malias · January 7, 2025 12:25 · bretton · Jan 7, 2025
diff --git a/dnsbl_check_beta_lb.sh b/dnsbl_check_beta_lb.sh
 #!/bin/sh
 ####
 # Titel 			dnsbl_check
 # Descritption 		This Script checks multiple ips and blacklist
 ####
 # Mail recipients (multiple mail addresses separated by whitespace)
 mail=''
 # Logfiles
 LogFile='/tmp/rbltemp.log'
 LogRBLfile='/var/log/rblfound.log'
 # In case a list isn't responding
 LogRBLfileWarn='/var/log/rblfound_warn.log'
 # All Mailserver IPs
 # The format is chosen to make it easy to add or delete
 # The shell will strip multiple whitespace
 allip='	
 	0.0.0.0
 	1.1.1.1
 	'
 # Check if an IP address is listed on one of the following blacklists
 BLISTS="
 	0spam.fusionzero.com	
 	0spam-killlist.fusionzero.com	
 	combined.abuse.ch	
 	drone.abuse.ch	
 	spam.abuse.ch	
 	httpbl.abuse.ch	
 	ipbl.zeustracker.abuse.ch	
 	rbl.abuse.ro	
 	spam.dnsbl.anonmails.de	
 	list.anonwhois.net	
 	dnsbl.anticaptcha.net	
 	orvedb.aupads.org	
 	rsbl.aupads.org	
 	aspews.ext.sorbs.net	
 	dnsbl.aspnet.hu	
 	ips.backscatterer.org	
 	b.barracudacentral.org	
 	bb.barracudacentral.org	
 	list.bbfh.org	
 	l1.bbfh.ext.sorbs.net	
 	l2.bbfh.ext.sorbs.net	
 	l3.bbfh.ext.sorbs.net	
 	l4.bbfh.ext.sorbs.net	
 	bbm.2ch.net	
 	niku.2ch.net	
 	bbx.2ch.net	
 	bitonly.dnsbl.bit.nl
 	netscan.rbl.blockedservers.com	
 	rbl.blockedservers.com	
 	spam.rbl.blockedservers.com	
 	list.blogspambl.com	
 	bsb.empty.us
 	bsb.spamlookup.net
 	query.bondedsender.org	
 	plus.bondedsender.org	
 	dnsbl.burnt-tech.com	
 	blacklist.sci.kun.nl	
 	whitelist.sci.kun.nl	
 	rot.blackhole.cantv.net
 	cbl.anti-spam.org.cn	
 	cblplus.anti-spam.org.cn	
 	cblless.anti-spam.org.cn	
 	cdl.anti-spam.org.cn	
 	cml.anti-spam.org.cn	
 	CBL	cbl.abuseat.org	
 	rbl.choon.net	
 	rwl.choon.net	
 	dnsbl.cyberlogic.net	
 	bogons.cymru.com	
 	v4.fullbogons.cymru.com	
 	tor.dan.me.uk	
 	torexit.dan.me.uk	
 	rbl.dns-servicios.com	
 	dnsbl.ipocalypse.net	
 	dnsbl.mags.net	
 	dnsbl.mcu.edu.tw	
 	dnsbl.rv-soft.info	
 	dnsblchile.org	
 	vote.drbl.caravan.ru	
 	vote.drbldf.dsbl.ru	
 	vote.drbl.gremlin.ru	
 	work.drbl.caravan.ru	
 	work.drbldf.dsbl.ru	
 	work.drbl.gremlin.ru	
 	bl.drmx.org	
 	DroneBL	dnsbl.dronebl.org	
 	rbl.efnet.org	
 	rbl.efnetrbl.org	
 	tor.efnet.org	
 	bl.emailbasura.org	
 	rbl.fasthosts.co.uk	
 	fnrbl.fast.net
 	forbidden.icm.edu.pl	
 	88.blocklist.zap	
 	hil.habeas.com	
 	accredit.habeas.com	
 	sa-accredit.habeas.com	
 	hul.habeas.com	
 	sohul.habeas.com	
 	lookup.dnsbl.iip.lu	
 	spamrbl.imp.ch	
 	wormrbl.imp.ch	
 	dnsbl.inps.de	
 	dnswl.inps.de	
 	intercept.datapacket.net	
 	rbl.interserver.net	
 	netblock.dnsl.ipquery.org	
 	relay.dnsl.ipquery.org	
 	single.dnsl.ipquery.org	
 	iadb.isipp.com	
