[rbldnsd] Slightly OT: script to add to rbldnsd zone
David Landgren
david at landgren.net
Sat Jan 29 00:35:07 MSK 2005
Michael Tokarev wrote:
> David Landgren wrote:
>
>> Robin Lynn Frank wrote:
>>
>>> I've been adapting a shell script we've been using to add such things as
>>> dictionary spam, unauthorized relay attempts, hits on spamtraps, etc to
>>> a postfix access map, so it can be used to add to a rbldnsd zone.
>
> []
>
>>> cat /var/tmp/rbldnsd_abuse.map /var/tmp/rbldnsd_abuse.map
>>> /var/lib/rbldns/abuse |\
>>> sort -f | uniq -i \
>>> > /var/tmp/rbldnsd_abuse.map
>>
>>
>> Something like:
>>
>> (
>> echo ":127.0.0.4:DNSBL. Policy restrictions etc."
>> sort -f /var/tmp/rbldnsd_abuse
>> ) | uniq -i > /var/tmp/rbldnsd_abuse.map
>>
>> perhaps?
>
>
> Please don't repeat the same mistake/bug, it is very important:
> you should use atomic rename when everything is ready, and never
> update the data file directly (except maybe in a few cases --
> also questionable but sometimes possible -- when you want to add
> a single line using >> shell construct). Instead of
> command > datafile
> use two-stage process:
> command > datafile.tmp && mv -f datafile.tmp datafile
> This guarantees rbldnsd gets complete data file even if it will
> try to load data while it is being constructed.
Yes of course, you are absolutely correct, and I expected that Robin
understands this as well. I assumed (perhaps incorrectly) that the file
was being built in a staging area (like me), before being ferried over
and fed to rbldnsd.
I was more interestd in showing the (foo; bar; rat) > outfile shell
construct. In my experience, not many people are aware of the idiom. It
can often be used to great effect, obviating the need for temp files.
David
More information about the rbldnsd
mailing list