$Id: NEWS,v 1.15 2003/05/08 17:06:55 mjt Exp $

This file describes user-visible changes in rbldnsd.
Never news are at top.

0.89p4 (8 May 2003)

 - since bind9 returns NXDOMAIN for b.example.com even if a.b.example.com
   exists, all the NXDOMAIN elimination code has been removed.  So much
   useless work.  Now rbldnsd is small again.

0.89p3 (8 May 2003)

 Incompatible changes:

 - ip4vset and dnvset are gone.  A trivial idea allowed me to merge
   functionality into ip4set and dnset.
   This means, in particular, that default A/TXT values may be specified
   at any place in data files, and applies to all subsequent records up
   to end of file (defaults gets reset at file boundary), and negative
   (exclusion) entries works - all in uniform way.

 - $NS special in every dataset instead of NS record in generic dataset.
   Up to 20 per zone may be specified.  Rbldnsd still does not add NS RRs
   into normal answers, and perhaps will never do; also it never fills up
   ADDITIONAL section (e.g. with NS A RRs).

 - rbldnsd will now refuse ANY, SOA and NS queries for zone's base DN if
   SOA and/or NS records (as specials) aren't specified.

 - Support for NS and SOA record types removed from generic dataset.  Use
   dataset specials ($SOA and $NS) for this.

 - $SOA and $NS specials requires TTL as a first word, so SOA become
   8-field instead of 7-field, and NS become 2-field instead of one-field.

 Changes:

 - Allow to specify TTL per dataset (as $TTL special), and for every record
   in generic dataset (optional field before record type)

 - substitution variables $0,$1,$2...$9 implemented for TXT templates,
   so it is now possible to use less space and less typing.  I don't know
   whenever this is useful or not.

0.89p2 (6 May 2003)

 Incompatible changes:

 - rbldnsd now substitutes listed DN in TXT template, instead of query DN,
   e.g. if some.spammer.example.com is queried, and *.spammer.example.com
   listed, `spammer.example.com' will be used for $ substitution.  For
   domain-based lists (dn[v]set) only, IP-based always substitutes an IP.

 - for name-based lists, empty domain names disallowed.

 Changes:

 - completed NXDOMAIN vs subdomains handling for domain-based lists
   (generic, dn[v]set).  Rbldnsd now very close to BIND behaviour with
   all it's dataset types.

 - correctly handle zero bytes in DN names ewerywhere.  Before, rbldnsd
   was incorrect in this area.

 - allow logging to be done to FIFO (ignore SIGPIPE and open with NODELAY)

 - control whenever logging is buffered or not (place `+' in front of
   logfile (-l option) to make it non-buffered)

 - log (-l) creation errors are now logged to syslog as warnings

 - -q option - quick/quiet start, load zones after backgrounding
   (so load errors are not fatal)

 - as usual, some more code cleanups etc all over the place.

0.89p1 (4 May 2003)

 many changes.  "Expirience" release...

 Incompatible changes:

 - generic zone does not understand SOA records anymore - SOA now may be
   specified in every zone data file as $SOA.

 - rbldnsd now matches BIND's runtime behaviour as close as possible.  In
   particular, rbldnsd now replies to any query type (except of AXFR and
   the like), giving positive reply if requested name exists.  Also, it now
   will reply to queries like 0.0.127.bl.example.com (note partial IP)
   positively with zero answers (certainly, such domain does exists if
   e.g. 127.0.0.2 is listed).  Additionally, rbldnsd now inserts SOA
   record (if available) to every answer that contains no answer section
   (this way, it is possible to specify negative caching ttl for example).

 - order of zones in command line is now important again.  Rbldnsd will
   stop searching at first matching zone found, so if a superzone specified
   before some of it's subzone, subzone will never be consulted.  This may
   change again in the future.

 Changes:

 - much improved manual page, including new "bugs" section and usage of
   proper (I hope) terms (in particular, "zone" changed to "dataset" where
   appropriate)

 - default values for ip4vset and dnvset may be specified in any line of
   data file, and applies to all subsequent entries
 
 - major code cleanups and some redesigns, to follow BIND's behaviour

 - generic dataset may now handle MX records too.

 - proper domain name compression implemented (SOA, NS, MX values)

 - SOA serial value may be set to be dataset's modification timestamp
   (just specify serial to be 0 and rbldnsd will set it automatically)

0.84 (not released):

 - return positive result with zero records to AAAA, PTR and CNAME
   queries.  Hack for now, but this way rbldnsd may finally be used
   together with sendmail and bind...

 - rewrote query parsing routine to be much more accurate and a bit faster.

0.83 (released 2003-04-19)

 - critical security fix in query parsing code - that check was
   here initially, in version 0.1, but was removed when I optimized
   that code.  Ugh!..

