Unmaintained FreeBSD ports which are out of date

2023-01-24 Thread portscout 
Dear port maintainers,

The portscout new distfile checker has detected that one or more
unmaintained ports appears to be out of date. Please take the opportunity
to check each of the ports listed below, and if possible and appropriate,
submit/commit an update. Please consider also adopting this port.
If any ports have already been updated, you can safely ignore the entry.

An e-mail will not be sent again for any of the port/version combinations
below.

Full details can be found at the following URL:
http://portscout.freebsd.org/po...@freebsd.org.html


Port| Current version | New version
+-+
cad/ifcopenshell| 0.6.0   | 
blenderbim-230123
+-+
sysutils/py-pywatchman  | 4.9.0   | 
v2023.01.23.00
+-+


If any of the above results are invalid, please check the following page
for details on how to improve portscout's detection and selection of
distfiles on a per-port basis:

http://portscout.freebsd.org/info/portscout-portconfig.txt

Reported by:portscout!

Re: postfix' blacklistd patch

2023-01-24 Thread Juraj Lutter 



> On 16 Jan 2023, at 16:49, Michael Grimm  wrote:
> 
> Hi,
> 
> I wonder if the following condition for triggering blacklistd is appropriate:
> 
> 
>/* notify blacklistd of SASL authentication failure */
>pfilter_notify(1, vstream_fileno(state->client));
>return (-1);
>}
> 
> If I am not mistaken blacklistd will become notified even after a 'Temporary 
> authentication failure'. 
> 
> Has this been intended?


Yes, because even an temporary failure could be a result of a “brute force 
attack”.

—
Juraj Lutter
o...@freebsd.org

Re: postfix' blacklistd patch

2023-01-24 Thread Michael Grimm 
Juraj Lutter  wrote:
>> On 16 Jan 2023, at 16:49, Michael Grimm  wrote:

>> I wonder if the following condition for triggering blacklistd is appropriate:
>> 
>> 
>>   /* notify blacklistd of SASL authentication failure */
>>   pfilter_notify(1, vstream_fileno(state->client));
>>   return (-1);
>>   }
>> 
>> If I am not mistaken blacklistd will become notified even after a 'Temporary 
>> authentication failure'. 
>> 
>> Has this been intended?
> 
> 
> Yes, because even an temporary failure could be a result of a “brute force 
> attack”.

Thanks for the clarification and regards,
Michael