL header to messages with positive reply from URIBL. 
Default: On 

-URIBLCacheExp (URIBL Cache Refresh Interval for Hits) 
Domains in cache will be removed after this interval in hours. Empty or 0 will disable the cache.  
Default: 24 

-URIBLCacheExpMiss (URIBL Cache Refresh Interval for Misses) 
Domains in cache with status=2 (miss) will be removed after this interval in hours. Empty or 0 will prevent caching of non-hits.  
Default: 12 

-URIBLError (Reply Code to Refuse Messages Failed by URIBL ) 
SMTP reply code to refuse failed URIBL message. The literal URIBLNAME (case sensitive) is replaced by the names of URIBLs with negative response.Notes On URIBL
 
Default: 554 5.7.1 Blacklisted by URIBLNAME - contact postmaster@LOCALDOMAIN for resolution. 

------   Attachment Blocking   -----------------------------------------------

-DoBlockExes (Attachment Blocking ) 
Note:Attachment checking will only be done if Email::MIME::Modifier is installed. Scoring is done  with baValencePB, testmode is set with attachTestMode.  

-AttachmentLog (Enable Attachment logging) 
 
Default: standard 

-BlockExes (External Attachment Blocking Level ) 
Set the level of Attachment Blocking to 1-3 for attachments that should be blocked, set level to 4  for attachments that should be allowed. Choose 0 for no attachment blocking.  

-BlockWLExes (Whitelisted Attachment Blocking) 
Set the level of Attachment Blocking to 0-4 for whitelisted senders. Choose 0 for no attachment blocking.  

-BlockLCExes (Local Attachment Blocking) 
Set the level of Attachment Blocking to 0-4 for local senders. Choose 0 for no attachment blocking.  

-BlockNPExes (NoProcessing Attachment Blocking) 
Set the level of Attachment Blocking to 0-4 for noprocessing messages. Choose 0 for no attachment blocking.   

-BadAttachL1 (Level 1 rejected File Extensions) 
This regular expression is used to identify Level 1 attachments that should be blocked.
  Separate entries with a pipe |. The dot . is assumed to precede these, so don't include it. For example: ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse|lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws[cfh] 
Default: exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|cmd|com|ht[ab] 

-BadAttachL2 (Level 2 rejected File Extensions) 
This regular expression is used to identify Level 2 attachments that should be blocked.
  Level 2 already includes all rejected extensions from Level 1.  For example: (ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse|lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws[cfh]).zip  

-BadAttachL3 (Level 3 rejected File Extensions) 
This regular expression is used to identify Level 3 attachments that should be blocked.
  Level 3 includes Level 2 and Level 1. For example: zip|url  

-GoodAttach (Level 4 Allowed File Extensions) 
This regular expression is used to identify  attachments that should be allowed. All others are blocked. Separate entries with a pipe |. The dot . is assumed to precede these, so don't include it. For example: ai|asc|bhx|dat|doc|docx|eps|gif|htm|html|ics|jpg|jpeg|hqx|od[tsp]|pdf|ppt|rar|rpt|rtf|snp|txt|xls|zip  

-AttachmentError (Reply Code to Refuse Rejected Attachments) 
The literal FILENAME (case sensitive) will be replaced with the name of the blocked attachment! 
Default: 550 5.7.1 These attachments are not allowed -- Compress before mailing. 

-BlockUuencoded (Refuse Uuencoded Mails) 
 
Default: On 

-UuencodedError (Reply to Refuse Uuencoded Mails) 
For example: 554 5.7.1 This mail is uuencoded and will be blocked
 Notes On Attachment Blocking 
Default: 554 5.7.1 This message is uuencoded and will be blocked.  

------   ClamAV and FileScan    -----------------------------------------------

-ScanLog (Enable Virus Check logging) 
 
Default: standard 

-noScan (Do Not Scan Messages from/to these Addresses*) 
Accepts 
specific addresses (user@example.com), user parts (user) or entire 
domains (@example.com).  

-noScanIP (Do Not Scan Messages from these IPs*) 
Enter IP addresses that you don't want to be scanned for virus , separated by pipes (|). For example: 145.145.145.145|145.146.  

-ScanWL (Scan Whitelisted Senders) 
 
Default: On 

-ScanNP (Scan NoProcessing Messages) 
  

-ScanLocal (Scan Local Senders) 
  

-ScanCC (Scan Copied Spam Mails) 
  

-AvError (Reply Code to Refuse Infected Messages) 
Reply
code to refuse infected messages. The string INFECTION is replaced with
the name of the detected virus.  For example: 554 5.7.1 Mail appears
infected with INFECTION -- disinfect and resend. 
Default: 554 5.7.1 Mail appears infected with INFECTION. 

-EmailVirusReportsTo (Send Virus Report To This Address) 
If set an email containing the Message ID, Remote IP, Message 
Subject, Sender email address, Recipient email address, and the virus 
detected will be sent to this address. For example: 
admin@example.com  

-EmailVirusReportsHeader (Add Full Header To Virus Report To Mail Address Above) 
If set the full message 
headers will also be added to Virus Reports.  

-EmailVirusReportsToRCPT (Send Virus Report To Recipient) 
If set the intended 
recipient of the message will be sent a copy of the Virus Report. 
<input type="button" value=" Edit virusreport.txt file" 
onclick="javascript:popFileEditor('reports/virusreport.txt',2);" 
/>  

-UseAvClamd (Use ClamAV) 
If activated, the message is checked by ClamAV, this requires an installed
  File::Scan::ClamAV Perl module and a running Clamd . The viruses will
  be stored in a special folder if the SpamVirusLog is set to 
'quarantine' and the
  filepath to the viruslog is set. Scoring is done  using vdValencePB.  

-modifyClamAV (Modify ClamAV Module) 
If set ClamAV modules ping and streamscan are modified. This may be disabled to use the original modules. NOTE: Changing this  requires ASSP restart 
Default: On 

-AvClamdPort (Port or file socket for ClamAV) 
A socket specified in the clamav.conf file (located for example in /etc/clamav/clamd.conf) - LocalSocket. For example tmp/clamd.socket, tmp/clamd or /var/run/clamav/clamd.ctl. If the socket has been setup as a TCP/IP socket (see the TCPSocket option in the clamav.conf file), then specify the TCP socket. For example: 3310  
Default: tmp/clamd.socket 

-ClamAVBytes (Scan Bytes) 
The number of bytes per message that will be scanned for virus and 
attachment blocking. Normally ASSP looks only at MaxBytes of a message. Values of 100000 or larger are not recommended. 
Default: 50000 

-ClamAVtimeout (ClamAV Timeout) 
ClamAV will timeout after this many seconds. default: 10 
seconds. 
Default: 10 

-NoScanRe (Skip ClamAV Regular Expression*) 
Put anything here to identify messages which should not be checked 
for viruses.  

-SuspiciousVirus (No-Blocking Virus Scan Scoring Regex**) 
If a ClamAV or FileScan result matches this expression it will be scored with the suspicious virus score (vsValencePB) and the message will not be blocked. For example: UNOFFICIAL
 It is possible to weight such results. Every weighted regex that contains at least one '|' has to begin and end with a '~' - inside such regexes it is not allowed to use a '~', even it is escaped - for example:  ~abc\~|def~=>23 or ~abc~|def~=>23. Every weighted regex has to be followed by '=>' and the weight value. For example: Phishing\.=>1.45The multiplication result of the weight and vsValencePB  will be used for scoring, if the absolute value of weight is less or equal 6. Otherwise the value of weight is used for scoring.  

-DoFileScan (Use File System Virus Scanner) 
If activated, the message is written to a file inside the 
'FileScanDir' with an extension of 'maillogExt'. After that ASSP 
will call 'FileScanCMD' to detect if the temporary file is infected 
or not. The temporary created file(s) will be removed.
  The viruses will be stored in a special folder if the SpamVirusLog 
is set to 'quarantine' and the filepath to the viruslog is set.  

-FileScanWL (Scan Whitelisted Senders) 
 
Default: On 

-FileScanNP (Scan NoProcessing Messages) 
 
Default: On 

-FileScanLocal (Scan Local Senders) 
  

-FileScanDir (File Scan Directory) 
Define the full path to the directory where the messages are 
temporary stored for the file system virus scanner. This could be any 
directory inside your file system. The running ASSP process must have 
full permission to this directory and the files inside! For defining any full filepathes, always use slashes ("/") not backslashes.  
Default: /Applications/assp/virusscan 

-FileScanCMD (File Scan Command) 
ASSP will call this system command and expects a returned string 
from this command. This returned string is checked against 
'FileScanBad' and/or 'FileScanGood' to detect if the message is 
OK or not! If the file does not exists after the command call, the 
message is consider infected. ASSP expects, that the file scan is 
finished when the command returns!
   The literal 'FILENAME' will be replaced by the full qualified 
file name of the temporary file.

   The literal 'FILESCANDIR' will be replaced with the value of 
FileScanDir.
   All outputs of this command to STDERR are automatic redirected to 
STDOUT.
   FileScan will not run, if FileScanCMD is not specified.
   If you have your online/autoprotect file scanner configured to 
delete infected files inside the 'FileScanDir', define 'NORUN' in 
this field! In this case FileScanGood and FileScanBad are ignored. If 
there is a need to wait some time for the autoprotect scanner, write 
'NORUN-dddd', where dddd are the milliseconds to wait!
   Depending on your operating system it may possible that you have to 
quote (' or ") the command, if it contains whitespaces. The replaced 
file name will be quoted by ASSP if needed. For example: 'd:\utility\touch.exe FILENAME' 
Default: NORUN 

-FileScanBad (RegEx to Detect BAD in Returned String*) 
Put anything here to identify bad messages by the string returned 
from the FileScanCMD. If this regular expression matches, the message 
is considered infected.  

-FileScanGood (RegEx to Detect GOOD in Returned String*) 
Put anything here to identify good messages by the string returned 
from the FileScanCMD. If this regular expression matches and 
'FileScanBad' does not, the message is considered not infected.  

