On 12/09/17 00:56, RW wrote:
On Tue, 12 Sep 2017 00:37:40 +0100
Sebastian Arcus wrote:
On 11/09/17 20:20, RW wrote:
This is why pyzor has the local_whitelist command. At very least
it's a good idea to pipe an empty string through
"pyzor local_whitelist" (probably as the user running
spamassassin).
I have spotted that command in the docs - and if it worked, it would
seem like a good solution. But it doesn't seem to. I have added the
hash of the empty string to the local whitelist. If I try to re-add
the same hash, or the hash of the problem emails - I get a message
stating that it is already in the whitelist - so it would appear to
be working. But when running the email message through SA, it still
hits PYZOR_CHECK. I have found the location of Pyzor's local
whitelist - and the permissions are correct. It appears that SA
completely ignores the fact that the digest is whitelisted locally:
SA can't ignore it, if a hash is whitelisted pyzor returns a dummy
result. e.g.:
$ echo "" | pyzor check
public.pyzor.org:24441 (200, 'OK') 0 0
compared with:
$ echo "" | pyzor --local-whitelist=/nonextistent check
public.pyzor.org:24441 (200, 'OK') 2749671 82562
Thank you for that. I finally gotten to the bottom of my problem. It was
the Pyzor homedir. Although I have set it up in
/etc/mail/spamassassin/local.cf, I ended up confusing myself. If I ran
as root:
#pyzor local_whitelist < /email.eml
it placed the whitelist in /root/.pyzor/whitelist
When I ran:
#su - spamd -c "pyzor local_whitelist < /email.eml"
it placed it in /var/spool/spamd/.pyzor/whitelist (/var/spool/spamd is
the homedir of the 'spamd' user on this system)
But when I ran:
#su - spamd -c "pyzor --homedir /var/spool/spamd < /email.eml"
it placed it in /var/spool/spamd/whitelist
The confusing part is that left to its devices, Pyzor creates a .pyzor
dir in the home dir of the user it is run as. But if --homedir is
specified, it dumps stuff directly there, instead of creating a .pyzor
dir. In the end I got rid of the "pyzor_options --homedir" option in
local.cf and it worked fine. I was just tying myself in knots there :-)
Thanks again
