The Protocol [2nd Try]

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Talk about a can of worms!

Does it really need a full client/server implementation? I'm new here, so
I'm ignorant to any discussion of why that method may have been selected to
start.  I can say that the only things I've seen that can stand up to the
hundreds of queries/second that worldwide lists punish servers with are
'rbldnsd' and 'rbldns'.  With a message hash it feels a bit like 'square
peg/round hole' (hashes and daemons built to do reverse DNS).  You guys have
experience stress testing tinydns? =)

To ask the shorter question, can we setup 'hash.pyzor.something.ext' as the
host, and then have a TXT record with the response?

Here's what I can tell from just kinda 10,000' overviewing it, please
interject any information you may have.  The program 'pyzor' connects to the
server/port listed in ~/.pyzor/servers (can be updated with 'pyzor
discover').  If you tell it to checck ('pyzor check < /tmp/spamfile') it
will compute a hash of the message (how?) and then send a HTTPish type
command to the server via tcp/cleartext on the other end. A command looks
like this:

User: anonymous [ static ]
Time: 1164688654  [ seconds since the epoch ]
Sig: 45aed8ad7d2bd59f339c7e88c0d4e533c1c68b9c   [ dunno how it's computed,
but it changes based on message content ]

Op: check [ specified via command line ]
Op-Digest: 0dfe4745346676d78cc6bc11ff71d444546c0544 [ don't now how it's
computed, 'echo -n check | md5sum' doesn't come back with this hash... it's
static ]
Thread: 26283 [ pid ?]
PV: 2.0 [ version number i guess; static, ends with \n\n]

I haven't been able to get a response, and with my python being rudementary
at best, it's going to take me a while to figure out what one looks like.
It looks like the Spamassassin parsing code
[.../Mail/SpamAssassin/Plugin/Pyzor.pm] may be more helpful than the
server.py.
On 11/27/06, Marc G. Fournier <sc...@hu...> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> - --On Monday, November 27, 2006 22:04:30 -0600 Jerry Wilborn
> <jer...@gm...> wrote:
>
> > Please forgive my ignorance of the protocol. Is there a place where I
> can
> > read about how the actual question/answer is transmitted? Are we
> re-inventing
> > the wheel? Is it possible to hook this into DNS like the other .*lists
> do?
>
> What do you mean by 'hook this into DNS'?  Do you mean like SPF and
> such?  Or
> are you thinking of something different ...
>
> As for Pyzor protocol  ... no idea on whether or not this was ever
> published by
> the original developer ;(
>

-- 
Jerry Wilborn
jer...@gm...