-FileScanRespRe (FileScan Reponds Regex) 
A regular expression that will be used over the text returned from 
the FileScanCMD. The result of this regex is used as virus name 
($infection) in AvError. For example: infected by (.+)
  Notes On Virus Checks<input 
type="button" value="Notes" 
onclick="javascript:popFileEditor('notes/viruscheck.txt',3);" 
/>  

------   Regex / Bombs   -----------------------------------------------

-BombLog (Enable Bomb logging) 
 
Default: standard 

-DoBlackRe (Use Black Regular Expression to Identify Spam) 
Each incoming message is checked  against the BlackRe. Scoring is done  with blackValencePB - the scoring value is the sum of all valences(weights) of all found blackRe(s), testmode is set with blackTestMode.  
Default: block 

-blackRe (BlackRe - Regular Expression to Identify Spam ** ) 
If an incoming email matches this Perl regular expression it will be considered spam depending of blackReMaxHits or total weighted score. As all fields marked with two asterisk (**) this  regular expressions (regex) can accept a second weight value. Every weighted regex has to be followed by '=>' and the weigth value. If a weighted regex contains at least one '|' it has to be escaped with a '~' - inside such regexes it is not allowed to use a '~', even it is escaped - for example:  ~pre\-?qualif(y|ied)~=>0.5. 
Default: file:files/blackre.txt 

-blackReMaxHits (Maximum Hits in blackRe) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB. 
Default: 1 

-blackReWL (Do Black Regular Expressions Checks for Whitelisted) 
  

-blackReNP (Do Black Regular Expressions Checks for NoProcessing) 
 
Default: On 

-blackReLocal (Do Black Regular Expressions Checks for Local Messages) 
  

-blackReISPIP (Do Black Regular Expressions Checks for ISPIP) 
 
Default: On 

-DoBombSenderRe (Use BombSender Regular Expressions on Envelope) 
If activated, each message-envelope (IP,Helo,Mail From) is checked  against bombSenderRe. Scoring is done  with bombValencePB, testmode is set with bombheaderTestMode. 
Default: block 

-bombSenderRe (Regular Expression to Identify Spam in Envelope *) 
Expression to identify mailfrom,ip and helo. 
Default: emailserver3.com 

-DoBombHeaderRe (Use Header Regular Expressions ) 
If activated, each message-header is checked  against bombHeaderRe. Scoring is done  with bombValencePB, testmode is set with bombheaderTestMode. 
Default: block 

-bombHeaderReMaxHits (Maximum Hits in bombHeaderRe(s)) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB. 
Default: 2 

-bombHeaderRe (Regular Expression to Identify Spam in Header Part**) 
Header will be checked against this Regex if DoBombHeaderRe is enabled.  
Default: \\d\\s+(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\\s+\\d\\d\\d\\d\\s+\\d\\d:\\d\\d(:\\d\\d)?\\s+[+\\-]\\d\\d[6-9]\\d 

-DoBombSubjectRe (Use Subject Regular Expression on Subject) 
If activated, each message subject is checked  against bombSubjectRe. Scoring is done  with bombValencePB, testmode is set with bombheaderTestMode. 
Default: block 

-bombSubjectRe (Regular Expression to Identify Spam in Subject**) 
Subject will be checked against this Regex if DoBombSubjectRe is enabled. 
Default: file:files/subjectre.txt 

-bombSubjectReMaxHits (Maximum Hits in bombRe) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB. 
Default: 3 

-DoBombCharSets (Check Header with Foreign Charsets RegEx) 
If activated, each message header is checked  against bombCharSets.  
Default: score 

-bombCharSets (Regular Expression to Identify Foreign Charsets** ) 
Header will be checked against this Regex if DoBombCharSets is enabled. A weight can be assigned. For example: charset=.?BIG5|charset=.?CHINESEBIG|charset=.?GB2312|charset=.?KS_C_5601|charset=.?KOI8=>0.5|charset=.?EUC-KR|charset=.?ISO-2022|charset=.?CP1251.  
Default: charset=.?BIG5|charset=.?CHINESEBIG|charset=.?GB2312|charset=.?KS_C_5601|charset=.?KOI8 =&gt;0.5|charset=.?EUC-KR|charset=.?ISO-2022|charset=.?CP1251 

-bombSuspiciousRe (Regular Expression to Score Blackish and/or Whitish Expressions**) 
Put here anything which might be suspicious (blackish) or trustworthy (whitish). bombSuspiciousValencePB will be used to increase/decrease the total score.  Trustworthiness (whitish) will be assigned by using a negative weight.  For example:news=>-1|no-?reply=>-0.5|passwor=>-0.7 
Default: news=&gt;-1|no-?reply=&gt;-0.5|passwor=&gt;-0.7 

-bombSuspiciousReMaxHits (Maximum Hits in Suspicious Regular Expression) 
Number of matches to be scored.  
Default: 2 

-DoBombRe (Use Bomb Regular Expressions) 
If activated, each message is checked  against BombRaw and BombData Regular Expressions. Scoring is done  with bombValencePB - the scoring value is the sum of all valences(weights) of all found bombRe(s), testmode is set with bombTestMode.
   
Default: block 

-bombRe (BombRaw Regular Expression for Header and Data Part**) 
Header and Data will be checked against this Regular Expression if DoBombRe is enabled.  For example:IMG [^>]*src=['&quot;]cid|<BODY[^>]*>(<[^>]+>|\n|\r)*<IMG[^>]+>(<[^>]+>|\n|\r)*</BODY> or place them in a plain ASCII file one address per line: file:files/bombre.txt 
Default: file:files/bombre.txt 

-bombReMaxHits (Maximum Hits in bombRe) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB. 
Default: 2 

-bombDataRe (BombData Regular Expression for Data Part**) 
Data part will be checked against this Regular Expression if DoBombRe is enabled. For example:IMG [^>]*src=['&quot;]cid|<BODY[^>]*>(<[^>]+>|\n|\r)*<IMG[^>]+>(<[^>]+>|\n|\r)*</BODY> or place them in a plain ASCII file one address per line: file:files/bombdatare.txt  

-bombDataReMaxHits (Maximum Hits) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB. 
Default: 2 

-bombReWL (Do Bomb/Script Regular Expressions Checks for Whitelisted) 
  

-bombReNP (Do Bomb/Script Regular Expressions Checks for NoProcessing) 
  

-bombReLocal (Do Bomb/Script Regular Expressions Checks for Local Messages) 
  

-bombReISPIP (Do Bomb/Script Regular Expressions Checks for ISPIP) 
 
Default: On 

-bombMaxPenaltyVal (Maximum Penalty on Regex Match per Mail per Check) 
Depending on the configuration, it could be possible that a message gets a very high penalty value on a regex-check. This value limits the maximum penalty per check. 
Default: 70 

-maxBombSearchTime (Maximum time spend on Regex Search) 
Maximum time in seconds that is spend on  regex check. This time check is done, after every found regex. So it is possible that the regex search takes longer as the defined value, if no match is found or a single search takes more time. Default is 5. 
Default: 5 

-noBombScript (Dont Check Messages from these Addresses*) 
Don't detect spam bombs or scripts in messages from these addresses. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  

-DoTestRe (Do Test Regular Expression) 
If activated, each message is checked  against the Test Regular
  Expression below. This provides a way to test regex strings on live mail.  

-testRe (Test Regular Expression**) 
  

-DoScriptRe (Use Regular Expression to Identify Mobile Scripts) 
Each message is checked  against the Expression to Identify Mobile Scripts. Scoring is done  with scriptValencePB, testmode is set with scriptTestMode.  

-scriptRe (Regular Expression to Identify Mobile Scripts**) 
Spam emails may contain mobile scripting code, eg activex and java. You can use this feature to block those messages.For example: \<applet|\<embed|\<iframe|\<object|\<script|onmouseover|javascript:  

-scriptReMaxHits (Maximum Hits in scriptRe) 
The matching stops after this many hits and the total score will be used to determine if the message will be blocked or scored. The message will be scored if the total score is below bombValencePB.  

-bombError (Spam Bomb Error) 
SMTP error message to reject spam bombs. If empty SpamError will be used. The literal LOCALDOMAIN will be replaced by the recipient domain or defaultLocalHost. SESSIONID will be replaced by the unique ASSP identifier. REASON will be replaced by the actual reason.Notes On Bomb Regex 
Default: 554 5.7.1 Mail (SESSIONID) appears to be unsolicited - REASON - contact postmaster@LOCALDOMAIN for resolution 

------   Bayesian Options    -----------------------------------------------

-BayesianLog (Enable Bayesian Logging) 
Enables verbose logging of  Bayesian checks in the maillog. 
Default: standard 

-DoBayesian (Bayesian Check ) 
If activated, the message is checked  based on Bayesian factors in Spamdb. This needs a fully functional spamdb built by rebuildspamdb.pl. For starters it is best practice  to put this inactiv and built the spamdb collection with the help of DSNBL ,URIBL and spamaddresses.
disabled - do nothing
block - reject the message (if not addressed to spamlover)
monitor - pretend its running (with logging), but don't actually score and block messages
score - don't block outright, add score value with baysValencePB 
Testmode is set with baysTestMode  
 
Default: score 

-BayesWL (Bayesian Check on Whitelisted Senders) 
  

-BayesNP (Bayesian Check on NoProcessing Messages) 
  

-BayesLocal (Bayesian Check on Local Senders) 
  

-BayesMaxProcessTime (Bayesian Check Timeout ) 
The Bayesian Checks are the most memory and CPU consuming tasks that ASSP is doing on a message. If such tasks running to long on one message, other messages could run in to SMTPIdleTimeout. Define here the maximum time in seconds that ASSP should spend on Bayesian Checks for one message. Default is 60. 
Default: 60 

-noBayesian (Skip Bayesian Check*) 
Mail from/to any of these addresses are ignored by Bayesian check, mails will not be stored in spam/notspam collection. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (user*@example.com)  

-baysTestModeUserAddresses (Bayesian Testmode User Addresses*) 
These users are in testmode ( mark subject only ) for bayesian spam, even with testmode off  

-AddSpamProbHeader (Add Bayes Probability Header) 
Adds a line to the email header "X-Assp-Spam-Prob: 0.0123" Probability ranges from 0 to +1 where > 0.6 = spam.
  Notes On Bayesian
    

------   Block Reporting   -----------------------------------------------

-ReportLog (Enable Report logging) 
 
Default: verbose 

-EmailBlockReport (Request Block Report) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to get a report about blocked emails. Do not put the full address here, just the user part. For example: asspblock Leading digits/numbers in the mail subject will be interpreted as "report request for the last number of days". If the number of days is not specified in the mail subject, a default of 5 days will be used to build the report. Users defined in EmailBlockTo, EmailAdmins and EmailAdminReportsTo are 'Admins' and can request a report for multiple users. They have to use a special syntax with '=>' in the body of the report request. The syntax is: 
 QueryAddress=>ReportRecipient=>ReportDays  -  there are many possible combinations of this three parameters. For example:
 user@domain and user@domain=>user@domain - will send a report for this user to this user
 *@domain (better use) *@domain=>* - will send a report for every blocked user in this domain to this user
 user@domain=>recipient@any-domain - will send a report for user@domain to recipient@any-domain
 *@domain=>recipient@any-domain - will send a report for every blocked user in this domain to recipient@any-domain
 A third parameter is possible to set, which defines the number of days for which the report should be created. The default (if empty or not defined) is one day. This value is used to calculate the 'next run date'. For example:
 *@domain=>recipient@any-domain=>2 - creates a report for two days.
 *@domain=>*=>14 - creates a report for 14 days.
 user@domain=>=>3 or user@domain=>*=>3 - creates a report for three days. The second parameter is here empty or *.The perl modules 
  are required to use this feature.
 ASSP local logging (asspLog) must be enabled!.
  