 	iadb2.isipp.com	
 	iddb.isipp.com
 	wadb.isipp.com	
 	whitelist.rbl.ispa.at	
 	mail-abuse.blacklist.jippg.org	
 	dnsbl.justspam.org	
 	dnsbl.kempt.net	
 	spamlist.or.kr	
 	bl.konstant.no	
 	admin.bl.kundenserver.de	
 	relays.bl.kundenserver.de	
 	schizo-bl.kundenserver.de	
 	spamblock.kundenserver.de	
 	worms-bl.kundenserver.de	
 	spamguard.leadmon.net	
 	ipbl.mailhosts.org
 	ipwl.mailhosts.org
 	rhswl.mailhosts.org	
 	shortlist.mailhosts.org	
 	xpews.mailhosts.org	
 	bl.mailspike.net	
 	z.mailspike.net	
 	bl.mav.com.br	
 	cidr.bl.mcafee.com	
 	rbl.megarbl.net	
 	dnsbl.forefront.microsoft.com	
 	bl.mipspace.com	
 	combined.rbl.msrbl.net	
 	images.rbl.msrbl.net	
 	phishing.rbl.msrbl.net	
 	spam.rbl.msrbl.net	
 	virus.rbl.msrbl.net	
 	web.rbl.msrbl.net		
 	relays.nether.net	
 	trusted.nether.net	
 	unsure.nether.net	
 	ix.dnsbl.manitu.net	
 	no-more-funn.moensted.dk		
 	nospam.ant.pl	
 	wl.nszones.com	
 	dyn.nszones.com	
 	sbl.nszones.com	
 	bl.nszones.com	
 	rbl.orbitrbl.com	
 	netblock.pedantic.org	
 	spam.pedantic.org	
 	pofon.foobar.hu	pofon.foobar.hu	
 	rbl.polarcomm.net		
 	dnsbl.proxybl.org	
 	psbl.surriel.com	
 	whitelist.surriel.com	
 	all.rbl.jp	
 	short.rbl.jp	
 	virus.rbl.jp	
 	rbl.schulte.org	
 	rbl.talkactive.net		
 	eswlrev.dnsbl.rediris.es	
 	mtawlrev.dnsbl.rediris.es	
 	dnsbl.rizon.net	
 	dynip.rothen.com	
 	asn.routeviews.org	
 	aspath.routeviews.org	
 	dul.ru	
 	dnsbl.rymsho.ru	
 	all.s5h.net	
 	tor.dnsbl.sectoor.de	
 	exitnodes.tor.dnsbl.sectoor.de	
 	sa.senderbase.org	
 	bl.score.senderscore.com	
 	rhswl.shlink.org
 	wl.shlink.org	
 	dnsbl.sorbs.net	
 	problems.dnsbl.sorbs.net	
 	proxies.dnsbl.sorbs.net	
 	relays.dnsbl.sorbs.net	
 	safe.dnsbl.sorbs.net	
 	dul.dnsbl.sorbs.net	
 	zombie.dnsbl.sorbs.net	
 	block.dnsbl.sorbs.net	
 	escalations.dnsbl.sorbs.net	
 	http.dnsbl.sorbs.net	
 	misc.dnsbl.sorbs.net	
 	smtp.dnsbl.sorbs.net	
 	socks.dnsbl.sorbs.net	
 	spam.dnsbl.sorbs.net	
 	recent.spam.dnsbl.sorbs.net	
 	new.spam.dnsbl.sorbs.net	
 	old.spam.dnsbl.sorbs.net	
 	web.dnsbl.sorbs.net	
 	korea.services.net	
 	geobl.spameatingmonkey.net	
 	backscatter.spameatingmonkey.net	
 	badnets.spameatingmonkey.net	
 	bl.spameatingmonkey.net	
 	netbl.spameatingmonkey.net	
 	all.spam-rbl.fr	
 	bl.spamcannibal.org	
 	dnsbl.spam-champuru.livedoor.com	
 	bl.spamcop.net	
 	_vouch.dwl.spamhaus.org	
 	pbl.spamhaus.org	
 	sbl.spamhaus.org	
 	sbl-xbl.spamhaus.org	
 	swl.spamhaus.org	
 	xbl.spamhaus.org	
 	zen.spamhaus.org	
 	feb.spamlab.com	
 	rbl.spamlab.com	
 	all.spamrats.com	
 	dyna.spamrats.com	
 	noptr.spamrats.com	
 	spam.spamrats.com	
 	spamsources.fabel.dk	
 	bl.spamstinks.com	
 	dul.pacifier.net	
 	multi.surbl.org	
 	xs.surbl.org	
 	srn.surgate.net	
