I second that proposal. According to several calculations those ranges will be allocated to RIRs by IANA before next Debian is out :-). Using IPv4 bogon lists is very unwise these days if you are unable to update them frequently.
O. Craig Shelley píše v Ne 28. 10. 2007 v 11:44 +0000: > Package: spamassassin > Version: 3.0.3-2sarge1 > Severity: normal > Tags: patch > > Spamassassin is configured with out of date trusted IP ranges. > Spammers are operating in these IP ranges, and due to the > misconfiguration causes certain tests eg. SPF to be bypassed. This > results in excessive spam from hosts in these IP ranges. > > This problem was fixed upstream with SVN revision 124829. > "bug 3968: don't trust that reserved networks are internal/private, only use > private networks that are not publicly routeable" > > Bugzilla Bug 3968: > IP_IN_RESERVED_RANGE, in Constants.pm, is out of date. Specifically, 71/8 and > 72/8 are no longer reserved, according to > http://www.iana.org/assignments/ipv4-address-space. > > The solution is to essentially remove all of the reserved IP ranges from the > list stored in Constants.pm leaving just the private ranges as per commit > 124829. > > > -- System Information: > Debian Release: 3.1 > Architecture: i386 (i686) > Kernel: Linux 2.6.19.2 > Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) > > Versions of packages spamassassin depends on: > ii debconf 1.4.30.13 Debian configuration management > sy > ii libdigest-sha1-perl 2.10-1 NIST SHA-1 message digest > algorith > ii libhtml-parser-perl 3.45-2 A collection of modules that > parse > ii perl [libstorable-perl] 5.8.4-8sarge5 Larry Wall's Practical > Extraction > ii spamc 3.0.3-2sarge1 Client for SpamAssassin spam > filte > > -- debconf information excluded -- Ondřej Surý <[EMAIL PROTECTED]> *** http://blog.rfc1925.org/ Kulturní občasník *** http://www.obcasnik.cz/ Nehoupat, prosím *** http://nehoupat.blogspot.com/