  
   
Default: asspblock 

-EmailBlockReportDomain (Request Blocked Email Domain) 
Set this to the domain to which the users can send a request to receive blocked messages. For example: @assp.local. 
Default: @assp.local 

-EmailBlockReply (Reply to Block-Report Request) 
 
Default: REPLY TO SENDER 

-QueueUserBlockReports (Queue User Block Report Requests) 
How to process block report requests for users (not EmailBlockTo, EmailAdmins, EmailAdminReportsTo).
  'run instantly' - the request will be processed instantly (not stored).
  'store and run once at midnight' - the request will be stored/queued, runs at QueueSchedule, and will be removed from queue after that

 'store and run scheduled' - the request will be stored/queued, runs permanently scheduled at BlockReportSchedule until it will be removed from queue - a '+' in the subject is not needed
  'run delayed' - the request will be stored and  processed during the next minutes
  To add a request to queue the user has to send an email to EmailBlockReport. Leading digits/numbers in the mail subject will be interpreted as "report request for the last number of days". If the number of days is not specified in the mail subject, a default of 5 days will be used to build the report.
  If 'run instantly','run delayed' or 'store and run once at midnight' is selected, but a user wants to schedule a permanent request, a leading '+' before the digits in subject is required.
  To remove a request from queue the user has to send an email to EmailBlockReport with a leading '-' in the subject.
   
Default: run delayed 

-QueueSchedule (Runtime for Queued Requests) 
Runtime hour for reports in QueueUserBlockReports. Set a number between 0 and 23. 0 means midnight and is default  

-BlockRepForwHost (Forward The Blockreportrequest to other ASSP) 
If you are using more than one ASSP (backup MX), define the IP:relayPort of the other ASSP here (separate multiple entries by "|"). The Blockreportrequest will be forwarded to this ASSP and the user will get a blockreport from every ASSP. The perl module  is required to use this feature.  

-EmailBlockTo (Send Copy of Block-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-BlockReportFile (File for Blockreportrequest) 
A file with BlockReport requests. ASSP will generate a block report for every line in this file (file:reports/blockreportfile.txt - file: is required if defined!) every day at midnight for the last day. The perl modules  are required to use this feature. A report will be only created, if there is at least one blocked email found! The syntax is: 
 QueryAddress=>ReportRecipient=>ReportDays  -  there are many possible combinations of this three parameters. For example:
 user@domain and user@domain=>user@domain - will send a report for this user to this user
 *@domain (better use) *@domain=>* - will send a report for every blocked user in this domain to this user
 *@* - creates a report for all local users in all local domains
 user@domain=>recipient@any-domain - will send a report for user@domain to recipient@any-domain
 *@domain=>recipient@any-domain - will send a report for every blocked user in this domain to recipient@any-domain
 A third parameter is possible to set, which defines the number of days for which the report should be created. The default (if empty or not defined) is one day. This value is used to calculate the 'next run date'. For example:
 *@domain=>recipient@any-domain=>2 - creates a report for two days.
 *@domain=>*=>14 - creates a report for 14 days.
 user@domain=>=>3 or user@domain=>*=>3 - creates a report for three days. The second parameter is here empty or *!
 Only Admins are able to request blockreports for non local email addresses. For example:
 user@non_local_domain=>recipient@any-domain=>4
 *@non_local_domain=>recipient@any-domain=>4
 This will result in an extended blockreport for the non local address(es). 
Default: file:reports/blockreportfile.txt 

-BlockReportSchedule (Runtime BlockReportFile) 
Runtime hour for reports in BlockReportFile. Set a number between 0 and 23. 0 means midnight and is default.  

-BlockReportNow (Generate a BlockReport from BlockReportFile Now) 
If selected, ASSP will generate a block report from BlockReportFile now. &nbsp;  

-BlockMaxSearchTime (Max Search time per log File) 
The maximum time in seconds, the Blockreport feature spends on searching in one log file. If this value is reached, the next log file will be processed. Default is 0. A value of 0 disables this feature and all needed log files will be fully processed.  

-BlockReportFormat (The format of the Report Email) 
Block reports will be sent as multipart/alternative MIME messages. They normaly contains two parts, a plain text part and a html part. Select "text only" or "html only" if you want to skip any of this parts.
  To make it possible to detect a resent email, ASSP will add a header line "X-Assp-Resend-Blocked: myName" to each email! 
Default: text only 

-BlockReportHTTPName (My HTTP Name) 
The hostname for HTTP(S) links in AdminUsers Blockreports. If not defined the local hostname will be used.  

-BlockReportFilter (Regular Expression to Skip Log Records*) 
Put anything here to identify messages which should not be reported. For example:  \[Virus\]|\[BlackDomain\]  

-inclResendLink (Include a Resend-Link for every resendable email) 
Block reports will be sent as multipart/alternative MIME messages. They contains two parts, a plain text part and a html part. If a blocked email is stored in any folder, it is possible to include a link for each email in to the report. Define here what you want ASSP to do. Default is "in both". Note: File name logging (fileLogging) must be on! The perl module  is required to use this feature. 
Default: in both 

-BlockResendLink (Which Link Should be included) 
If HTML is enabled in inclResendLink, two links (one on the left and one on the right site) will be included in the report email by default. Depending on the used email clients it could be possible, that one of the two links will not work for you. Try out what link is working and disable the other one, if you want.  

-BlockResendLinkLeft (User which get the Left link only* ) 
List of users and domains that will get the left link only. The setting for BlockResendLink will be ignored for this entries!  

-BlockResendLinkRight (User which get the right link only* ) 
List of users and domains that will get the right link only. The setting for BlockResendLink will be ignored for this entries!  

-DelResendSpam (Delete Mails in Spam Folder) 
If selected, an user request to resend a blocked email will delete the file in the spamlog folder - an admin request will move the file to the correctednotspam folder. 
Default: On 

-autoAddResendToWhite (Automatic add Resend Senders to Whitelist) 
If a resend request is made by any of the selected users, the original sender of the resent mail will be added to whitelist.
  Notes On Block Reporting
    

------   Email Interface    -----------------------------------------------

-EmailInterfaceOk (Enable Email Interface ) 
Checked means that you want ASSP to intercept and parse mail to the following usernames at any domain which is listed in localDomains. You can use 'assp.local' because it is automatically a local domain. This requires an installed  module in PERL. 
Default: On 

-EmailAdminReportsTo (Admin Mail Address) 
If set internal warnings/infos  will be sent to this address. For example: admin@domain.com  

-EmailFrom (From Address for Reports) 
Email sent from ASSP acknowledging your submissions will be sent from this address. For example:  
Default: &lt;postmaster@assp.local&gt; 

-EmailHelp (Help Address) 
Any mail sent by local/authenticated users to this username will be interpreted as a request for help. Do not put the full address here, just the user part. For example: assphelp. The user would then send to assphelp@assp.local.
   
Default: assphelp 

-EmailAdmins (Authorized Addresses* ) 
Mail from any of these addresses can add/remove to/from redlist, spamlovers, noprocessing. May request an EmailBlockReport for a list of users. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com)  

-EmailSenderOK (Accept Emails (Reports) from these external addresses*) 
Allow these external domains/addresses to report to the email
interface (NOT RECOMMENDED). The reply address for the reports must be set to a local one.  By default, ASSP only accepts reports from local or authenticated users. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com)  

-EmailSenderNotOK (Not Authorized Addresses* ) 
Mail from any of these addresses are not accepted from Email Interface. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). For example: fribo@example.com|jhanna|@example.org or place them in a plain ASCII file one address per line:'file:files/emailsendernotok.txt'  

-EmailSpam (Report Spam Address) 
Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a spam report. Do not put the full address here, just the user part.
   For example: assp-spam . Use a fake domain like @assp.local when you send the email- so the full address would be then assp-spam@assp.local. You can sent multiple emails as attachments. Each attached email-file must have the extension defined in "maillogExt". In this case only the attachments will be processed. Multiple attachments get truncated to MaxBytesReports. To use this multi-attachment-feature an installed  module in PERL is needed.
   
Default: assp-spam 

-EmailHam (Report Ham (Not-Spam) Address) 
Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a false-positive report. Do not put the full address here, just the user part.
   For example: assp-notspam . Use a fake domain like @assp.local when you send the email - so the full address would be then assp-notspam@assp.local. You can sent multiple emails as attachments. Each attached email-file must have the extension defined in "maillogExt". In this case only the attachments will be processed. Multiple attachments get truncated to MaxBytesReports. To use this multi-attachment-feature an installed  module in PERL is needed.
   
Default: assp-notspam 

-MaxBytesReports (Error Max Bytes) 
How many bytes of an error report (EmailHam, EmailSpam) will ASSP look at. For example: 20000. 
Default: 20000 

-EmailErrorsReply (Reply to Spam/Not-Spam Reports) 
 
Default: REPLY TO SENDER 

-EmailErrorsTo (Send Copy of Spam/Ham-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailErrorsModifyWhite (Combined Spam/Ham Report and Whitelist Check) 
If set to 'modify whitelist' Ham Reports will add addresses to the Whitelist, Spam Reports will remove addresses from the Whitelist. If set to 'show whitelist' Spam Reports will show if addresses are whitelisted. 
Default: modify whitelist 

-EmailErrorsModifyNoP (Combined Spam Report and NoProcessing Deletion) 
If set to 'modify noProcessing' Spam Reports will remove addresses from noProcessing list. If set to 'show noProcessing' Spam Reports will show if addresses are on noProcessing list. 
Default: modify noprocessing 

-EmailWhitelistAdd (Add to Whitelist Address) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to add addresses to the whitelist. Do not put the full address here, just the user part. For example: assp-white
   
Default: assp-white 

-EmailWhitelistRemove (Remove from Whitelist Address) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to remove addresses from the whitelist. Do not put the full address here, just the user part. For example: assp-notwhite
   
Default: assp-notwhite 

-EmailWhiteRemovalAdminOnly (Allow  Whitelist Removals for Admins only ) 
Only the users defined in EmailWhitelistTo, EmailAdmins and EmailAdminReportsTo are able to remove addresses from the whitelist.  

-EmailWhitelistReply (Reply to Add to/Remove from Whitelist) 
 
Default: REPLY TO SENDER 

-EmailWhiteRemovalToRed (Add  Whitelist Removals To Redlist ) 
Addresses which are removed from Whitelist via EmailWhitelistRemove will automatically be added to the Redlist. The address can only be added again to the Whitelist after it is removed from the Redlist.  

