On Feb 02 08:26:24, j...@bonetruck.org wrote: > * Jan Stary <h...@stare.cz> [140130 14:01]: > > I have been running this for some days and see no regression. > > The false positives in the DNS checks seem to be gone. > > It's definitely an improvement to 1.02 > > > > However, reading the code, I see that there is still a hardcoded > > limit of 5 timeouts, after which _everything_ is blacklisted. > > Incorrect. Line 139 says: > > next unless ( $strikes{"$h"} == 2 );
Ah, yes. Sorry for the misinterpretatiton. > Both DNS checks, MX and A, must fail to blacklist a host. If a host > has timed out during a check, it won't have accumulated 2 strikes and > therefore is skipped. Here's the relevant commit: > > https://bitbucket.org/bonetruck/greyscanner/commits/4816f27709527912172d81a80d184aaad4cc0a71 > > jim@ > > > That don't seem to be right (not that I've bee nbit by it). > > > > > > Jan > > > > On Jan 23 09:25:52, j...@bonetruck.org wrote: > > > *ping* > > > > > > * Jim Razmus <j...@bonetruck.org> [140121 13:34]: > > > > I've just released greyscanner version 2.01. Notable changes include: > > > > > > > > -config file moved from /etc to /etc/mail > > > > -now runs with privilege separation using the _greyscanner user > > > > > > > > Anyone using the external address checking feature should ensure those > > > > programs are executable by _greyscanner. > > > > > > > > This version includes bug fixes to address the false positives coming > > > > out of the DNS checking logic. > > > > > > > > The attached patch updates the port. ok to commit? > > > > > > > > jim@ > > > > > > > > > > > Index: greyscanner//Makefile > > > > =================================================================== > > > > RCS file: /cvs/ports/mail/greyscanner/Makefile,v > > > > retrieving revision 1.9 > > > > diff -u -p -r1.9 Makefile > > > > --- greyscanner//Makefile 5 Dec 2013 00:27:50 -0000 1.9 > > > > +++ greyscanner//Makefile 21 Jan 2014 19:28:51 -0000 > > > > @@ -2,7 +2,7 @@ > > > > > > > > COMMENT = greytrapping daemon to complement OpenBSD spamd > > > > > > > > -DISTNAME = greyscanner-1.02 > > > > +DISTNAME = greyscanner-2.01 > > > > CATEGORIES = mail > > > > HOMEPAGE = https://bitbucket.org/bonetruck/greyscanner/ > > > > > > > > Index: greyscanner//distinfo > > > > =================================================================== > > > > RCS file: /cvs/ports/mail/greyscanner/distinfo,v > > > > retrieving revision 1.2 > > > > diff -u -p -r1.2 distinfo > > > > --- greyscanner//distinfo 5 Dec 2013 00:27:50 -0000 1.2 > > > > +++ greyscanner//distinfo 21 Jan 2014 19:28:51 -0000 > > > > @@ -1,2 +1,2 @@ > > > > -SHA256 (greyscanner-1.02.tar.gz) = > > > > +VUp/IRTWFVqVpZ9s4tYyy+zmo3XYixD1m6iYSKVSwg= > > > > -SIZE (greyscanner-1.02.tar.gz) = 6919 > > > > +SHA256 (greyscanner-2.01.tar.gz) = > > > > slAMP072Plahg7258zblHQ7zRusq5iQGJsOGOy0MXHI= > > > > +SIZE (greyscanner-2.01.tar.gz) = 7489 > > > > Index: greyscanner//pkg/PLIST > > > > =================================================================== > > > > RCS file: /cvs/ports/mail/greyscanner/pkg/PLIST,v > > > > retrieving revision 1.2 > > > > diff -u -p -r1.2 PLIST > > > > --- greyscanner//pkg/PLIST 1 May 2011 20:05:54 -0000 1.2 > > > > +++ greyscanner//pkg/PLIST 21 Jan 2014 19:28:51 -0000 > > > > @@ -1,4 +1,6 @@ > > > > @comment $OpenBSD: PLIST,v 1.2 2011/05/01 20:05:54 sthen Exp $ > > > > +@newgroup _greyscanner:729 > > > > +@newuser _greyscanner:729:729:daemon:greyscanner > > > > daemon:/nonexistent:/sbin/nologin > > > > @man man/man1/greyscanner.1 > > > > sbin/greyscanner > > > > share/examples/greyscanner/ > >