initial upload

rblcheck.sh

@@ -0,0 +1,190 @@
+#!/usr/bin/env bash
+# Checks if given IP is listed on any of the "major" DNSBL.
+# I used this list: http://spamlinks.net/filter-dnsbl-lists.htm
+#
+# Requires these commands: host, dig, awk, tr, dirname
+# - We can't rely on host/dig return codes!
+
+# Return codes:
+# 0 = no listings
+# 4 = listed
+
+# Define all DNSBL to test against
+dnsbl=(b.barracudacentral.org
+bl.deadbeef.com
+#bl.emailbasura.org
+bl.spamcannibal.org
+bl.spamcop.net
+blackholes.five-ten-sg.com
+blacklist.woody.ch
+bogons.cymru.com
+cbl.abuseat.org
+cdl.anti-spam.org.cn
+combined.abuse.ch
+combined.rbl.msrbl.net
+db.wpbl.info
+dnsbl-1.uceprotect.net
+dnsbl-2.uceprotect.net
+dnsbl-3.uceprotect.net
+dnsbl.ahbl.org
+dnsbl.cyberlogic.net
+dnsbl.inps.de
+dnsbl.njabl.org
+dnsbl.sorbs.net
+dnsrbl.swinog.ch
+#duinv.aupads.org
+dul.dnsbl.sorbs.net
+dul.ru
+dyna.spamrats.com
+#dynip.rothen.com
+#fl.chickenboner.biz
+hostkarma.junkemailfilter.com
+http.dnsbl.sorbs.net
+images.rbl.msrbl.net
+ips.backscatterer.org
+ircbl.ahbl.org
+ix.dnsbl.manitu.net
+korea.services.net
+misc.dnsbl.sorbs.net
+noptr.spamrats.com
+#ohps.dnsbl.net.au
+#omrs.dnsbl.net.au
+#opm.blitzed.org
+orvedb.aupads.org
+#osps.dnsbl.net.au
+#osrs.dnsbl.net.au
+#owfs.dnsbl.net.au
+#owps.dnsbl.net.au
+phishing.rbl.msrbl.net
+#probes.dnsbl.net.au
+#proxy.bl.gweep.ca
+#proxy.block.transip.nl
+psbl.surriel.com
+rbl.efnet.org
+rbl.interserver.net
+#rdts.dnsbl.net.au
+#relays.bl.gweep.ca
+relays.bl.kundenserver.de
+#relays.nether.net
+relaytest.kundenserver.de
+#residential.block.transip.nl
+#ricn.dnsbl.net.au
+#rmst.dnsbl.net.au
+short.rbl.jp
+smtp.dnsbl.sorbs.net
+socks.dnsbl.sorbs.net
+spam.abuse.ch
+spam.dnsbl.sorbs.net
+spam.rbl.msrbl.net
+spam.spamrats.com
+spamlist.or.kr
+spamrbl.imp.ch
+#t3direct.dnsbl.net.au
+#tor.ahbl.org
+tor.dnsbl.sectoor.de
+torserver.tor.dnsbl.sectoor.de
+ubl.lashback.com
+ubl.unsubscore.com
+virbl.bit.nl
+virbl.dnsbl.bit.nl
+virus.rbl.jp
+virus.rbl.msrbl.net
+web.dnsbl.sorbs.net
+wormrbl.imp.ch
+zen.spamhaus.org
+zombie.dnsbl.sorbs.net)
+
+# No need to edit anything below this line
+
+DNSBLCOUNT=${#dnsbl[*]}
+
+if [ -z $1 ]; then
+       echo "Usage: $(basename $0) <ip-address>"
+       exit 1
+fi
+
+INPUT=$1
+# If $INPUT is a DNS name, get IP
+if [ $(echo $INPUT | grep -c '[a-z]') -gt 0 ]; then
+	INPUT=$(dig +short $INPUT | tail -1)
+fi
+LISTED=0
+
+# Reverse an ip
+function ip_reverse {
+       # FIXME dumb
+       INPUT=$(echo $INPUT | tr -s "." " ")
+       INPUT=$(echo $INPUT | awk '{for (i=NF;i>=1;i--) printf $i" "} END{print ""}')
+       OUTPUT=$(echo $INPUT | tr -s " " ".")
+       echo $OUTPUT
+}
+
+# Query the RBL
+function check_rbl {
+       ARG=$1
+       if [ "$ARG" = "reachability" ]; then
+               RETURNED=$(host $a | grep -c NXDOMAIN)
+
+               if [ $RETURNED -gt 0 ]; then
+                       echo "$a ($b) not reachable, thus ignored."
+                       # Delete this entry from the array via id
+                       unset dnsbl[$b]
+               fi
+               WHATSLEFT=${#dnsbl[@]}
+       fi
+
+       if [ "$ARG" = "node" ]; then
+       # dig lookup with reversed ip
+       QUERY=$(dig -t ANY +noauthority +noadditional +nostats $(ip_reverse).$i | grep -E -w '(status:|TXT|(A|CNAME))')
+       QUERY_END=$(echo $QUERY | awk '{ print $NF }')
+
+
+       case $QUERY in
+
+       *NXDOMAIN*)
+               #echo "Not in $i"
+               ;;
+       #*127.0.0.2)
+       #        echo "$(ip_reverse) LISTED in $i"
+       #        ;;
+
+       # Almost all DNSBLs got a TXT record for listed IPs, we want these
+       *TXT*)
+               REASON_REMOTE=$(echo $QUERY | grep TXT | cut -d'"' -f2 | head -1)
+               echo "LISTED in $i ($REASON_REMOTE) "
+               LISTED=$(($LISTED+1))
+               ;;
+       # For those DNSBLs with no TXT record, just indicate the listing
+       *)
+               echo "LISTED in $i (no reason provided)"
+               LISTED=$(($LISTED+1))
+               ;;
+       esac
+       fi
+}
+
+echo -e "Mailserver:\t$INPUT"
+
+# dnsbl array counter
+b=-1
+
+# First check if the RBL is reachable
+for a in "${dnsbl[@]}"; do
+       b=$(($b+1))
+       check_rbl reachability
+done
+
+echo -e "DNSBLs:\t\t$DNSBLCOUNT ($WHATSLEFT reachable)"
+
+# Then query
+for i in "${dnsbl[@]}"; do
+       check_rbl node
+done
+
+PERC=$(echo "scale=3; ($LISTED / $WHATSLEFT) * 100" | bc)
+echo -e "Listings:\t$LISTED ($PERC %)"
+
+# Set return code
+if [ $LISTED -gt 0 ]; then
+       exit 4
+fi