-EmailWhitelistTo (Send Copy of Whitelist-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailRedlistAdd (Add to Redlist Address) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to the redlist. Only the users defined in EmailRedlistTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body.  Do not put the full address here, just the user part. For example: assp-red.
   
Default: assp-red 

-EmailRedlistRemove (Remove from Redlist Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from the redlist. Only the users defined in EmailRedlistTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. 
  Do not put the full address here, just the user part. For example: assp-notred
   
Default: assp-notred 

-EmailRedlistReply (Reply to Add to/Remove from Redlist) 
 
Default: REPLY TO SENDER 

-EmailRedlistTo (Send Copy of Redlist-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailSpamLoverAdd (Add to SpamLover Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to spamLovers. Only the users defined in EmailSpamLoverTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. Do not put the full address here, just the user part. For example: assp-spamlover. To use this option, you have to configure spamLovers in a plain ASCII file one address per line: file:files/bombre.txt" !
   
Default: assp-spamlover 

-EmailSpamLoverRemove (Remove from SpamLover Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from spamLovers. Only the users defined in EmailSpamLoverTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. 
  Do not put the full address here, just the user part. For example: assp-notspamlover
   
Default: assp-notspamlover 

-EmailSpamLoverReply (Reply to Add to/Remove from SpamLovers) 
 
Default: REPLY TO SENDER 

-EmailSpamLoverTo (Send Copy of Spamlover-Change-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailNoProcessingAdd (Add to NoProcessing Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to add the sender address to the noProcessing addresses. Only the users defined in EmailNoProcessingTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. Do not put the full address here, just the user part. For example: assp-nop. To use this option, you have to configure noProcessing in a plain ASCII file one address per line: "file:files/noprocessing.txt" !
   
Default: assp-nop 

-EmailNoProcessingRemove (Remove from noProcessing Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to remove the sender address from noProcessing .
  Do not put the full address here, just the user part. Only the users defined in EmailNoProcessingTo, EmailAdmins and EmailAdminReportsTo are able to define a list of email addresses in the mail body. For example: assp-notnop. To use this option, you have to configure noProcessing in a plain ASCII file one address per line: "file:files/noprocessing.txt" !
   
Default: assp-notnop 

-EmailNoProcessingReply (Reply to Add to/Remove from noProcessing) 
 
Default: REPLY TO SENDER 

-EmailNoProcessingTo (Send Copy of NoProcessing-Change-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailBlackAdd (Add to BlackListed  Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to add to blackAddresses. Only the users defined in EmailAdmins and EmailAdminReportsTo are able to request an addition. Do not put the full address here, just the user part. For example: assp-black. To use this option, you have to configure blackAddresses in a plain ASCII file one address per line: "file:files/blackAddresses.txt" !
   
Default: assp-black 

-EmailBlackRemove (Remove from BlackListed Addresses) 
Any mail sent by local/authenticated users to this username will be interpreted as a request to remove from blackAddresses .
  Do not put the full address here, just the user part. Only the users defined in EmailAdmins and EmailAdminReportsTo are able to request an addition. For example: assp-notblack. To use this option, you have to configure blackAddresses in a plain ASCII file one address per line: "file:files/blackAddresses.txt" !
   
Default: assp-notblack 

-EmailBlackReply (Reply to Add to/Remove from BlackListed) 
 
Default: REPLY TO SENDER 

-EmailBlackTo (Send Copy of Black-Change-Reports TO) 
Email sent from ASSP acknowledging your submissions will be sent to this address. For example: admin@domain.com  

-EmailAnalyze (Request Analyze Report) 
Any mail sent or forwarded by local/authenticated users to this username will be interpreted as a request for analyzing the mail. Do not put the full address here, just the user part. For example: assp-analyze  
Default: assp-analyze 

-EmailAnalyzeReply (Reply to Analyze Request) 
 
Default: SEND TO SENDER 

-EmailAnalyzeTo (Send Copy of Analyze-Reports) 
A copy of the Analyze-Report will be sent to this address. For example: admin@domain.com  

-DoAdditionalAnalyze (Spam and Ham Reports will trigger an additional Analyze Report ) 
Additional Analyze Report will be generated for Spam and Ham Reports. Setting the TO Address accordingly and choosing EmailAnalyzeTo will send the Analyze Report to the admin only.  

-EmailAllowEqualSign (Allow = in Addresses) 
Allow '=' in addresses to be whitelisted or redlisted.  

-NoHaiku (Legacy: Dont reply to messages to the Email Interface) 
Check this option to suppress all email reports
  Notes On Email Interface
    

------   File Paths   -----------------------------------------------

-base (Directory Base) 
All paths are relative to this folder.
  Note: Display only. 
Default: . 

-spamlog (Spam Collection) 
The folder to save the collection of spam emails. This directory will be used in building the spamdb. For example: spam 
Default: spam 

-notspamlog (Not-spam Collection) 
The folder to save the collection of not-spam emails. This directory will be used in building the spamdb. For example: notspam 
Default: notspam 

-incomingOkMail (OK Mail) 
The folder to save non-spam (message ok). These are messages which are considered as HAM, but are not stored in the standard HAM folder because of our policy to use only confirmed HAM messages (whitelisted or local) for SpamDB. If you want to keep copies of ok mail then put in a directory name. This directory will not be used in building the spamdb. 
Default: okmail 

-discarded (Discarded Spam) 
The folder to save discarded spam-messages. These are Spam messages which are not stored for building the spamdb but for resending with an EmailBlockReport. If you want to keep copies of discarded Spam then put in a directory name. 
Default: discarded 

-viruslog (Attachment/Virus Collection) 
The folder to save rejected attachments and virii. Leave this blank to not save these files (default). If you want to keep copies of rejected content then put in a directory name. Note: you must create the directory. This directory will not be used in building the spamdb. For example: quarantine 
Default: quarantine 

-correctedspam (False-negative Collection) 
Spam that got through -- counts double. This directory will be used in building the spamdb. For example: errors/spam 
Default: errors/spam 

-correctednotspam (False-positive Collection) 
Good mail that was listed as spam, count 4x. This directory will be used in building the spamdb. For example: errors/notspam 
Default: errors/notspam 

-resendmail (try to resend this files) 
ASSP will try to resend the files in this directory to the original recipient. The files must have the "maillogExt" extension and must have the SMTP-format. ASSP will try to send every  file up to ten times (with 5 minutes delay). If the resend fails ten times, the file will be renamed to *.err, on success the file will be deleted!
For example: resendmail. This requires an installed  module in PERL. 
Default: resendmail 

-maillogExt (Extension for Mail Files) 
Enter the file extension (include the period) you want appended to the mail files in the mail collections. For Example: .eml 
Default: .eml 

-spamdb (Spam Bayesian Database File) 
The output file from rebuildspamdb.pl. Last Run Rebuildspamdb 
Default: spamdb 

-whitelistdb (E&lt;!--get rid of google autofill--&gt;mail Whitelist Database File) 
The file with the whitelist.
  Write "mysql" to use a MySQL table instead of a local file, in this case you need to edit the MySQL parameters starting with myhost. 
Default: whitelist 

-redlistdb (E&lt;!--get rid of google autofill--&gt;mail Redlist Database File) 
The file with the redlist.
  Write "mysql" to use a MySQL table instead of a local file, in this case you need to edit MySQL parameters starting with myhost. 
Default: redlist 

-ldaplistdb (LDAP Cache) 
The file with the LDAP-cache, see also LDAPShowCache and LDAPcrossCheckInterval. 
Default: ldaplist 

-ldapnotfounddb (LDAP Not Found Cache) 
The file with the LDAP-NotFound-Cache, see also LDAPShowNotFound. 
Default: ldapnotfound 

-delaydb (Delaying Database) 
The file with the delay database.Write "mysql" to use a MySQL table instead of a local file, in this case you need to edit the MySQL parameters starting with myhost. 
Default: delaydb 

-myhost (MySQL hostname or IP) 
You need <a
  href="http://search.cpan.org/~lds/Tie-DBI-1.02/lib/Tie/RDBM.pm"
  rel="external">Tie::RDBM to use MySQL instead of local files.
  This way you can share whitelistdb, delaydb and redlistdb between servers if "mysql" is written into their file-path.  

-mydb (MySQL database name) 
This database must exist before starting ASSP,
  necessary tables will be created automatically into this database  

-myuser (MySQL username) 
This user must have CREATE privilege on the configured database in order for tables to be created automatically  

-mypassword (MySQL password) 
  

-logfile (ASSP Logfile) 
Blank if you don't want a log file. Change it to maillog.log if you don't want auto rollover.
  NOTE: Changing this field requires restarting ASSP before changes take effect. 
Default: logs/maillog.txt 

-pidfile (PID File) 
Blank to skip writing a pid file. *nix users need pid files.
  Leave it blank in Windows. You have to restart the service before you get a pid file in the new location.Notes On File Path 
Default: pid 

------   Copy Spam/Ham   -----------------------------------------------

-sendAllSpam (Copy Spam and Send to this Address) 
ASSP will deliver a copy of spam emails to this address if the collection mode in the collection section is set to do so (eg. baysSpamLog ). For example: spammonitor@example.com. The address can be different depending on the recipient. The literal USERNAME (case sensitive) is replaced by the user part of the recipient, the literal DOMAIN (case sensitive) is replaced by the domain part of the recipient. For example: USERNAME@Spam.DOMAIN, USERNAME+Spam@DOMAIN, spammonitor@DOMAIN  

-ccSpamInDomain (Copy Spam and Send to this Address per Domain*) 
ASSP will deliver an additional copy of spam emails of a domain to this address - if the domain of the recipient-address is matched. For example: monitorspam@example1.com|monitor@example2.com.  

-sendAllDestination (Copy Spam SMTP Destination) 
Port to connect to when  Spam messages are copied. If blank they go to the main smtpDestination. eg "10.0.1.3:1025".  

-ccSpamFilter (Copy Spam to these Recipients Only*) 
Restricts Copy Spam to these recipients. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com).  

-ccSpamAlways (Copy Spam to these Recipients always*) 
Copy Spam to these recipients regardless of collection mode. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  Wildcards are supported (fribo*@example.com).  

-ccSpamNeverRe (Do Not Copy Spam Regular Expression*) 
Never Copy Spam regardless of collection mode. Put anything here to identify messages which should not be copied.  

-ccMaxScore (Do Not Copy Messages Above This MessageTotal score) 
Messages whose score exceeds this threshold will not be copied.  For example: 75  

-ccMaxBytes (Restrict Copy Spam to MaxBytes ) 
CCMail will cut off Spam mails, thereby reducing the load considerably (recommended). 
Default: On 

-spamSubjectCC (Prepend Spam Subject to Copied Spam) 
If set spamSubject gets prepended to the subject of the copied message.  

