Hey guys,
I'm trying to install and make dcc, pyzor and razor work on my servers. I followed the instructions from: Building a Poor Man’s Barracuda – cPanel edition
However, pyzor discover says command not found, so I haven't modified my local.cf yet to include use_pyzor 1 - any tips on this one?
I also found another tutorial here: shivasbase.blogspot.com/2012/03/cpanel-anti-spam-with-sare-dcc-razor.html
But they are extra steps for DCC and Razor which is not found in the first tutorial (which is rather simple and straightforward). I have not performed those extra steps, are they needed with the latest versions of the mentioned software?
Those are:
For DCC, it's basically just running DCC as a daemon rather than calling it from spamassassin (which is how I think it behaves?)
Lastly, I tried running a spam test - https://spamassassin.apache.org/gtube/gtube.txt
Here are the results (and again I still haven't configured use_pyzor), please let me know if these are normal and they are indeed running properly as it's somehow cryptic. Also if you found any problems, please let me know.
Thanks a lot!
I'm trying to install and make dcc, pyzor and razor work on my servers. I followed the instructions from: Building a Poor Man’s Barracuda – cPanel edition
However, pyzor discover says command not found, so I haven't modified my local.cf yet to include use_pyzor 1 - any tips on this one?
I also found another tutorial here: shivasbase.blogspot.com/2012/03/cpanel-anti-spam-with-sare-dcc-razor.html
But they are extra steps for DCC and Razor which is not found in the first tutorial (which is rather simple and straightforward). I have not performed those extra steps, are they needed with the latest versions of the mentioned software?
Those are:
Code:
razor-admin –create
mkdir /var/spool/mqueue
chown mailnull:mail /var/spool/mqueue
razor-admin -d -create -home=/var/spool/mqueue/.razor/
razor-admin -register -home=/var/spool/mqueue/.razor/
chmod 755 /var/spool/mqueue/.razor
chown -R mailnull:mail /var/spool/mqueue/.razor
cd /var/spool/mqueue/.razor
touch razor-whitelist
nano /var/spool/mqueue/.razor/razor-agent.conf
Change or add the following:
debuglevel = 1
razorhome = /var/spool/mqueue/.razor/
Configure to run as a daemon
cd /var/dcc
nano dcc_conf
Change DCCD_ENABLE to off, and DCCIFD_ENABLE to on.
Configure startup script
cd /etc/rc.d/init.d
ln -s /var/dcc/libexec/rcDCC DCC
chkconfig --add DCC
/etc/rc.d/init.d/DCC startLastly, I tried running a spam test - https://spamassassin.apache.org/gtube/gtube.txt
Here are the results (and again I still haven't configured use_pyzor), please let me know if these are normal and they are indeed running properly as it's somehow cryptic. Also if you found any problems, please let me know.
Code:
[email protected] [~]# cat spamtest.txt | grep -i dcc
Dec 8 16:29:33.571 [857590] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC
Dec 8 16:29:33.580 [857590] dbg: dcc: network tests on, registering DCC
Dec 8 16:29:34.286 [857590] dbg: config: fixed relative path: /var/lib/spamassassin/3.004001/updates_ spamassassin_org/25_dcc.cf
Dec 8 16:29:34.286 [857590] dbg: config: using "/var/lib/spamassassin/3.004001/updates_spamassassin_o rg/25_dcc.cf" for included file
Dec 8 16:29:34.286 [857590] dbg: config: read file /var/lib/spamassassin/3.004001/updates_spamassassi n_org/25_dcc.cf
Dec 8 16:29:35.382 [857590] dbg: config: warning: no description set for DCC_REPUT_13_19
Dec 8 16:29:37.197 [857590] dbg: util: executable for cdcc was found at /usr/local/bin/cdcc
Dec 8 16:29:37.197 [857590] dbg: dcc: dcc_pgm_path, found cdcc in env.path: /usr/local/bin/cdcc