 - portability: 4.4 FreeBSD does not have mallinfo() and stdint.h
   (use appropriate -Ddefines, Makefile)

 - access control and filtering logging by IP

 - inlined qsort routine, speed up loading significantly.

 - removed some cruft from the code

0.82 (released 2003-04-05)

 - recognize another variation of IP address range, for easy use:

     127.0.0.1-2 is now treated as 127.0.0.1-127.0.0.2
     127.0-200   is now treated as 127.0.0.0-127.200.255.255

 - debianized

0.81 (released 2003-04-03)

 - rbldnsd now recognizes IP address ranges in additional to
   IP prefixes and CIDR ranges, e.g. 127.0.0.2-127.0.1.5 now
   works with ip4[v]set zonetypes (range is inclusive).  May
   be disabled at compile time by adding -DNOIP4RANGES to
   $(DEFS).
 
 - new option, -e, to enable usage of "non-conforming" CIDR
   ranges, where prefix does not fit within given netmask.

 - -v option is gone, new option -l to specify a logfile
   (it was a bad idea to log every request via syslog).

 - when constructing a dataset from several files, A and
   TXT records are now taken from _first_ file for ip4set
   and dnset (ignoring those in other files), and for
   ip4vset and dnvset, defaults are in effect for a single
   file only.

 - implemented removal of duplicate entries on zone data
   reloads.  May be disabled at compile time by adding
   -DNOREMOVEDUPS to $(DEFS).

 - various code cleanups

0.80 (released 2003-04-02)

 Incompatible changes:

 - command-line zone syntax has changed.  Consult the manpage
   for examples.  Basically, instead of

      type:file-zone-name

   rbldnsd now expects

      zone-name:type:file-name

   thus eliminating requiriment that zone name should be in
   file named after zone.  Also, a LIST (comma-separated) of
   filenames may be specified instead of a single file.  Note
   that all 3 fields are required.  Resulting command line
   may look somewhat ugly (and it may be long), but the effect
   is much improved flexibility.

 - logging has changed.  Data set may be reused for several
   zones, so "zone xxx loaded" message is now replaced by
   "dataset loaded", without any reference to zone(s) which
   uses that data set.

 - rbldnsd will abort it's startup if it will encounter any
   error during initial zone loading (missing file, out of
   memory etc).  After initialization, all errors are not
   fatal, but partially loaded zones will NOT be serviced
   (rbldnsd will return REFUSED in this case, as if it does
   not service this zone at all).  If, on subsequent reload,
   problematic zone will be back available, it will be included
   in servicing list automatically.

 Other changes:

 - rbldnsd now recognizes and answers to NS and SOA records.
   For this to work, one need to specify such records, and
   for this, new data type was introduced, named `generic'
   (simplified bind-style format, see manpage for more info).
   If no `generic' type dataset is specified for a domain,
   rbldnsd will refuse NS and SOA queries as before.

 - due to changed command line format, it is now possible to
   construct one zone from several data sets (by repeating
   the same zone name with different data sets), and to
   construct one data set from several files (of the same
   type).  Either way and any combinations works (see NOTES
   section in the manpage for examples).

 - logging of queries is implemented.  Give -v option to turn
   it on, but expect large amount of data to be logged on a
   busy site (every query will be logged via syslog).  This
   feature is mainly for debugging purposes, and later may
   be replaced with more advanced logging to a file.

0.74 (newer released)

 Incompatible changes over 0.73:

 - In ip4vset and most notable in dnvset types, it is now possible
   to specify exclusion of an entry (useful to specify large block
   and exclude a single entry from it).  This is done by prefixing
   an entry with an exclamation sign (!).  So, exclamation sign at
   start of line is now treated specially (it wasn't valid for
   ip4vset, but it was treated as a part of domain name in dnvset).

 - If no TXT record is available for an entry, rbldnsd will now not
   return NXDOMAIN but will return zero-entry successeful answer.
   This is how BIND works.  Something like "valid name but now data
   of requested type".

 Other changes in 0.74:

 - reorganized storage for TXT records, to speed up loading of zones
   with non-repeatable TXT values.  With this change, relays.osirusoft
   zones now requires somewhat more memory (since no hard work for TXT
   duplication elimination is now taking place), but overall case (where
   TXTs aren't repeated frequently) is now much faster, in particular,
   Wirehub's permblockIP.txt now loads in an acceptable time.  Rbldnsd
   still recognizes and packs adjanced duplicates.  Worst case will be
   with randomized osirusoft data (it has very many dups, but most are
   adjanced to each other).

 - reviewed logging, should be ok for buffer-overflow things.
   Also, prevent log flooding in case input file contains many
   errors (only first 5 is logged)
       