-spamTagCC (Prepend Spam Tag to Copied Spam) 
The check which caused the spam detection will be prepended to the subject of the message. For example: [DNSBL] 
Default: On 

-sendAllHamDestination (Copy HAM SMTP Destination) 
Port to connect to when  Ham messages are copied. If blank they go to sendAllDestination. eg "10.0.1.3:1025"  

-sendHamInbound (Copy Incoming Ham and Send to this Address) 
If you put an address in this box  ASSP will forward a copy of notspam messages from outside to this address. The literal USERNAME is replaced by the user part of the recipient, the literal DOMAIN is replaced by the domain part of the recipient. For example: archiv@example.com, USERNAME@mybackup.domain, catchallforthis@DOMAIN  

-sendHamOutbound (Copy Outgoing Ham and Send to this Address) 
If you put an address in this box ASSP will forward a copy of outgoing notspam messages to this address.  

-ccHamFilter (Copy Ham Filter*) 
Copy Not-Spam to these addresses only. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com).  

-ccnHamFilter (Do Not Copy Ham Filter*) 
Do Not Copy Ham to these addresses. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Wildcards are supported (fribo*@example.com).
Notes On CC Messages  

------   Collecting   -----------------------------------------------

-spamaddresses (Spam Collect Addresses* ) 
Mail to any of these addresses are always spam and will contribute to the spam-collection unless from someone on the whitelist. If you want to use invalid addresses readdress them using sendAllCollect. If sendAllCollect is empty sendAllSpam will be used. Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com). Scoring is done  using saValencePB.  

-sendAllCollect (Catchall Address for Spam Collect Addresses) 
ASSP will readdress messages addressed to spamaddresses to this address.
  For example: collect@example.com  

-noCollecting (Do Not Collect Messages from/to these Addresses*) 
Accepts specific addresses (user@example.com), user parts (user) or entire domains (@example.com).  

-UseSubjectsAsMaillogNames (Use Subject as Maillog Names) 
You can turn this on to help you manually identify mail in your spam-folder (spamlog) and ham-folder (notspamlog) collections. It is recommended to enable MaintBayesCollection and to setup MaxNoBayesFileAge to your needs, if you have switched this option to on. 
Default: On 

-MaxAllowedDups (Max Number of Duplicate File Names) 
The maximum number of logged files with the same filename (subject) that are stored in the spam folder (spamlog), if UseSubjectsAsMaillogNames is selected. A low value reduces the number of possibly duplicate mails, assuming that mails with the same subject will have the same content. A value of 0 disables this feature. If this number of files with the same filename is reached, new files will be stored in the discarded folder, which has to be defined for this feature to work. 
Default: 5 

-AllowedDupSubjectRe (Regular Expression to Allow Unlimited Duplicates *) 
Messages with subject matching this regular expression will be collected regardless of the setting in MaxAllowedDups .  

-MaxFileNameLength (Max Length of File Names) 
The maximum character count that is used from the mail subject to build the file name of the logged file, if UseSubjectsAsMaillogNames is selected. This could be usefull, if your mail clients having trouble to build the resend file name (right button - URL) correctly in block reports. Every non printable character will be replaced by a 4 byte string in this link. 
Default: 30 

-DoNotCollectRedRe (Do Not Collect RedRe Matching Mails) 
Mails matching redRe will not be stored in the collection folders. 
Default: On 

-DoNotCollectRedList (Do Not Collect Redlisted Mails) 
Mails matching  Redlist will not be stored in the collection folders.  

-KeepWhitelistedSpam (Do Not Delete Whitelisted Spams) 
Mails matching  Whitelist will not be deleted from the Spam folder.  

-DoNotCollectBounces (Do Not Collect Bounced Mails) 
Mails matching BounceSenders will not be collected. 
Default: On 

-NoMaillog (Dont Collect Mail) 
Check this if you're using Whitelist-Only and don't care to save mail to build the Bayesian database.  

-MaxFiles (Max Files) 
If you're not using subjects as file names, this is the maximum
  number of files to keep in each collection (spam and nonspam)
  its actually less than this -- files get a random number between 1 and MaxFiles. 
Default: 14000 

-MaxBytes (Max Bytes) 
How many bytes of the message will ASSP look at? Mails stored in the collecting folders will be truncated to this size. The average of Ham messages is 8K, the average of Spam messages is 4K. Usually the spam folder ( spamlog ) will be filled quicker than the notspam folder ( notspamlog ), so setting this value to 8000 will  produce more wordpairs per Ham Message. When both folders are close to the maxfiles limit, reduce it to 4000. 
Default: 8000 

-StoreCompleteMail (Store the Complete Mail) 
If set, ASSP will look at MaxBytes, but if possible it will store the complete mail. This could be usefull for example, if you want to resend blocked messages. Be carefull using this option, your disk could be filled up very fast!  

-baysNonSpamLog (OK Mail) 
Where to store non spam (message ok) messages. These are messages which are considered as HAM, but should not stored in the standard HAM folder because of our policy to use only confirmed HAM messages (whitelisted or local) for SpamDB. Set incomingOkMail accordingly if you choose 'okmail folder'. 
Default: okmail folder 

-NonSpamLog (Non Spam) 
Where to store whitelisted/local  non spam messages. 
Default: notspam folder 

-npAttachLog (NoProcessing rejected Attachments) 
Where to store noprocessing rejected mail+attachments.  

-wlAttachLog (Whitelisted rejected Attachments) 
Where to store whitelisted rejected mail+attachments.  

-extAttachLog (External rejected Attachments) 
Where to store external rejected mail+attachments.  

-SpamVirusLog (Virus Infected) 
Where to store virus infected messages.   

-spamBombLog (SpamBombs) 
Where to store spam bombs -> DoBombSenderRe, DoBombHeaderRe, DoBombRe. 
Default: discard folder and sendAllSpam 

-BlackReLog (Black Regular Expressions) 
Where to store Black Regular Expressions -> DoBlackRe. 
Default: spam folder and sendAllSpam 

-DoNotCollectBombs (Do not collect Spam Bombs detected during scoring modus) 
  

-scriptLog (Scripts - DoScriptRe) 
Where to store scripted messages. Default: spam folder ( spamlog ) and sendAllSpam 
Default: spam folder and sendAllSpam 

-blDomainLog (Blacklisted Domains - DoBlackDomain) 
Where to store blacklisted domain messages. 
Default: spam folder and sendAllSpam 

-spamHeloLog (Blacklisted Helos - useHeloBlacklist) 
Where to store spam helo messages. 
Default: discard folder and sendAllSpam 

-forgedHeloLog (Forged Helos - DoFakedLocalHelo) 
Where to store forged helo messages.  

-invalidHeloLog (Invalid Helos - DoInvalidFormatHelo) 
Where to store invalid helo messages. 
Default: discard folder and sendAllSpam 

-spamBucketLog (Spam Collect Addresses) 
Where to store emails addressed to Spam Collect Addresses. 
Default: spam folder 

-baysSpamLog (Bayesian Spams - DoBayesian) 
Where to store Bayesian spam messages. 
Default: discard folder and sendAllSpam 

-SPFFailLog (SPF Failures - ValidateSPF) 
Where to store SPF Failure spam messages. 
Default: spam folder and sendAllSpam 

-RBLFailLog (DNSBL Failures - ValidateRBL) 
Where to store DNSBL Failure spam messages. 
Default: spam folder and sendAllSpam 

-URIBLFailLog (URIBL Failures - ValidateURIBL) 
Where to store URIBL Failure spam messages. 
Default: spam folder and sendAllSpam 

-SRSFailLog (SRS Failures - EnableSRS) 
Where to store SRS Failure (not signed bounces) spam messages. 
Default: spam folder and sendAllSpam 

-spamPTRLog (Missing/Invalid Pointer - DoPTRCheck) 
Where to store Missing/Invalid Pointer rejected messages. 
Default: spam folder and sendAllSpam 

-spamMXALog (Missing MX/A Record - DoMXACheck) 
Where to store Missing MX record rejected messages. 
Default: spam folder and sendAllSpam 

-spamISLog (Invalid Local Sender - DoNoValidLocalSender) 
Where to store messages from a local domain with an unknown userpart.  

-spamSBLog (Blocked Country - DoCountryBlocking, DoOrgBlocking) 
Where to store messages from a blocked country. 
Default: spam folder and sendAllSpam 

-spamMSLog (Message Limit Blocks - DoPenaltyMessage) 
Where to store Message Scoring Limit rejected messages.  
Default: spam folder and sendAllSpam 

-spamPBLog (PenaltyBox Blocks - DoPenalty) 
Where to store PB rejected messages. 
Default: spam folder and sendAllSpam 

-spamDenyLog (Denied IP numbers - DoDenySMTP) 
Where to store IP denied  messages.  
Default: discard folder and sendAllSpam 

-BackLog (Backscatter check failed) 
Where to store FBMTV rejected messages.  
Default: discard folder 

-freqNonSpam (Non Spam Collection Frequency) 
Store every n'th non spam message. If you set the value to 10 then every 10th message is logged. These frequency settings are for ASSP users with a mature installation who experience heavy mail or spam volumes. Enter a larger value if the non spam corpus is being refreshed too quickly. 
Default: 1 

-freqSpam (Spam Collection Frequency) 
Store every n'th spam message. The same as for non spam but helps prevent spam corpuses being skewed by flooding. It is recommended that this be set depending on spam volume. Notes On Collecting 
Default: 1 

------   Logging   -----------------------------------------------

-FilterLogging (Logging for filters are located in their section) 
Attachment ( AttachmentLog )
Bayesian ( BayesianLog )
Bomb ( BombLog )
Connections ( ConnectionLog )
Deny SMTP Connections ( denySMTPLog )
DNSBL ( RBLLog )
Greylisting/Delaying ( DelayLog )
LDAP ( LDAPLog )
Maintenance ( MaintenanceLog )
Message Scoring ( MessageLog )
Message-ID signing ( MSGIDsigLog )
PenaltyBox Extreme ( PenaltyExtremeLog )
PenaltyBox ( PenaltyLog )
Relay ( RelayLog ) 
Report ( ReportLog )
RWL ( RWLLog )
SenderBase ( SenderBaseLog )
Session Limit (SessionLog )
SPF ( SPFLog )
SSL ( SSLLog )
Trap ( TrapLog )
URIBL ( URIBLLog )
User Validation ( ValidateUserLog )
Validate Helo ( ValidateHeloLog )
Validate Sender ( ValidateSenderLog )
Virus Check ( ScanLog )
VRFY ( VRFYLog )  
Default: On 

-Notify (Notification Email To) 
Email address(es) to which you want ASSP to send a notification email, if a matching log entry ( NotifyRe , NoNotifyRe ) is found. Separate multiple entries by "|". This requires an installed  module in PERL.  

