DNS blacklist cleanup and more meaningful return codes

2011-09-12 22:54:17 +02:00 · 2011-09-12 22:54:17 +02:00 · bc3ed3c438
commit bc3ed3c438
parent 3324a788e5
1 changed files with 43 additions and 20 deletions
--- a/rblcheck.sh
+++ b/rblcheck.sh
@ -2,19 +2,31 @@
 # Author:  Oliver Ladner <oli@lugh.ch>
 # License: LGPL
 #
-# Checks if given IP is listed on any of the "major" DNSBL.
-# I used this list: http://spamlinks.net/filter-dnsbl-lists.htm
+# Checks if given IP is listed on various DNSBL found on:
+# - http://multirbl.valli.org/list/
+# - http://mxtoolbox.com
+# - http://www.anti-abuse.org
 #
 # Requires these commands: host, dig, awk, tr, dirname
 # - We can't rely on host/dig return codes!

 # Return codes:
-# 0 = no listings
-# 4 = listed
+# 0  = no listings
+# 1  = listed in 1 RBL
+# 10 = listed in 10 or more RBLs

 # Define all DNSBL to test against
-dnsbl=(b.barracudacentral.org
-bl.deadbeef.com
+dnsbl=(
+cblplus.anti-spam.org.cn
+0spam.fusionzero.com
+0spam-killlist.fusionzero.com
+b.barracudacentral.org
+#bl.deadbeef.com
+dnsbl.ahbl.org
+ircbl.ahbl.org
+#tor.ahbl.org
+bsb.empty.us
+l2.apews.org
 #bl.emailbasura.org
 bl.spamcannibal.org
 bl.spamcop.net
@ -23,33 +35,38 @@ blacklist.woody.ch
 bogons.cymru.com
 cbl.abuseat.org
 cdl.anti-spam.org.cn
-combined.abuse.ch
 combined.rbl.msrbl.net
 db.wpbl.info
+combined.abuse.ch
 drone.abuse.ch
+spam.abuse.ch
+httpbl.abuse.ch
 dnsbl-1.uceprotect.net
 dnsbl-2.uceprotect.net
 dnsbl-3.uceprotect.net
-dnsbl.ahbl.org
 #dnsbl.cyberlogic.net
 dnsbl.inps.de
 dnsbl.njabl.org
 dnsbl.sorbs.net
-dnsrbl.swinog.ch
-#duinv.aupads.org
 dul.dnsbl.sorbs.net
+http.dnsbl.sorbs.net
+misc.dnsbl.sorbs.net
+smtp.dnsbl.sorbs.net
+socks.dnsbl.sorbs.net
+spam.dnsbl.sorbs.net
+zombie.dnsbl.sorbs.net
+dnsrbl.swinog.ch
+uribl.swinog.ch
+#duinv.aupads.org
 dul.ru
 dyna.spamrats.com
 #dynip.rothen.com
 #fl.chickenboner.biz
 hostkarma.junkemailfilter.com
-http.dnsbl.sorbs.net
 images.rbl.msrbl.net
 ips.backscatterer.org
-ircbl.ahbl.org
 ix.dnsbl.manitu.net
 korea.services.net
-misc.dnsbl.sorbs.net
 noptr.spamrats.com
 #ohps.dnsbl.net.au
 #omrs.dnsbl.net.au
@ -75,16 +92,11 @@ relaytest.kundenserver.de
 #ricn.dnsbl.net.au
 #rmst.dnsbl.net.au
 short.rbl.jp
-smtp.dnsbl.sorbs.net
-socks.dnsbl.sorbs.net
-spam.abuse.ch
-spam.dnsbl.sorbs.net
 spam.rbl.msrbl.net
 spam.spamrats.com
 spamlist.or.kr
 spamrbl.imp.ch
 #t3direct.dnsbl.net.au
-#tor.ahbl.org
 tor.dnsbl.sectoor.de
 torserver.tor.dnsbl.sectoor.de
 ubl.lashback.com
@ -96,7 +108,12 @@ virus.rbl.msrbl.net
 web.dnsbl.sorbs.net
 wormrbl.imp.ch
 zen.spamhaus.org
-zombie.dnsbl.sorbs.net)
+abuse.rfc-ignorant.org
+bogusmx.rfc-ignorant.org
+dsn.rfc-ignorant.org
+postmaster.rfc-ignorant.org
+whois.rfc-ignorant.org
+)

 # No need to edit anything below this line

@ -167,7 +184,7 @@ function check_rbl {
       fi
 }

-echo -e "Mailserver:\t$INPUT"
+echo -e "Mailserver:\t$INPUT ($(dig -t TXT +short +noauthority +noadditional +nostats $(ip_reverse).zz.countries.nerd.dk | grep '[a-z]' ))"

 # dnsbl array counter
 b=-1
@ -190,5 +207,11 @@ echo -e "Listings:\t$LISTED ($PERC %)"

 # Set return code
 if [ $LISTED -gt 0 ]; then
-       exit 4
+	if [ $LISTED -eq 1 ]; then
+		exit 1
+	elif [ $LISTED -ge 10 ]; then
+		exit 10
+	fi
+else
+	exit 0
 fi