Dec 8 16:29:37.205 [857590] dbg: dcc: `/usr/local/bin/cdcc -qV homedir libexecdir` reports '1.3.158 h omedir=/var/dcc libexecdir=/var/dcc/libexec '
Dec 8 16:29:37.206 [857590] dbg: dcc: use 'dcc_libexec /var/dcc/libexec' from cdcc
Dec 8 16:29:37.206 [857590] dbg: dcc: use 'dcc_home /var/dcc' from cdcc
Dec 8 16:29:37.206 [857590] dbg: dcc: dccifd is not available; no r/w socket at /var/dcc/dccifd
Dec 8 16:29:37.206 [857590] dbg: util: executable for dccproc was found at /usr/local/bin/dccproc
Dec 8 16:29:37.206 [857590] dbg: dcc: dcc_pgm_path, found dccproc in env.path: /usr/local/bin/dccproc
Dec 8 16:29:37.207 [857590] dbg: dcc: /usr/local/bin/dccproc is available
Dec 8 16:29:37.208 [857590] dbg: dcc: opening pipe to /usr/local/bin/dccproc -C -x 0 -R -w whiteclnt </tmp/.spamassassin857590ypTFQPtmp
Dec 8 16:29:37.343 [857590] dbg: dcc: dccproc responded with 'X-DCC-x.dcc-servers-Metrics: myserver. myhostname.com 104; Body=many Fuz1=many Fuz2=many'
Dec 8 16:29:37.694 [857590] dbg: check: tagrun - tag DCCB is now ready, value: x.dcc-servers
Dec 8 16:29:37.694 [857590] dbg: check: tagrun - tag DCCR is now ready, value: myserver.myhostname.com 104 ; Body=many Fuz1=many Fuz2=many
Dec 8 16:29:37.694 [857590] dbg: dcc: listed: BODY=999999/999999 FUZ1=999999/999999 FUZ2=999999/99999 9 REP=0/90
Dec 8 16:29:37.695 [857590] dbg: rules: ran eval rule DCC_CHECK ======> got hit (1)
Dec 8 16:29:39.676 [857590] dbg: plugin: Mail::SpamAssassin::Plugin::DCC=HASH(0x2b1f9c8) implements ' check_post_learn', priority 0
Dec 8 16:29:39.677 [857590] dbg: dcc: DCC learning not enabled by dcc_learn_score
Dec 8 16:29:39.677 [857590] dbg: check: tests=DCC_CHECK,DIGEST_MULTIPLE,GTUBE,NO_RECEIVED,NO_RELAYS,P YZOR_CHECK
Dec 8 16:29:39.678 [857590] dbg: timing: total 6137 ms - init: 2808 (45.8%), parse: 1.01 (0.0%), extr act_message_metadata: 11 (0.2%), get_uri_detail_list: 5 (0.1%), tests_pri_-1000: 11 (0.2%), compile_ge n: 417 (6.8%), compile_eval: 48 (0.8%), tests_pri_-950: 8 (0.1%), tests_pri_-900: 8 (0.1%), tests_pri_ -400: 7 (0.1%), tests_pri_0: 1282 (20.9%), check_spf: 46 (0.7%), dkim_load_modules: 34 (0.6%), check_d kim_signature: 0.58 (0.0%), check_dkim_adsp: 56 (0.9%), check_dcc: 147 (2.4%), check_razor2: 74 (1.2%) , check_pyzor: 274 (4.5%), tests_pri_500: 1976 (32.2%), poll_dns_idle: 1735 (28.3%)
X-Spam-Status: Yes, score=1003.1 required=5.0 tests=DCC_CHECK,DIGEST_MULTIPLE,
1.1 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
1.1 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
Code:
[email protected] [~]# cat spamtest.txt | grep -i pyzor
Dec 8 16:29:33.580 [857590] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC
Dec 8 16:29:33.587 [857590] dbg: pyzor: network tests on, attempting Pyzor
Dec 8 16:29:34.296 [857590] dbg: config: fixed relative path: /var/lib/spamassassin/3.004001/updates_spamassassin_org/25_pyzor.cf
Dec 8 16:29:34.297 [857590] dbg: config: using "/var/lib/spamassassin/3.004001/updates_spamassassin_org/25_pyzor.cf" for included file
Dec 8 16:29:34.297 [857590] dbg: config: read file /var/lib/spamassassin/3.004001/updates_spamassassin_org/25_pyzor.cf
Dec 8 16:29:37.418 [857590] dbg: util: executable for pyzor was found at /usr/bin/pyzor
Dec 8 16:29:37.418 [857590] dbg: pyzor: pyzor is available: /usr/bin/pyzor
Dec 8 16:29:37.419 [857590] dbg: pyzor: opening pipe: /usr/bin/pyzor --homedir /etc/mail/spamassassin check < /tmp/.spamassassin857590ypTFQPtmp
Dec 8 16:29:37.691 [857590] dbg: pyzor: [857616] finished: exit 1
Dec 8 16:29:37.691 [857590] dbg: pyzor: got response: public.pyzor.org:24441 (200, 'OK') 87 3
Dec 8 16:29:37.692 [857590] dbg: check: tagrun - tag PYZOR is now ready, value: Whitelisted.