-NotifyRe (Do Notify, if log entry matches*) 
Regular Expression to identify loglines for which a notification message should be send.
  usefull entries are:
  Info: new assp version - to get informed about new available assp versions
  info: autoupdate: new assp version - to get informed about an autoupdate of the running script
  adminupdate: - for config changes
  admininfo: - for admin informations
  option list file: - for option file reload
  error: - for any error
  restart - to detect a ASSP restart
  Admin connection - for GUI logon
  You may define a comma separated list (after '=>') of recipients in every line, this will override the default recipient defined in 'Notify'. For example: adminupdate=>user1@yourdomain.com,user2@yourdomain.com.
  As third parameter after a second ('=>') you can define the subject line for the notification message.
  for example: adminupdate:=>user1@yourdomain.com,user2@yourdomain.com=>configuration was changed
  or: adminupdate:=>=>configuration was changed.  

-NoNotifyRe (Do NOT Notify, if log entry matches*) 
Regular Expression to identify loglines for which no notification message should be send.  

-noLog (Dont Log these IPs*) 
Enter IP addresses that you don't want to be logged, separated by pipes (|).
  This can be IP address of the SMTP service monitoring agent. For example: 145.145.145.145|145.146.  

-noLogRe (Regular Expression to Identify NoLog-Mails*) 
Put anything here to identify mails that you don't want to be logged.  

-noLogLineRe (Regular Expression to Suppress Log-Messages*) 
Put anything here to identify log messages that you want to be suppressed. For example: max errors|collect 
Default: max errors|collect 

-allLogRe (Regular Expression to Identify Messages from/to Problematic Addresses *) 
Put anything here to identify mails from/to addresses you want to look at for problem solving. Mails identified will also be set to StoreCompleteMail.  

-fileLogging (File name logging) 
Show file names of collected spam/notspam in log  
Default: On 

-subjectLogging (Subject logging) 
Show subject of mail in log  
Default: On 

-subjectStart (Subject Start Delimiter) 
Start delimiter of subject in log  
Default: [ 

-subjectEnd (Subject End Delimiter) 
End delimiter of subject in log 
Default: ] 

-regexLogging (Regex Match logging) 
Show matching regex in log.   

-ipmatchLogging (IP Matches Logging) 
Enables logging of IP addresses matches in the maillog. Will show a comment instead of the range if there is text after the IP ranges (and before any numbersign)  eg. 182.82.10.0/24 AOL  

-slmatchLogging (Logging Address Matches) 
Enables logging of address matches in the maillog.  

-uniqeIDLogging (Unique ID logging) 
Add unique string to log   
Default: On 

-uniqueIDPrefix (Prepend Unique ID logging) 
Prepend ID. For example: m1-  

-tagLogging (Spam Tag Logging) 
Add spam tag to log. 
Default: On 

-ExceptionLogging (Module Call Timeout Exception Logging) 
  

-replyLogging (SMTP Status Code Reply Logging) 
  

-expandedLogging (Logging Records include IP &amp; MailFrom) 
 
Default: On 

-sysLog (SYSLOG Centralized Logging) 
Enables logging to UNIX Syslog. Needs Sys::Syslog for local (UNIX/LINUX) logging or Net::Syslog for Windows or Network logging.  

-sysLogPort (Syslog Port (UDP)) 
Port for Syslog logging with Net::Syslog. 
Default: 514 

-SysLogFac (Syslog Facility) 
Syslog Facility. Valid are kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6 
Default: mail 

-sysLogIp (Syslog IP) 
IP Address of your Syslog Daemon for Syslog logging with Net::Syslog. 
Default: 127.0.0.1 

-asspLog (ASSP local logging) 
ASSP manages local logging. The logs  inside the directory where ASSP is installed. This is needed if you want to use any of the "Block Reporting" and "View Maillog Tail" features like searching, deleting, moving, resending of messages. 
Default: On 

-LogRollDays (Roll the Logfile How Often?) 
ASSP closes and renames the log file after this number of days. 
Default: 1 

-MaxLogAge (Max Age of Logfiles) 
The maximum file age in days of logfiles. If a logfile is older than this number in days, the file will be deleted. A value of 0 disables this feature and no logfile will be deleted because of its age. 
Default: 60 

-LogNameMMDD (No Year in LogName) 
The standard name for the logfile is YY-MM-DD.maillog.txt, use this option to set it to MM-DD.maillog.txt  

-LogDateFormat (Date/Time Format in LogDate) 
Use this option to set the logdate. The default value is 'MMM-DD-YY hh:mm:ss'. The following (case sensitive !) replacements will be done:
 YYYY - year four digits
 YY - year two digits
 MMM - month three characters - like Oct Nov Dec
 MM - month numeric two digits
 DDD - day three characters - like Mon Tue Fri
 DD - day numeric two digits
 hh - hour two digits
 mm - minute two digits
 ss - second two digits
 A value has to be defined for every part of the date/time. Allowed separators in date part are '_ -.' - in time part '-_.:' . 
Default: MMM-DD-YY hh:mm:ss 

-silent (Silent Mode) 
Checked means don't print log messages to the console.   

-DEBUG (Debug Mode) 
Checked sends debugging info to a .dbg file.
  Leave this unchecked unless there is a program error you are trying to track down.  

-DebugRollTime (Roll the Debugfile How Often?) 
ASSP closes and opens a new debug file after this number of seconds. 
Default: 1800 

-Win32Debug (Win32 OutputDebugString) 
Make Win32 OutputDebugString available. Needs Win32::API::OutputDebugString  

-IgnoreMIMEErrors (Ignore MIME Errors) 
Errors, based on wrong email MIME contents, will not be written to log! 
Default: On 

-ConTimeOutDebug (Connection Timeout Debug Mode) 
Select to debug SMTP connections that are running into timeout!  

-Showmaxreplies (Show All Possible Hits ) 
Show all hits instead of stopping at maxhits (RBL,URIBL,RWL).  

-RegExLength (RegEx Length in Log) 
Defines how many bytes of a matching Regular Expression will be shown in the log
  Some matching Regular Expressions are too long for one line. Default: 32 
Default: 32 

-sendNoopInfo (Send NOOP Info) 
Checked means you want ASSP to send a "NOOP Connection from $ip" message to your SMTP server.
  
  Notes On Logging
    

------   LDAP Setup    -----------------------------------------------

-DoLDAP (Do LDAP lookup for valid local addresses ) 
Check local addresses against an LDAP database before accepting the message.Note: Checking this requires filling in the other LDAP parameters like LDAPHost.This requires an installed  module in PERL.  

-LDAPHost (LDAP Host(s) ) 
Enter the DNS-name(s) or IP address(es) of the server(s) that run(s) the  database. Second entry is backup. For example: localhost. Separate entries with pipes: LDAP-1.domain.com|LDAP-2.domain.com 
Default: localhost 

-LDAPtimeout (LDAP Query Timeout) 
Timeout when connecting to the remote server. The default is 15 seconds. 
Default: 15 

-LDAPLogin (LDAP Login) 
Most LDAP servers require a login and password before they allow queries.Enter the DN specification for a user with sufficient permissions here.For example: cn=Administrator,cn=Users,DC=yourcompany,DC=com  

-LDAPPassword (LDAP Password) 
Enter the password for the specified LDAP login here.  

-LDAPVersion (LDAP Version) 
Enter the version for the specified LDAP here. 
Default: 3 

-LDAPRoot (LDAP Root container) 
The LDAP lookup will use this container and all sub-containers to match the query.The literal DOMAIN is replaced by the domain part of SMTP recipient (eg. domain.com) during the search.For example: DC=yourcompany,DC=com.If you use DOMAIN here, you must check "LDAP failures return false" below or non local domains will be treated as local  

-LDAPFilter (LDAP Filter for Local Addresses) 
This filter is used to query the LDAP database. This strongly depends on the LDAP structure.The filter must return an entry if the recipient address matches with that of any user.The literal EMAILADDRESS is replaced by the fully qualified SMTP recipient (eg. user@example.com) during the search.The literal USERNAME (case sensitive) is replaced by the user part of SMTP recipient (eg. user) during the search.The literal DOMAIN (case sensitive) is replaced by the domain part of SMTP recipient (eg. domain.com) during the search.For example: (proxyaddresses=smtp:EMAILADDRESS)  

-LDAPcrossCheckInterval (Clean Up local LDAP Database) 
Delete outdated entries from the LDAP cache. Crosscheck LDAP cache to LDAP server and delete not existing entries.
  Note: the current timeout must expire before the new setting is loaded, or you can restart.
  Defaults to 24 hours. Is only used, if ldaplistdb is defined in the filepath section. 
Default: 24 

-LDAPShowCache (Show local LDAP Database) 
The directory/file with the LDAP cache database file. If you change ldaplistdb in section Filepath you must change it here too. 
Default: file:ldaplist 

-LDAPShowNotFound (Show LDAP Not Found Cache) 
The directory/file with the LDAP notfound cache database file. If you change ldapnotfounddb in section Filepath you must change it here too. 
Default: file:ldapnotfound 

-MaxLDAPlistDays (Max LDAP cache Days) 
This is the number of days an address will be kept on the local LDAP cache without any email to this address. 0 disables the cache. 
Default: 90 

-LDAPLog (Enable LDAP logging) 
 
Default: standard 

-LDAPFail (LDAP failures return false) 
LDAP failures return false when an error occurs in LDAP lookups.Notes On LDAP   

------   Backscatter Detection   -----------------------------------------------

-DoMSGIDsig (Do Message-ID Signing) 
If activated, the message-ID of each outgoing message will be signed with an unique Tag and every incoming mail from BounceSenders will be checked against this. This tagging is called FBMTV for "FBs Message-ID Tag Validation" and is worldwide unique to ASSP. This tag will be removed from any incoming email, to recover the original references in the mail header. Scoring is done  with msigValencePB, testmode is set with sigTestMode. 
  This check requires an installed  module in Perl.  

-MSGIDsigLog (Enable Message-ID signing logging) 
 
Default: standard 

-MSGIDpreTag (Message-ID pre-Tag for MSGID-TAG-generation) 
To use Message-ID signing and to create the MSGID-Tags, a pre-Tag is needed. This Tag must be 2-5 characters [a-z,A-Z,0-9] long. Default is 'sig'. 
Default: sig 

-MSGIDSec (Message-ID Secrets for MSGID-TAG-generation*) 
To use Message-ID signing and to generate the MSGID-Tags, at least one secret key is needed, up to ten are possible.
  The notation is : generationnumber[0-9]=secretKey. Multiple paires are separated by pipes (|). Default is 0=assp|1=fbmtv. Do not define spaces, tabs and '=' as part of the keys(secrets)! 
Default: 0=assp|1=fbmtv 

-MSGIDsigAddresses (Do MSGID-Signing For These Addresses Only* ) 
Only messages from any of these addresses will be tagged and checked by FBMTV. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com). If empty FBMTV is done for all addresses.  

