Menu
▾
▴
Re: Pyzor server(s) ...
|
From: Jerry W. <jer...@gm...> - 2006-11-28 05:10:46
|
Talk about a can of worms!
Does it really need a full client/server implementation? I'm new here, so
I'm ignorant to any discussion of why that method may have been selected to
start. I can say that the only things I've seen that can stand up to the
hundreds of queries/second that worldwide lists punish servers with are
'rbldnsd' and 'rbldns'. With a message hash it feels a bit like 'square
peg/round hole' (hashes and daemons built to do reverse DNS). You guys have
experience stress testing tinydns? =)
To ask the shorter question, can we setup 'hash.pyzor.something.ext' as a
host, and then have a TXT record with the response?
Here's what I can tell from just kinda 10,000' overviewing it, please
interject any information you may have. The program 'pyzor' connects to the
server/port listed in ~/.pyzor/servers (can be updated with 'pyzor
discover'). If you tell it to checck ('pyzor check < /tmp/spamfile') it
will compute a hash of the message (how?) and then send a HTTPish type
command to the server via tcp/cleartext on the other end. A command looks
like this:
User: anonymous [ static ]
Time: 1164688654 [ seconds since the epoch ]
Sig: 45aed8ad7d2bd59f339c7e88c0d4e533c1c68b9c [ dunno how it's computed,
but it changes based on message content ]
Op: check [ specified via command line ]
Op-Digest: 0dfe4745346676d78cc6bc11ff71d444546c0544 [ don't now how it's
computed, 'echo -n check | md5sum' doesn't come back with this hash... it's
static ]
Thread: 26283 [ pid ?]
PV: 2.0 [ version number i guess; static, ends with \n\n]
I haven't been able to get a response, and with my python being rudementary
at best, it's going to take me a while to figure out what one looks like.
It looks like the Spamassassin parsing code
[.../Mail/SpamAssassin/Plugin/Pyzor.pm] may be more helpful than the
server.py.
On 11/27/06, Marc G. Fournier <sc...@hu...> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> - --On Monday, November 27, 2006 22:04:30 -0600 Jerry Wilborn
> <jer...@gm...> wrote:
>
> > Please forgive my ignorance of the protocol. Is there a place where I
> can
> > read about how the actual question/answer is transmitted? Are we
> re-inventing
> > the wheel? Is it possible to hook this into DNS like the other .*lists
> do?
>
> What do you mean by 'hook this into DNS'? Do you mean like SPF and
> such? Or
> are you thinking of something different ...
>
> As for Pyzor protocol ... no idea on whether or not this was ever
> published by
> the original developer ;(
>
> >
> >
> > On 11/27/06, Marc G. Fournier <sc...@hu...> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> >
> >
> > - --On Monday, November 27, 2006 21:31:53 -0500 Robert Praetorius
> > <rm...@ii...>
> > wrote:
> >
> >> I've also done some thinking about building a
> >> distributed pyzor and agree that it's the obvious
> >> next step but don't have "ideas on how to accomplish
> >> a distributed pyzor relatively easily"*
> >
> > Actually, its very simple "in theory" ... all you need is to change the
> > communications protocol slightly to distinguish between a server or
> client
> > packet ... basically, if a client reports to the server, then that
> server
> > needs
> > to then report the same thing to the other servers, but "as a server"
> ...
> > when
> > a server reports to a server, that is the end of the line ...
> >
> > I was just thinking about it, and the best paradigm, I think, for this
> is
> > Usenet news ... each server would be a 'registered peer' off of another
> one
> > ...
> >
> > Let's say, for instance, that we have a server in NA at Site A ... if I
> wanted
> > to add a pyzor server onto that system, I would talk to the admin @ Site
> A
> > about connecting to him ... connection would be a simple as a
> servers.txt file
> > that contains the hostname of the remote server ...
> >
> > When Site A receives a report, it auto gets forwarded down to its
> 'children'
> > ... if my site receives a report, I would forward it up to Site A ...
> >
> > Now, Site A knows that it received the report from me, so wouldn't send
> it
> > back
> > to me ...
> >
> > Now, in theory, each server would only need max two connections ... an
> > upstream
> > and a downstream, but for redundancy, and speed, more then one would be
> > preferred ...
> >
> > So, as an example, let's say we have a single server in: US, Panama (my
> > servers), EU, Australia ... at a minimum, you'd want something like:
> >
> > Australia <-> US <-> EU
> > ^
> > |
> > v
> > Panama
> >
> > To improve redundancy, you could add links between Australia <-> EU, AU
> <-> PA
> > and PA <-> EU, but they wouldn't be required ...
> >
> > EU could then get a link from Africa, while Australia maybe from Korean,
> PA
> > from Brazil, etc ...
> >
> > Within US, you could break things down add add regional servers, etc,
> etc ...
> >
> > A large ISP could then run their own Pyzor server, but as part of the
> > distributed network ...
> >
> > Its theory, and simple one at that
> >
> > - ----
> > Marc G. Fournier Hub.Org Networking Services (
> http://www.hub.org)
> > Email . sc...@hu... MSN .
> sc...@hu...
> > Yahoo . yscrappy Skype: hub.org ICQ . 7615664
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.5 (FreeBSD)
> >
> > iD8DBQFFa6li4QvfyHIvDvMRAmVNAKCB3VXTKuWA8a15XxpKHr9VmjB11wCfWbls
> > qDm9JHFClR8UBhg7p/CeIkM=
> > =EnYO
> > -----END PGP SIGNATURE-----
> >
> >
> >
> >
> >
> > --
> > Jerry Wilborn
> > jer...@gm...
>
>
>
> - ----
> Marc G. Fournier Hub.Org Networking Services (http://www.hub.org
> )
> Email . sc...@hu... MSN . sc...@hu...
> Yahoo . yscrappy Skype: hub.org ICQ . 7615664
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (FreeBSD)
>
> iD8DBQFFa7sn4QvfyHIvDvMRAo/rAJ46wPrlPAO17t9GTDlI37tanYJdZQCgg2gN
> EXtsj+9PTlIYIhydrzF8iyQ=
> =Z7rK
> -----END PGP SIGNATURE-----
>
>
--
Jerry Wilborn
jer...@gm...
|
