Solved

How do I setup Pyzor to be used by Spamassassin?

Posted on 2004-08-17
11
606 Views
Last Modified: 2010-04-20
I am currently running spamassassin together with razor.

I have now also installed pyzor but the only documentation I have found is at :-
https://sourceforge.net/docman/display_doc.php?docid=11885&group_id=50000

There is no documentation about how you are supposed to configure it.
Are you supposed to run your own server or do you use a public server like you do with razor?
0
Comment
Question by:grblades
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 20

Expert Comment

by:Gns
ID: 11819059
No, no need to run your own server.... You'd aim at setting up a pure pyzor client.
IIRC all you need do is a
pyzor discover
(as the user running spamassassin) and it should "discover" the most suitable server for you (creates the ~/.pyzor/servers file). Spamassassin will know how to run "pyzor check" for you;-)

You should have OK usage instructions in the tarball ... doc/usage.html ... Well, more like an extended man-page, but generally concurs with the above:-).

Good Luck

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11819280
I have tried that but I have not seen any identified spam which matched a pyzor rule.
I added the following to my spamassassin configuration :-

use_pyzor 1
pyzor_options --homedir /etc/mail/spamassassin/.pyzor
0
 
LVL 20

Expert Comment

by:Gns
ID: 11819324
And if you do a testrun with "spamassassin --lint -D ...", does it use Pyzor or not?

-- Glenn
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 20

Expert Comment

by:Gns
ID: 11819396
This is a slighty edited excerpt from a run like
# spamassassin -D --lint 2>&1 |less -e
... page down to pyzor....
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
.... and then we have dcc ....
debug: executable for dccproc was found at /usr/local/bin/dccproc
debug: DCC is available: /usr/local/bin/dccproc
debug: entering helper-app run mode
debug: DCC: got response: X-DCC--Metrics: XXXXXX.XXXXXX.XXX 1074; Body=4261 Fuz1=145
897 Fuz2=145897
debug: leaving helper-app run mode
....
And that's about it. If you have that, you're sure you actively _use_ pyzor. Anything else likely indicate an error of some sort... Like not allowing the port (24441) or somesuch.

As it happens some messages don't trigger all of Razor, Pyzor or DCC... Just some.
Give it some time and you'll see Pyzor in action;-).

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11819438
This is what I get so I guess it is working. I find that about 30% of identified spam is matched by the Razor checks but so far I have got around 50 ideitified spams but none detected by Pyzor.

debug: Current PATH is: /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/usr/X11R6/bin:/bin:/usr/games:/opt/gnome/bin:/opt/kde3/bin:/usr/lib/java/bin:/opt/gnome/bin
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
0
 
LVL 36

Author Comment

by:grblades
ID: 11819449
I believe DCC works a little differently in that it matches anything which is sent to lots of people?
So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them being matched?

What we are currently using is working very well. I think it is detecting around 90-95%.
0
 
LVL 20

Expert Comment

by:Gns
ID: 11819932
> I believe DCC works a little differently in that it matches anything which is sent to lots of people?
Yes.
> So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them
> being matched?
If the message is likely to reach 10 000+ recipients that all report checksums.... then yes.
You probably can get away without doing the whitelisting bit, but... why not keep it sane, eh?-):-).

> What we are currently using is working very well. I think it is detecting around 90-95%.
We're well above 95%, and that _without_ bayes!

I've no hard figures on how many get caught in each, but... spamassassin with razor, pyzor and dcc in conjunction with a hefty whitelist (that won't ever be seen by any of the "child tools") has greatly improved our accuracy (few->none false positives/negatives).
Establishing the whitelist was a bit tedious but well worth the effort.

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11838956
Pyzor and Razor have not been working since I configured Pyzor. I have had to set 'use_pyzor 0' to disable it and now Razor has started working again.
Any ideas?
0
 
LVL 20

Expert Comment

by:Gns
ID: 11839050
Not even the linting bit?

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11839128
The lint showed that it found and was able to query the razor and pyzor servers but it was not actually working for some reason. Maybe spamd just needed a restart and it was a coincidence that it stopped working when it did. I'll try enabling it again next week.
0
 
LVL 20

Accepted Solution

by:
Gns earned 250 total points
ID: 11839211
Ok. Never seen any such ... connection... between them, so you might well be right about spamd (I acxtually don't use spamd in any volume solution (just at home), but rather "classic" spamassassin.... Or rather the perl module (since MailScanner is perl):-).

-- Glenn
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question