-Back250OKISP (Send 250 OK if Backscatter Detection fails) 
If Backscatter check fails for a bounced mail , ASSP will send "250 OK" , but will discard the mail, if the check is configured to block! 'To ISP' means sender in ispip.  
Default: To ISP 

-BackWL (Backscatter Detection checks Whitelisted mail) 
Tagging will be always done, if not excluded by address or domain!  

-BackNP (Backscatter Detection checks NoProcessing mail) 
Tagging will be always done, if not excluded by address or domain!  

-noBackSctrAddresses (Do not Backscatter detection for these Addresses * ) 
Mail to and from any of these addresses will not be tagged and checked by the backscatter option. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).  

-noBackSctrIP (Exclude these IP numbers from any Backscatter detection*) 
Enter IP numbers that you want to exclude from FBMTV, separated by pipes (|). 
  Notes On Backscatter Detection  

------   DNS Setup   -----------------------------------------------

-UseLocalDNS (Use System Default DNS) 
Use system default DNS Name Servers. 
Default: On 

-DNSResponseLog (Show DNS Name Servers Response Time in Log) 
You can use this to arrange DNSServers for better performance. Put the fastest first.  

-DNSServers (Overwrite Domain Name Servers) 
 Use a DNS Benchmark Utility like  to find the fastest Domain Name Servers and put them here separated by pipes (|). Note: UseLocalDNS must be disabled.  

-DNStimeout (DNS Query Timeout) 
Global DNS Query Timeout for DNSBL, RWL, URIBL, PTR, SPF, MX and A record lookups. The default is 5 seconds. 
Default: 5 

-DNSretry (DNS Query Retry) 
Global DNS Query Retry. Set the number of times to try the query. The default is 1. 
Default: 1 

-DNSretrans (DNS Query Retrans) 
Global DNS Query Retransmission Interval. Set the retransmission interval. The default is 3.
  Notes On DNS Setup 
Default: 3 

------   SSL/TLS    -----------------------------------------------

-enableSSL (Enable SSL/TLS support) 
For SSL to be enabled, check this box and enter the paths to your SSL Certificate and SSL Key files, below. If you do not have valid certificates, you may generate both files online with !.
NOTE: Changing this  requires ASSP restartf  

-SSLLog (Enable SSL logging) 
 
Default: standard 

-noTLSIP (Exclude these IP numbers from SSL/TLS*) 
Enter IP numbers that you want to exclude from starting SSL/TLS. For example, put all IP numbers here, which have trouble to switch to TLS every time (effectively preventing ASSP from getting mails from these hosts).  

-disableSSL25 (Disable SSL/TLS support on port 25) 
  

-SSLRetryOnError (Retry TLS on &quot;SSL want a read first&quot; error) 
If selected, ASSP retries 3 times to establish a TLS connection, if the peer was not ready after STARTTLS because of a "SSL want a read/write first" error. 
Default: On 

-SSLtimeout (SSL Timeout (0-999)) 
SSL/TLS negotiation will timeout after this many seconds. 
Default: 10 

-SSLCacheExp (TLS Error Cache Refresh Interval) 
If a connection fails with 'TSL negotiation with client failed' or 'Connection idle .. timeout' the connecting IP will be stored into this cache. ASSP will not offer STARTTLS to IP numbers in the error cache. The entry will be removed after this interval in hours. 0 will disable the error cache.   
Default: 96 

-listenPortSSL (SMTP Secure Listen Port) 
The port number on which ASSP will listen for incoming secure SMTP (SSL) connections (normally 465). You can specify both an IP address and port number to limit connections to a specific interface. 
Examples: 465, 127.0.0.1:465, 127.0.0.1:465|127.0.0.2:465   

-smtpDestinationSSL (SSL Destination) 
The IP address and port number to connect to when mail is received on the SSL listen port. The destination should not be a SSL port. Let it blank if you are unsure, the primary SMTP destination will then be used. Examples:127.0.0.1:565, [::1]:565  

-SSLCertFile (SSL Certificate File (PEM format)) 
Full path to the file containing the server's SSL certificate, for example : /usr/local/etc/ssl/certs/assp-cert.pem.  A general cert.pem file is already provided in './certs/server-cert.pem'. For defining any full filepathes, always use slashes ('/') not backslashes. 
Default: ./certs/server-cert.pem 

-SSLKeyFile (SSL Key File (PEM format)) 
Full path to the file containing the server's SSL key, for example: /usr/local/etc/ssl/certs/assp-key.pem. A general key.pem file is already provided in './certs/server-key.pem'.Notes On SSL Setup 
Default: ./certs/server-key.pem 

------   Automatic Update / Restart   -----------------------------------------------

-AutoRestart (Automatic Restart after Exception) 
If ASSP detects a main exception and it runs not as service or daemon, it will try to restart itself.  
Default: On 

-AutoRestartCmd (OS-shell command for AutoRestart) 
The OS level shell-command that is used to autorestart ASSP, if it runs not as a service or daemon! A possible value for your system is:"perl" "assp.pl" "/Applications/assp" &Leave this field blank, if ASSP runs inside an external loop.  

-AutoRestartAfterCodeChange (Automatic Restart ASSP on new or changed assp.pl Script) 
If selected, ASSP will restart it self, if it detects a new or changed running script. An automatic restart will be done only, if ASSP as daemon on linux/MAC ( AsADaemon ) or as a service on windows or AutoRestartCmd is configured. Leave this field empty to disable the feature. Possible values are 'immed and 1...23' . If set to 'immed', assp will restart within some seconds after a detected code change. If set to '1...23' the restart will be scheduled to that hour. A restart at 00:00 is not supported.  

-ForceRestartAfterCodeChange (Enforce Termination on new or changed assp.pl Script) 
ASSP will terminate even if it is not daemon on linux/MAC ( AsADaemon ) and not a service on windows and AutoRestartCmd is not configured. This is only useful if you run ASSP inside an external loop.  

-AutoUpdateASSP (Auto Update the Running Script (assp.pl)) 
No action will be done if 'no auto update' is selected.
  If 'download only' is selected and a new assp version is available, this new version will be downloaded to the directory /Applications/assp/download (assp.pl).
  If 'download and install' is selected, the running script will be saved to download directory and replaced by the new version.
  Configure ( AutoRestartAfterCodeChange ), if you want the new version to become the active running script.
  The perl module  is required to use this feature. 
Default: download only 

-AutoUpdateASSPDev (Auto Update Developer Version) 
  

-RestartEvery (Restart Timeout) 
ASSP will automatically terminate and restart after this many seconds. Use this setting to periodically reload configuration data, combat potential memory leaks, or perform shutdown/startup processes. This will only work properly if ASSP runs as a Windows service or in a script that restarts it after it stops.  

------   Server Setup   -----------------------------------------------

-MaintenanceLog (Enable Maintenance logging) 
 
Default: standard 

-ConsoleCharset (Charset for STDOUT and STDERR) 
Set the characterset for the console output to your local needs. Default is "System Default" - no conversion. Restart is required!  

-LogCharset (Charset for Maillog) 
Set the characterset/codepage for the maillog output to your local needs. Default (and best) on non Windows systems is "UTF-8" if available or "System Default" - no conversion. On Windows systems set it to your local codepage or UTF-8 (chcp 65001). To display nonASCII characters in the subject line and maillog files names setup decodeMIME2UTF8 . Restart is required! 
Default: utf-8-strict 

-decodeMIME2UTF8 (Decode MIME Words To UTF-8) 
If selected, ASSP decodes MIME encoded words to UTF8. This enables support for national languages to be used in Bombs , Scripts , Spamdb , Logging. If not selected, only US-ASCII characters will be used for this functions. This requires an installed  module in PERL. 
Default: On 

-AsAService (Run ASSP as a Windows Service) 
In Windows NT/2000/XP/2003 ASSP can be installed as a service. This setting tells ASSP that this has been done -- it does not install the Windows service for you. Installing ASSP as a service requires several steps which are detailed in the  requires ASSP restart  

-AsADaemon (Run ASSP as a Daemon) 
In Linux/BSD/Unix/OSX fork and close file handles. Similar to the command "perl assp.pl &amp;", but better.
   requires ASSP restart  

-runAsUser (Run as UID) 
The *nix user name to assume after startup (*nix only).Examples: assp, nobody
   requires ASSP restart  

-runAsGroup (Run as GID) 
The *nix group to assume after startup (*nix only).Examples: assp, nobody
   requires ASSP restart  

-ChangeRoot (Change Root) 
The new root directory to which ASSP should chroot (*nix only). If blank, no chroot jail will be used. Note: if you use this feature, be sure to copy or link the etc/protocols file in your chroot jail.
   requires ASSP restart  

-setFilePermOnStart (Set ASSP File Permission on Startup) 
If set, ASSP sets the permission of all ASSP- files and directories at startup to full (0777)!  

-myName (My Name) 
ASSP will identify itself by this name in the email "Received:" header and in the helo when sending report-replies. Usually the fully qualified domain name of the host.Examples: assp.example.com 
Default: ASSP.nospam 

-myHelo (My Helo) 
How ASSP will identify itself when connecting to the target MTA. 
transparent - the Helo of the sender will be used
use myName - myName will be used
use FQDN - fully qualified domain name of the host assp is running on 
Default: use myName 

-asspCfg (assp.cfg) 
For internal use only : assp.cfg file. 
Default: file:assp.cfg 

-AutoReloadCfg (Automatic Reload ConfigFile) 
If selected and the assp.cfg file is changed externaly, ASSP will reload the configuration from the file.  

-asspCfgVersion (assp.cfg version) 
This is the current assp.cfg version.  

-proxyserver (Proxy Server) 
The Proxy Server to use when uploading global statistics and downloading the greylist.Examples: 192.168.0.1:8080, 192.168.0.1  

-proxyuser (Proxy User) 
The Proxy-UserName that is used to authenticate to the proxy.  

-proxypass (Proxy Password) 
The password for Proxy-UserName that is used to authenticate to the proxy.  

