/var partition overflow (due to spyware?) in FreeBSD default install

[David G. Andersen]

Garance A Drosihn just mooed:
> newsyslog for the past year.  I am pretty familiar with it.
> 
> What I meant was that in circumstances where "once per hour"
> is not fast enough, then I do not believe the right solution
> is to rotate files every five minutes.  Just MO.

the problem is very obviously an excess of messages from bind.
This bug report should go to the ISC folks.  No daemon should
be spewing out log messages at the _incredible_ rate that
bind does when it decides it doesn't like what it's getting
in this context.  The same bug can be triggered by using a
forwarding nameserver that bind doesn't like.

The immediate question to ask is, "is this fixed in bind9?"

If it is, you're not likely to get an answer other than
"please upgrade."  ... which seems like a pretty reasonable
thing to do, if that's the case.  Bret, try upgrading to
bind9 and see if it still happens.  If it does, then reduce
it to the simplest test case you can and report it to the
bind people.  If it doesn't, then call yourself happy and
let the rest of us know that it's a good way to avoid the
problem.

  -Dave

-- 
work: dga at lcs.mit.edu                          me:  dga at pobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/
      I do not accept unsolicited commercial email.  Do not spam me.