Dec 8 16:29:37.692 [857590] dbg: pyzor: listed: COUNT=87/5 WHITELIST=3
Dec 8 16:29:37.693 [857590] dbg: rules: ran eval rule PYZOR_CHECK ======> got hit (1)
Dec 8 16:29:39.677 [857590] dbg: check: tests=DCC_CHECK,DIGEST_MULTIPLE,GTUBE,NO_RECEIVED,NO_RELAYS,PYZOR_CHECK
Dec 8 16:29:39.678 [857590] dbg: timing: total 6137 ms - init: 2808 (45.8%), parse: 1.01 (0.0%), extract_message_metadata: 11 (0.2%), get_uri_detail_list: 5 (0.1%), tests_pri_-1000: 11 (0.2%), compile_gen: 417 (6.8%), compile_eval: 48 (0.8%), tests_pri_-950: 8 (0.1%), tests_pri_-900: 8 (0.1%), tests_pri_-400: 7 (0.1%), tests_pri_0: 1282 (20.9%), check_spf: 46 (0.7%), dkim_load_modules: 34 (0.6%), check_dkim_signature: 0.58 (0.0%), check_dkim_adsp: 56 (0.9%), check_dcc: 147 (2.4%), check_razor2: 74 (1.2%), check_pyzor: 274 (4.5%), tests_pri_500: 1976 (32.2%), poll_dns_idle: 1735 (28.3%)
GTUBE,NO_RECEIVED,NO_RELAYS,PYZOR_CHECK shortcircuit=no autolearn=no
2.0 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
2.0 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
Code:
[email protected] [~]# cat spamtest.txt | grep -i razor
Dec 8 16:29:33.588 [857590] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
Dec 8 16:29:33.685 [857590] dbg: razor2: razor2 is available, version 2.84
Dec 8 16:29:34.298 [857590] dbg: config: fixed relative path: /var/lib/spamassassin/3.004001/updates_spamassassin_org/25_razor2.cf
Dec 8 16:29:34.298 [857590] dbg: config: using "/var/lib/spamassassin/3.004001/updates_spamassassin_org/25_razor2.cf" for included file
Dec 8 16:29:34.298 [857590] dbg: config: read file /var/lib/spamassassin/3.004001/updates_spamassassin_org/25_razor2.cf
Dec 8 16:29:37.417 [857590] dbg: razor2: part=0 noresponse
Dec 8 16:29:37.418 [857590] dbg: razor2: results: spam? 0
Dec 8 16:29:37.418 [857590] dbg: razor2: results: engine 4, highest cf score: 0
Dec 8 16:29:37.418 [857590] dbg: razor2: results: engine 8, highest cf score: 0
Dec 8 16:29:39.678 [857590] dbg: timing: total 6137 ms - init: 2808 (45.8%), parse: 1.01 (0.0%), extract_message_metadata: 11 (0.2%), get_uri_detail_list: 5 (0.1%), tests_pri_-1000: 11 (0.2%), compile_gen: 417 (6.8%), compile_eval: 48 (0.8%), tests_pri_-950: 8 (0.1%), tests_pri_-900: 8 (0.1%), tests_pri_-400: 7 (0.1%), tests_pri_0: 1282 (20.9%), check_spf: 46 (0.7%), dkim_load_modules: 34 (0.6%), check_dkim_signature: 0.58 (0.0%), check_dkim_adsp: 56 (0.9%), check_dcc: 147 (2.4%), check_razor2: 74 (1.2%), check_pyzor: 274 (4.5%), tests_pri_500: 1976 (32.2%), poll_dns_idle: 1735 (28.3%)Thanks a lot!
Last edited by a moderator:
