RE: The Protocol [2nd Try]

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

From: pyz...@li...
[mailto:pyz...@li...]On Behalf Of Jerry Wilborn

  Talk about a can of worms!

  Does it really need a full client/server implementation? I'm new here, so
I'm ignorant to any discussion of why that method may have been selected to
start.  I can say that the only things I've seen that can stand up to the
hundreds of queries/second that worldwide lists punish servers with are
'rbldnsd' and 'rbldns'.  With a message hash it feels a bit like 'square
peg/round hole' (hashes and daemons built to do reverse DNS).  You guys have
experience stress testing tinydns? =)

  To ask the shorter question, can we setup 'hash.pyzor.something.ext' as
the host, and then have a TXT record with the response?
Pyzor cames with its own client/server protocol. It doesn't mean that the
query interface cannot be changed sometime in the future, but actually FWIK
this is not regarded as a main priority.

Just to le you know, the Pyzor's main priority is actually server's load
balancing and multi-master asynchronous replication. The purpouse is to
allow many, distributed public servers serving queries to the pyzor
database.

Please note that similar, proprietary implementations (notably, Razor) do
adopt a non-rfc client/server protocol, but also supply a net of distributed
fontends to their database.

A DNS-lookup interface to pyzor would shurely simplify quering the db, but
would not make any functional improvement in spam reporting.

Giampaolo

  Here's what I can tell from just kinda 10,000' overviewing it, please
interject any information you may have.  The program 'pyzor' connects to the
server/port listed in ~/.pyzor/servers (can be updated with 'pyzor
discover').  If you tell it to checck ('pyzor check < /tmp/spamfile') it
will compute a hash of the message (how?) and then send a HTTPish type
command to the server via tcp/cleartext on the other end. A command looks
like this:

  User: anonymous [ static ]
  Time: 1164688654  [ seconds since the epoch ]
  Sig: 45aed8ad7d2bd59f339c7e88c0d4e533c1c68b9c   [ dunno how it's computed,
but it changes based on message content ]

  Op: check [ specified via command line ]
  Op-Digest: 0dfe4745346676d78cc6bc11ff71d444546c0544 [ don't now how it's
computed, 'echo -n check | md5sum' doesn't come back with this hash... it's
static ]
  Thread: 26283 [ pid ?]
  PV: 2.0 [ version number i guess; static, ends with \n\n]

  I haven't been able to get a response, and with my python being
rudementary at best, it's going to take me a while to figure out what one
looks like.  It looks like the Spamassassin parsing code
[.../Mail/SpamAssassin/Plugin/Pyzor.pm] may be more helpful than the
server.py.

  On 11/27/06, Marc G. Fournier < sc...@hu...> wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - --On Monday, November 27, 2006 22:04:30 -0600 Jerry Wilborn
    < jer...@gm...> wrote:

    > Please forgive my ignorance of the protocol. Is there a place where I
can
    > read about how the actual question/answer is transmitted? Are we
re-inventing
    > the wheel? Is it possible to hook this into DNS like the other .*lists
do?

    What do you mean by 'hook this into DNS'?  Do you mean like SPF and
such?  Or
    are you thinking of something different ...

    As for Pyzor protocol  ... no idea on whether or not this was ever
published by
    the original developer ;(

  --
  Jerry Wilborn
  jer...@gm...