power-mailinabox
power-mailinabox copied to clipboard
ddavness
What's the deal with Pyzor?
I receive many messages with this type of spam status:
X-Spam-Report:
* 2.0 PYZOR_CHECK Listed in Pyzor
* (https://pyzor.readthedocs.io/en/latest/)
The link referenced is simply to the Pyzor documentation. It's hard to figure out how Pyzor is involved in the spam checking of PMiaB. It's not a cloud service, so where does Pyzor run and how does one tell it to chill and get out of the way? All the so called Pyzor listings are false positives, that is they are messages from colleagues and well known people.
Thanks
If PMiaB is meant for "ordinary" tech-savvy people to be used, then surely we should create a resource to guide them through the spam filtering management, especially since there are no GUI options to do this? There's spamassassin, pyzor & greylisting that I'm aware of, but the level of false positives is just too high. We can't just leave it to itself, it has to be tuned.
It's not a cloud service, so where does Pyzor run and how does one tell it to chill and get out of the way?
I have scanned for Pyzor in the config file and found this:
# cat /etc/spamassassin/pyzor/servers
public.pyzor.org:24441
So the Pyzor on PMiaB is client that reports to and/or check public.pyzor.org on port 24441.
This leads to the next question: What's the interaction between spammassassin and pyzor. I suppose I should check the former project for details. There I get this:
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/UsingPyzor. In it one can run a test to see if Pyzor is being used.
echo "test" | spamassassin -D pyzor 2>&1 | less
Jan 25 14:11:13.051 [1951578] warn: config: created user preferences file: /root/.spamassassin/user_prefs
Jan 25 14:11:13.065 [1951578] dbg: pyzor: network tests on, attempting Pyzor
Jan 25 14:11:18.592 [1951578] dbg: pyzor: pyzor is available: /usr/bin/pyzor
Jan 25 14:11:18.592 [1951578] dbg: pyzor: opening pipe: /usr/bin/pyzor --homedir /etc/spamassassin/pyzor check < /tmp/.spamassassin1951578EID1Qgtmp
Jan 25 14:11:18.598 [1951581] info: util: setuid: ruid=0 euid=0 rgid=0 0 egid=0 0
Jan 25 14:11:18.927 [1951578] dbg: pyzor: [1951581] finished: exit 1
Jan 25 14:11:18.927 [1951578] dbg: pyzor: got response: public.pyzor.org:24441 (200, 'OK') 28342396 289747
Jan 25 14:11:18.928 [1951578] dbg: pyzor: listed: COUNT=28342396/5 WHITELIST=289747
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
domain1.blabla.com
X-Spam-Flag: YES
X-Spam-Level: *********
X-Spam-Status: Yes, score=9.8 required=5.0 tests=EMPTY_MESSAGE,MISSING_DATE,
MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,
NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS,PYZOR_CHECK autolearn=no
autolearn_force=no version=3.4.6
X-Spam-Report:
* 1.2 MISSING_HEADERS Missing To: header
* -0.0 NO_RELAYS Informational: message was not relayed via SMTP
* 2.0 PYZOR_CHECK Listed in Pyzor
* (https://pyzor.readthedocs.io/en/latest/)
* 0.1 MISSING_MID Missing Message-Id: header
* 1.4 MISSING_DATE Missing Date: header
* -0.0 NO_RECEIVED Informational: message has no Received headers
* 1.8 MISSING_SUBJECT Missing Subject: header
* 2.3 EMPTY_MESSAGE Message appears to have no textual parts
* 1.0 MISSING_FROM Missing From: header
* 0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
* headers
X-Spam-Score: 9.8
test
However, this is were I get stuck. The plugins for both Thunderbird and Outlook are abandoned.
How does SA learn what is spam and what is ham in the context of PMiaB? The sa-learn command handles that, right?