-OutgoingBufSizeNew (Size of TCP/IP Buffer) 
If ASSP talks to the internet over a modem change this to 4096. The default is 1024000. 
Default: 1024000 

-webAdminPort (Web Admin Port) 
The port on which ASSP will listen for http connections to the web administration interface. If you change this, after you click Apply you must change the URL on your browser to reconnect. You may also supply an IP address to limit connections to a specific interface.Examples: 55555, 192.168.0.5:12345 
Default: 55555 

-webAdminPassword (Web Admin Password) 
The password for the web administration interface (minimum of 5 characters, max 8 characters will be used). 
Default: nospam4me 

-allowAdminConnectionsFrom (Allow Admin Connections From These IPs*) 
An optional list of IP addresses from which you will accept web admin connections. Blank means accept connections from any IP address. Note: if you make a mistake here, you may disable your web administration interface and be forced to manually edit your configuration file to fix it.Examples:
  127.0.0.1|172.16.  

-allowAdminConnectionsFromName (Allow Admin Connections From These Hostnames) 
An optional additional list of Hostnames from which you will accept web admin connections. Blank means accept connections from any IP address in allowAdminConnectionsFrom or any connection if nothing is set there. Note: if you make a mistake here, you may disable your web administration interface and be forced to manually edit your configuration file to fix it.Examples:
 localhost  

-webStatPort (Raw Statistics Port) 
The port on which ASSP will listen for http connections to the statistics interface. You may also supply an IP address to limit connections to a specific interface.Examples: 55553, 192.168.0.5:12345 
Default: 55553 

-allowStatConnectionsFrom (Only Allow Raw Statistics Connections From*) 
An optional list of IP addresses from which you will accept raw statistical connections. Blank means accept connections from any IP address. Examples:
127.0.0.1|172.16. 
Default: 127.0.0.1 

-CleanCacheEvery (Cache Cleaning Interval) 
This period (in hours) determines how frequently ASSP does cache-housekeeping. 
Default: 2 

-SaveStatsEvery (Statistics Save Interval) 
This period (in minutes) determines how frequently ASSP statistics are written to a local file.  

-totalizeSpamStats (Upload Consolidated Spam Statistics) 
ASSP will upload its statistics to be consolidated with the global ASSP totals. Please do not disable it unless you have a good reason to do so. No private information is being disclosed by this upload. 
Default: On 

-OrderedTieHashTableSize (Ordered-Tie Hash Table Size) 
The number of entries allowed in the hash tables used by ASSP and rebuildspamdb.pl. Larger numbers require more more RAM but result in fewer disk hits. The default value is 10000. Adjust down to use less RAM. 
Default: 5000 

-EnableHTTPCompression (Enable HTTP Compression in GUI) 
Enable HTTP Compression for faster web administration interface loading. The perl module  is required to use this feature.  

-hideAlphaIndex (Hide the Alpha Index Menu Panel in GUI) 
Removes the alphanumeric index panel on the left side in the GUI, but the index is accessable by clicking on "Index".  

-IndexSlideSpeed (Sliding Speed of the Alpha Index Menu Panel in GUI) 
Adjust the sliding speed of the Alpha Index Menu Panel in GUI to your needs. 
Default: normal 

-EnableFloatingMenu (Enable Floating Menu Panel in GUI) 
Allow the menu panel on the web administration interface to float (floating Div code taken from ).  

-MaillogTailJump (Jump to the End of the Maillog) 
Causes the browser window to jump to the bottom of the maillog instead of sitting at the top of the display.  

-MaillogTailBytes (Maillog Tail Bytes) 
The number of bytes that will be shown when the end of the maillog is viewed. The default value is 10000. 
Default: 10000 

-MaillogTailWrap (Maillog Tail Wrap) 
Force maillog lines to wrap if there are too many characters in a line to fit into the window-width.  
Default: On 

-MaillogTailColorLine (Maillog Tail Color Line) 
Color alternate lines .  
Default: On 

-ALARMtimeout (Module Call Timeout) 
Global Timeout for calling other modules. The default is 10 seconds. 
Default: 10 

-UseLocalTime (Use Local Time) 
Use local time and timezone offset rather than UTC time in the mail headers.
  Notes On Server Setup 
Default: On 

------   Rebuild SpamDB / Griplist   -----------------------------------------------

-RebuildSchedule (Schedule time for RebuildSpamdb) 
If not set to 0 ASSP uses scheduled hours to run RebuildSpamdb.pl. For example '6|18' will run rebuildspamdb.pl at 6.00 and 18.00. Use 24 to run it at midnight.   
Default: 4 

-RebuildNow (Run RebuildSpamdb Now) 
If selected, ASSP will run RebuildSpamdb.pl now. &nbsp;  

-RebuildNotify (Notification Email To) 
Email address(es) to which you want ASSP to send a notification email after the rebuild task is finished. The file rebuildrun.txt is included in this notification. Separate multiple entries by "|". If empty no notify will take place. This requires an installed  module in PERL.  

-autoCorrectCorpus (Automatic Corpus Correction) 
(Syntax: a.a[a]-b.b[b]-cccc-dd or empty - default is "0.5-1.5-10000-14") If the 
corpus norm (the weight between spamwords/hamwords) is less than "a" (0.5 
- too much ham) or greater than "b" (1.5 - too much spam), assp will 
delete the excess (oldest) files from the corresponding folder ( spamlog , 
notspamlog ). ASSP will keep a minimum of "c" (10000) files in the folder 
and will never delete files that are younger than "d" days. This cleanup 
will run at the end of the rebuildspamdb task. So the corrected file 
corpus will take effect at the next rebuildspamdb! 
Default: 0.5-1.5-10000-14 

-griplist (GReyIPlist Database) 
The file with the current GRey-IP-List  database -- make this blank if you don't use it. 
Default: griplist 

-noGriplist (Dont Upload/Download Griplist) 
Check this to disable the Griplist upload/down when rebuildspamdb runs. The Griplist contains IP numbers and their value between 0 and 1, lower is less spammy, higher is more spammy. This value is called the grip value.   

-noGRIP (Dont do Griplist for these IPs* ) 
Enter IP numbers that you don't want to get gripvalues from. For example:145.145.145.145|145.146. 
Default: nogrip.txt 

-DoFullGripDownload (Full Griplist Download Period) 
The Global Griplist is downloaded once in full, then only deltas are downloaded each day subsequently.  This option forces a new full download after this many days.  Leave it blank to not force new full downloads. Recommended: 30 days. 
Default: 30 

-MaintBayesCollection (Maintenance for Bayesian Collection) 
Set this to on if you want ASSP to run maintenance tasks on the bayesian
collection folders ( spamlog , notspamlog ). ASSP will delete the oldest
files until the number of files per folder reaches MaxFiles. 
This option will keep
the files in the collection folders from growing indefinitely.  
Default: On 

-MaxNoBayesFileAge (Max Age of non Bayes Files) 
The maximum file age in days of every file in every non bayesian collection folder ( incomingOkMail , discarded , viruslog ). If defined and a file is older than this number in days, the file will be deleted. Default is 30 days. 
Default: 30 

-MaxKeepDeleted (Max Days of Keep Deleted) 
The maximum number in days deleted files in the bayesian
collection folders ( spamlog , notspamlog ) will be kept. This is necessary when EmailBlockReport is used to handle the file and the file is meanwhile deleted.  

-MaxCorrectedDays (Max Corrected File Age) 
This is the number of days a error report will be kept in the correctednotspam and correctedspam folders. These folders are the longterm memory of ASSP, therefore the default is 1000 days.
  Notes On Rebuild  
Default: 1000 

------   POP3 Collecting   -----------------------------------------------

-POP3ConfigFile (POP3 Configuration File*) 
The file with a valid POP3 configuration. Only the file: option is allowed to use. 
  If the file exists and contains at least one valid POP3 configuration line and POP3Interval is configured, assp will collect the messages from the configured POP3-servers. 
  Each line in the config file contains one configuration for one user.
  All spaces will be removed from each line.
  Anything behind a # or ; is consider a comment.
  If the same POP3-user-name is used mutiple times, put two angles with a unique number behind the user name. The angles and the number will be removed while processing the configuration.
  e.g: pop3user<1> will result in pop3user  -  or  - myName@pop3.domain<12> will result in myName@pop3.domain
  It is possible to define commonly used parameters in a separate line, which begins with the case sensitive POP3-username "COMMON:=" - followed by the parameters that should be used for every configured user.
  A commonly set parameter could be overwritten in every user definition.
  Each configuration line begins with the POP3-username followed by ":=" : e.g myPOP3userName:=
  This statement has to followed by pairs of parameter names and values which are separated by commas - the pairs inside are sepatated by "=". 
  e.g.: POP3username:=POP3password=pop3_pass,POP3server=mail.gmail.com,SMTPsendto=demo@demo_smtp.local,......
  The following case sensitive keywords are supported in the config file:
  POP3password=pop3_password
  POP3server=POP3-server or IP[:Port]
  SMTPsender=email_address
  SMTPsendto=email_address or <TO:> or <TO:email_address>
  SMTPserver=SMTP-server[:Port]
  SMTPHelo=myhelo
  SMTPAUTHuser=smtpuser
  SMTPAUTHpassword=smtppass
  SMTPHelo, SMTPsender, SMTPAUTHuser and SMTPAUTHpassword are optional.
  If SMTPsender is not defined, the FROM: address from the header line will be used - if this is not found the POP3username will be used.
  If the <TO:> syntax is used for SMTPsendto, the mail will be sent to any recipient that is found in the "to: cc: bcc:" header lines if it is a local one.
  If the <TO:email_address> syntax is used for SMTPsendto, the literals NAME and/or DOMAIN will be replaced by the name part and/or domain part of the addresses found in the "to: cc: bcc:" header lines. This makes it possible to collect POP3 mails from a POP3 account, which holds mails for multiple recipients.
  For example: <TO:NAME@mydomain.com>  or  <TO:NAME@subdomain.DOMAIN>  or  <TO:central-account@DOMAIN>
  If the <TO:> or <TO:email_address> syntax is used for SMTPsendto, "localDomains" and/or "localAdresses_Flat" must be configured to prevent too much error for wrong recipients defined in the "to: cc: bcc:" header lines. The POP3collector will not do any LDAP or VRFY query!
  If you want assp to detect SPAM, use the listenPort or listenPort2 as SMTP-server.
  To use this feature, you have to install the perl script "assp_pop3.pl" in the assp- base directory. 
Default: file:files/pop3cfg.txt 

-POP3Interval (POP3 Collecting Interval) 
The interval in minutes, assp should collect messages from the configured POP3-servers. A value of zero disables this feature.  

-POP3KeepRejected (POP3 Keep Rejected Mails on POP3 Server) 
If selected, any collected POP3 mail that fails to be sent via SMTP will be kept on the POP3 server.  

-POP3debug (POP3 debug) 
If selected, the POP3 collection will write debug output to the log file. Do not use it, unless you have problems with the POP3 collection!