[rbldnsd] Warning: possible danger of using rbldnsd, and upcoming data format change

[Michael Tokarev]

There's one possible problem with using rbldnsd and
ip4set dataset type in particular, which may happen
due to somehow corrupted input data.  Imagine somehow
incorrect data transfer, when the input file is
incomplete, for example, original file contains the
line

  127.0.0.2

which list a single IPv4 address, but after a failed
transfer, the line shortened to only one digit:

  1<EOF>

This is valid input for rbldnsd, and it will treat
such an input as...  1.0.0.0/8!  Or, if the line
was shortened to

  127.0<EOF>

rbldnsd will assume it is 127.0.0.0/16, and so on.

In case there is a possibility to have corrupt input
(most obvious is to use rsync with -P option (wrong!) -
if the transfer fails in the middle for ANY reason,
rsync will leave half-transferred file in place), and
such a possibility is in fact exists almost all the
time, one risks to list quite a large block of IP
addresses.

In order to reduce a risk to list larger netranges
due to corrupted input, I plan to modify rbldnsd
in such a way so it will reject incomplete IPv4
addreses, disallowing prefixes.  In order to
specify the /8 listing for example, one will have
to type 3 zero octets, like 127.0.0.0/8, not
like 127 or 127/8.  Well... maybe the 127/8 form
still will be accepted.

Note this is incompatible change (obviously),
and this warning is in order to give a time
to review your datasets and ensure they're ok.

Note ip4tset dataset type (available since 0.992)
does not have this "problem", because it only
recognizes complete IPv4 addresses, disallowing
prefixes like in the above examples.  But this
dataset type is rather limited (compared to ip4set),
and only suitable for some kinds of DNSBLs (like
dsbl.org, cbl.abuseat.org, ordb.org).

Another change I'm planning is to constrain the
minimum prefix length (per dataset), and to reject
the whole dataset in case of too many parsing
errors.  But I have to think about the features
first... ;)

/mjt