Solved

How do I setup Pyzor to be used by Spamassassin?

Posted on 2004-08-17
11
593 Views
Last Modified: 2010-04-20
I am currently running spamassassin together with razor.

I have now also installed pyzor but the only documentation I have found is at :-
https://sourceforge.net/docman/display_doc.php?docid=11885&group_id=50000

There is no documentation about how you are supposed to configure it.
Are you supposed to run your own server or do you use a public server like you do with razor?
0
Comment
Question by:grblades
  • 6
  • 5
11 Comments
 
LVL 20

Expert Comment

by:Gns
ID: 11819059
No, no need to run your own server.... You'd aim at setting up a pure pyzor client.
IIRC all you need do is a
pyzor discover
(as the user running spamassassin) and it should "discover" the most suitable server for you (creates the ~/.pyzor/servers file). Spamassassin will know how to run "pyzor check" for you;-)

You should have OK usage instructions in the tarball ... doc/usage.html ... Well, more like an extended man-page, but generally concurs with the above:-).

Good Luck

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11819280
I have tried that but I have not seen any identified spam which matched a pyzor rule.
I added the following to my spamassassin configuration :-

use_pyzor 1
pyzor_options --homedir /etc/mail/spamassassin/.pyzor
0
 
LVL 20

Expert Comment

by:Gns
ID: 11819324
And if you do a testrun with "spamassassin --lint -D ...", does it use Pyzor or not?

-- Glenn
0
 
LVL 20

Expert Comment

by:Gns
ID: 11819396
This is a slighty edited excerpt from a run like
# spamassassin -D --lint 2>&1 |less -e
... page down to pyzor....
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
.... and then we have dcc ....
debug: executable for dccproc was found at /usr/local/bin/dccproc
debug: DCC is available: /usr/local/bin/dccproc
debug: entering helper-app run mode
debug: DCC: got response: X-DCC--Metrics: XXXXXX.XXXXXX.XXX 1074; Body=4261 Fuz1=145
897 Fuz2=145897
debug: leaving helper-app run mode
....
And that's about it. If you have that, you're sure you actively _use_ pyzor. Anything else likely indicate an error of some sort... Like not allowing the port (24441) or somesuch.

As it happens some messages don't trigger all of Razor, Pyzor or DCC... Just some.
Give it some time and you'll see Pyzor in action;-).

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11819438
This is what I get so I guess it is working. I find that about 30% of identified spam is matched by the Razor checks but so far I have got around 50 ideitified spams but none detected by Pyzor.

debug: Current PATH is: /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/usr/X11R6/bin:/bin:/usr/games:/opt/gnome/bin:/opt/kde3/bin:/usr/lib/java/bin:/opt/gnome/bin
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 36

Author Comment

by:grblades
ID: 11819449
I believe DCC works a little differently in that it matches anything which is sent to lots of people?
So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them being matched?

What we are currently using is working very well. I think it is detecting around 90-95%.
0
 
LVL 20

Expert Comment

by:Gns
ID: 11819932
> I believe DCC works a little differently in that it matches anything which is sent to lots of people?
Yes.
> So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them
> being matched?
If the message is likely to reach 10 000+ recipients that all report checksums.... then yes.
You probably can get away without doing the whitelisting bit, but... why not keep it sane, eh?-):-).

> What we are currently using is working very well. I think it is detecting around 90-95%.
We're well above 95%, and that _without_ bayes!

I've no hard figures on how many get caught in each, but... spamassassin with razor, pyzor and dcc in conjunction with a hefty whitelist (that won't ever be seen by any of the "child tools") has greatly improved our accuracy (few->none false positives/negatives).
Establishing the whitelist was a bit tedious but well worth the effort.

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11838956
Pyzor and Razor have not been working since I configured Pyzor. I have had to set 'use_pyzor 0' to disable it and now Razor has started working again.
Any ideas?
0
 
LVL 20

Expert Comment

by:Gns
ID: 11839050
Not even the linting bit?

-- Glenn
0
 
LVL 36

Author Comment

by:grblades
ID: 11839128
The lint showed that it found and was able to query the razor and pyzor servers but it was not actually working for some reason. Maybe spamd just needed a restart and it was a coincidence that it stopped working when it did. I'll try enabling it again next week.
0
 
LVL 20

Accepted Solution

by:
Gns earned 250 total points
ID: 11839211
Ok. Never seen any such ... connection... between them, so you might well be right about spamd (I acxtually don't use spamd in any volume solution (just at home), but rather "classic" spamassassin.... Or rather the perl module (since MailScanner is perl):-).

-- Glenn
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now