On 2024-08-24 11:25 UTC, Klemens Nanni <kn@openbsd.org> wrote:
> 06.07.2024 18:40, Kirill A. Korinsky пишет:
>> Folks,
>> 
>> Here a reminder about this diff.
>> 
>> I'm using it for about two weeks and it jsut works.
>> 
>> The diff changes symantic of blacklist into:
>> 
>>      type list file [log]
>
>        block|pass list file [log]
>

This sounds like a solution in search of a problem. I don't know a world
in which you can allow list a set of domains and expect things to work.

Where do you get this list? Are you sending an email to
HOSTSMASTER@SRI-NIC.ARPA?

It also creates an incredible amount of churn, hiding the changes
needed for substring matching. And there are changes in there that I
don't understand.

I'm also worried that we're now reversing (twice for some reason?) every
qname. Is that cheap?

I think the syntax of starting with a dot to mean any sub-label no
matter how deep is the least worst option.

-- 
In my defence, I have been left unsupervised.