 	dnsrbl.swinog.ch	
 	st.technovision.dk	
 	opm.tornevall.org	
 	r.mail-abuse.com	
 	q.mail-abuse.com	
 	rbl2.triumf.ca	
 	wbl.triumf.ca	
 	truncate.gbudb.net	
 	dnsbl-0.uceprotect.net	
 	dnsbl-1.uceprotect.net	
 	dnsbl-2.uceprotect.net	
 	dnsbl-3.uceprotect.net	
 	ubl.unsubscore.com	
 	white.uribl.com	
 	ip.v4bl.org	
 	virbl.dnsbl.bit.nl	
 	dnsbl.webequipped.com	
 	ips.whitelisted.org	
 	blacklist.woody.ch	
 	db.wpbl.info	
 	bl.blocklist.de	
 	dnsbl.zapbl.net	
 "
 # Clear old Logfiles 
 test -n $LogRBLfile && rm $LogRBLfile
 test -n $Logfile && rm $LogFile
 test -n $LogRBLfileWarn && rm $LogRBLfileWarn
 # Loop trough all IPs
 for ip in $allip ; do
 	# Reverse the IP
 	reverse=$(echo $ip | sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
 	# Loop trough all Blacklists with reversed IP
 	for BL in ${BLISTS} ; do
 	    # Print the date (without linefeed)
 	    printf $(env TZ='Europe/Berlin' date "+%d-%m-%Y %H:%M") >> $LogFile
 	    # Show the IP and the name of the blacklist
 	    printf "%-40s" " IP $ip | Blacklist http://${BL} " >> $LogFile
 	    # Use dig to lookup the name in the blacklist
 	    LISTED="$(dig +short -t a ${reverse}.${BL}.)" 
 	    echo ${LISTED:----} >> $LogFile
 	done
 done
 # Search output  
 egrep -v "(reached|\-)"$ $LogFile >> $LogRBLfile
 egrep "reached"$ $LogFile >> $LogRBLfileWarn

 # Check log
 if [ -s $LogRBLfile ]; then
 	echo "Please check http://multirbl.valli.org/list/ for further information about the blacklists" >> $LogRBLfile
    for mailaddress in $mail; do
        # Send mail with current excerpt of log
        mail -s "** Service Alert: Mailserver on Blacklist **" $mailaddress < $LogRBLfile
    done
 fi

 exit $?
	#!/bin/sh
	####
	# Titel dnsbl_check
	# Descritption This Script checks multiple ips and blacklist
	####
	# Mail recipients (multiple mail addresses separated by whitespace)
	mail=''
	# Logfiles
	LogFile='/tmp/rbltemp.log'
	LogRBLfile='/var/log/rblfound.log'
	# In case a list isn't responding
	LogRBLfileWarn='/var/log/rblfound_warn.log'
	# All Mailserver IPs
	# The format is chosen to make it easy to add or delete
	# The shell will strip multiple whitespace
	allip='
	0.0.0.0
	1.1.1.1
	'
	# Check if an IP address is listed on one of the following blacklists
	BLISTS="
	0spam.fusionzero.com
	0spam-killlist.fusionzero.com
	combined.abuse.ch
	drone.abuse.ch
	spam.abuse.ch
	httpbl.abuse.ch
	ipbl.zeustracker.abuse.ch
	rbl.abuse.ro
	spam.dnsbl.anonmails.de
	list.anonwhois.net
	dnsbl.anticaptcha.net
	orvedb.aupads.org
	rsbl.aupads.org
	aspews.ext.sorbs.net
	dnsbl.aspnet.hu
	ips.backscatterer.org
	b.barracudacentral.org
	bb.barracudacentral.org
	list.bbfh.org
	l1.bbfh.ext.sorbs.net
	l2.bbfh.ext.sorbs.net
	l3.bbfh.ext.sorbs.net
