How do I setup Pyzor to be used by Spamassassin?

I am currently running spamassassin together with razor.

I have now also installed pyzor but the only documentation I have found is at :-
https://sourceforge.net/docman/display_doc.php?docid=11885&group_id=50000

There is no documentation about how you are supposed to configure it.
Are you supposed to run your own server or do you use a public server like you do with razor?
LVL 36
grbladesAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
GnsConnect With a Mentor Commented:
Ok. Never seen any such ... connection... between them, so you might well be right about spamd (I acxtually don't use spamd in any volume solution (just at home), but rather "classic" spamassassin.... Or rather the perl module (since MailScanner is perl):-).

-- Glenn
0
 
GnsCommented:
No, no need to run your own server.... You'd aim at setting up a pure pyzor client.
IIRC all you need do is a
pyzor discover
(as the user running spamassassin) and it should "discover" the most suitable server for you (creates the ~/.pyzor/servers file). Spamassassin will know how to run "pyzor check" for you;-)

You should have OK usage instructions in the tarball ... doc/usage.html ... Well, more like an extended man-page, but generally concurs with the above:-).

Good Luck

-- Glenn
0
 
grbladesAuthor Commented:
I have tried that but I have not seen any identified spam which matched a pyzor rule.
I added the following to my spamassassin configuration :-

use_pyzor 1
pyzor_options --homedir /etc/mail/spamassassin/.pyzor
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
GnsCommented:
And if you do a testrun with "spamassassin --lint -D ...", does it use Pyzor or not?

-- Glenn
0
 
GnsCommented:
This is a slighty edited excerpt from a run like
# spamassassin -D --lint 2>&1 |less -e
... page down to pyzor....
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
.... and then we have dcc ....
debug: executable for dccproc was found at /usr/local/bin/dccproc
debug: DCC is available: /usr/local/bin/dccproc
debug: entering helper-app run mode
debug: DCC: got response: X-DCC--Metrics: XXXXXX.XXXXXX.XXX 1074; Body=4261 Fuz1=145
897 Fuz2=145897
debug: leaving helper-app run mode
....
And that's about it. If you have that, you're sure you actively _use_ pyzor. Anything else likely indicate an error of some sort... Like not allowing the port (24441) or somesuch.

As it happens some messages don't trigger all of Razor, Pyzor or DCC... Just some.
Give it some time and you'll see Pyzor in action;-).

-- Glenn
0
 
grbladesAuthor Commented:
This is what I get so I guess it is working. I find that about 30% of identified spam is matched by the Razor checks but so far I have got around 50 ideitified spams but none detected by Pyzor.

debug: Current PATH is: /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/usr/X11R6/bin:/bin:/usr/games:/opt/gnome/bin:/opt/kde3/bin:/usr/lib/java/bin:/opt/gnome/bin
debug: executable for pyzor was found at /usr/bin/pyzor
debug: Pyzor is available: /usr/bin/pyzor
debug: entering helper-app run mode
debug: Pyzor: got response: 66.250.40.33:24441  (200, 'OK')     0       0
debug: leaving helper-app run mode
0
 
grbladesAuthor Commented:
I believe DCC works a little differently in that it matches anything which is sent to lots of people?
So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them being matched?

What we are currently using is working very well. I think it is detecting around 90-95%.
0
 
GnsCommented:
> I believe DCC works a little differently in that it matches anything which is sent to lots of people?
Yes.
> So you should use it to help spamassassin think something is spam but also configure the dcc whitelist with any mailing lists people commonly use to avoid them
> being matched?
If the message is likely to reach 10 000+ recipients that all report checksums.... then yes.
You probably can get away without doing the whitelisting bit, but... why not keep it sane, eh?-):-).

> What we are currently using is working very well. I think it is detecting around 90-95%.
We're well above 95%, and that _without_ bayes!

I've no hard figures on how many get caught in each, but... spamassassin with razor, pyzor and dcc in conjunction with a hefty whitelist (that won't ever be seen by any of the "child tools") has greatly improved our accuracy (few->none false positives/negatives).
Establishing the whitelist was a bit tedious but well worth the effort.

-- Glenn
0
 
grbladesAuthor Commented:
Pyzor and Razor have not been working since I configured Pyzor. I have had to set 'use_pyzor 0' to disable it and now Razor has started working again.
Any ideas?
0
 
GnsCommented:
Not even the linting bit?

-- Glenn
0
 
grbladesAuthor Commented:
The lint showed that it found and was able to query the razor and pyzor servers but it was not actually working for some reason. Maybe spamd just needed a restart and it was a coincidence that it stopped working when it did. I'll try enabling it again next week.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.