	l4.bbfh.ext.sorbs.net
	bbm.2ch.net
	niku.2ch.net
	bbx.2ch.net
	bitonly.dnsbl.bit.nl
	netscan.rbl.blockedservers.com
	rbl.blockedservers.com
	spam.rbl.blockedservers.com
	list.blogspambl.com
	bsb.empty.us
	bsb.spamlookup.net
	query.bondedsender.org
	plus.bondedsender.org
	dnsbl.burnt-tech.com
	blacklist.sci.kun.nl
	whitelist.sci.kun.nl
	rot.blackhole.cantv.net
	cbl.anti-spam.org.cn
	cblplus.anti-spam.org.cn
	cblless.anti-spam.org.cn
	cdl.anti-spam.org.cn
	cml.anti-spam.org.cn
	CBL cbl.abuseat.org
	rbl.choon.net
	rwl.choon.net
	dnsbl.cyberlogic.net
	bogons.cymru.com
	v4.fullbogons.cymru.com
	tor.dan.me.uk
	torexit.dan.me.uk
	rbl.dns-servicios.com
	dnsbl.ipocalypse.net
	dnsbl.mags.net
	dnsbl.mcu.edu.tw
	dnsbl.rv-soft.info
	dnsblchile.org
	vote.drbl.caravan.ru
	vote.drbldf.dsbl.ru
	vote.drbl.gremlin.ru
	work.drbl.caravan.ru
	work.drbldf.dsbl.ru
	work.drbl.gremlin.ru
	bl.drmx.org
	DroneBL dnsbl.dronebl.org
	rbl.efnet.org
	rbl.efnetrbl.org
	tor.efnet.org
	bl.emailbasura.org
	rbl.fasthosts.co.uk
	fnrbl.fast.net
	forbidden.icm.edu.pl
	88.blocklist.zap
	hil.habeas.com
	accredit.habeas.com
	sa-accredit.habeas.com
	hul.habeas.com
	sohul.habeas.com
	lookup.dnsbl.iip.lu
	spamrbl.imp.ch
	wormrbl.imp.ch
	dnsbl.inps.de
	dnswl.inps.de
	intercept.datapacket.net
	rbl.interserver.net
	netblock.dnsl.ipquery.org
	relay.dnsl.ipquery.org
	single.dnsl.ipquery.org
	iadb.isipp.com
	iadb2.isipp.com
	iddb.isipp.com
	wadb.isipp.com
	whitelist.rbl.ispa.at
	mail-abuse.blacklist.jippg.org
	dnsbl.justspam.org
	dnsbl.kempt.net
	spamlist.or.kr
	bl.konstant.no
	admin.bl.kundenserver.de
	relays.bl.kundenserver.de
	schizo-bl.kundenserver.de
	spamblock.kundenserver.de
	worms-bl.kundenserver.de
	spamguard.leadmon.net
	ipbl.mailhosts.org
	ipwl.mailhosts.org
	rhswl.mailhosts.org
	shortlist.mailhosts.org
	xpews.mailhosts.org
	bl.mailspike.net
	z.mailspike.net
	bl.mav.com.br
	cidr.bl.mcafee.com
	rbl.megarbl.net
	dnsbl.forefront.microsoft.com
	bl.mipspace.com
	combined.rbl.msrbl.net
	images.rbl.msrbl.net
	phishing.rbl.msrbl.net
	spam.rbl.msrbl.net
	virus.rbl.msrbl.net
	web.rbl.msrbl.net
	relays.nether.net
	trusted.nether.net
	unsure.nether.net
	ix.dnsbl.manitu.net
	no-more-funn.moensted.dk
	nospam.ant.pl
	wl.nszones.com
	dyn.nszones.com
	sbl.nszones.com
	bl.nszones.com
	rbl.orbitrbl.com
	netblock.pedantic.org
	spam.pedantic.org
	pofon.foobar.hu pofon.foobar.hu
	rbl.polarcomm.net
	dnsbl.proxybl.org
	psbl.surriel.com
	whitelist.surriel.com
	all.rbl.jp
	short.rbl.jp
	virus.rbl.jp
	rbl.schulte.org
	rbl.talkactive.net
	eswlrev.dnsbl.rediris.es
	mtawlrev.dnsbl.rediris.es
	dnsbl.rizon.net
	dynip.rothen.com
	asn.routeviews.org
	aspath.routeviews.org
	dul.ru
	dnsbl.rymsho.ru
	all.s5h.net
	tor.dnsbl.sectoor.de
	exitnodes.tor.dnsbl.sectoor.de
	sa.senderbase.org
	bl.score.senderscore.com
	rhswl.shlink.org
	wl.shlink.org
	dnsbl.sorbs.net
	problems.dnsbl.sorbs.net
	proxies.dnsbl.sorbs.net
	relays.dnsbl.sorbs.net
	safe.dnsbl.sorbs.net
	dul.dnsbl.sorbs.net
	zombie.dnsbl.sorbs.net
	block.dnsbl.sorbs.net
	escalations.dnsbl.sorbs.net
	http.dnsbl.sorbs.net
	misc.dnsbl.sorbs.net
	smtp.dnsbl.sorbs.net
	socks.dnsbl.sorbs.net
	spam.dnsbl.sorbs.net
	recent.spam.dnsbl.sorbs.net
	new.spam.dnsbl.sorbs.net
	old.spam.dnsbl.sorbs.net
	web.dnsbl.sorbs.net
	korea.services.net
	geobl.spameatingmonkey.net
	backscatter.spameatingmonkey.net
	badnets.spameatingmonkey.net
	bl.spameatingmonkey.net
	netbl.spameatingmonkey.net
	all.spam-rbl.fr
	bl.spamcannibal.org
	dnsbl.spam-champuru.livedoor.com
	bl.spamcop.net
	_vouch.dwl.spamhaus.org
	pbl.spamhaus.org
	sbl.spamhaus.org
	sbl-xbl.spamhaus.org
	swl.spamhaus.org
	xbl.spamhaus.org
	zen.spamhaus.org
	feb.spamlab.com
	rbl.spamlab.com
	all.spamrats.com
	dyna.spamrats.com
	noptr.spamrats.com
	spam.spamrats.com
	spamsources.fabel.dk
	bl.spamstinks.com
	dul.pacifier.net
	multi.surbl.org
	xs.surbl.org
	srn.surgate.net
	dnsrbl.swinog.ch
	st.technovision.dk
	opm.tornevall.org
	r.mail-abuse.com
	q.mail-abuse.com
	rbl2.triumf.ca
	wbl.triumf.ca
	truncate.gbudb.net
	dnsbl-0.uceprotect.net
	dnsbl-1.uceprotect.net
	dnsbl-2.uceprotect.net
	dnsbl-3.uceprotect.net
	ubl.unsubscore.com
	white.uribl.com
	ip.v4bl.org
	virbl.dnsbl.bit.nl
	dnsbl.webequipped.com
	ips.whitelisted.org
	blacklist.woody.ch
	db.wpbl.info
	bl.blocklist.de
	dnsbl.zapbl.net
	"
	# Clear old Logfiles
	test -n $LogRBLfile && rm $LogRBLfile
	test -n $Logfile && rm $LogFile
	test -n $LogRBLfileWarn && rm $LogRBLfileWarn
	# Loop trough all IPs
	for ip in $allip ; do
	# Reverse the IP
	reverse=$(echo $ip \| sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
	# Loop trough all Blacklists with reversed IP
	for BL in ${BLISTS} ; do
	# Print the date (without linefeed)
	printf $(env TZ='Europe/Berlin' date "+%d-%m-%Y %H:%M") >> $LogFile
	# Show the IP and the name of the blacklist
	printf "%-40s" " IP $ip \| Blacklist http://${BL} " >> $LogFile
	# Use dig to lookup the name in the blacklist
	LISTED="$(dig +short -t a ${reverse}.${BL}.)"
	echo ${LISTED:----} >> $LogFile
	done
	done
	# Search output
	egrep -v "(reached\|\-)"$ $LogFile >> $LogRBLfile
	egrep "reached"$ $LogFile >> $LogRBLfileWarn

	# Check log
	if [ -s $LogRBLfile ]; then
	echo "Please check http://multirbl.valli.org/list/ for further information about the blacklists" >> $LogRBLfile
	for mailaddress in $mail; do
	# Send mail with current excerpt of log
	mail -s " Service Alert: Mailserver on Blacklist " $mailaddress < $LogRBLfile
	done
	fi

	exit $?