Skip to content

Instantly share code, notes, and snippets.

@FlorianHeigl

FlorianHeigl/rbl_check

Created October 1, 2020 15:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save FlorianHeigl/7c15f52fe48d877c22d17af9f4be7026 to your computer and use it in GitHub Desktop.
Save FlorianHeigl/7c15f52fe48d877c22d17af9f4be7026 to your computer and use it in GitHub Desktop.
Download ZIP
rbl check
Raw
rbl_check
#!/usr/bin/python
# -*- encoding: utf-8; py-indent-offset: 4 -*-
# (c) 2013 Heinlein Support GmbH
# Robert Sander <r.sander@heinlein-support.de>
# This is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation in version 2. This file is distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more de-
# ails. You should have received a copy of the GNU General Public
# License along with GNU Make; see the file COPYING. If not, write
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.
def inventory_rbl_check(info):
inventory = set()
for line in info:
inventory.add((line[0], None))
return list(inventory)
def check_rbl_check(item, params, info):
res = []
for line in info:
if line[0] == item:
if line[2] == 'found':
res.append('found in %s' % line[1])
if res:
return(2, ", ".join(res))
return(0, "not found in any RBL")
check_info["rbl_check"] = {
'check_function': check_rbl_check,
'inventory_function': inventory_rbl_check,
'service_description': 'RBL Check %s',
'has_perfdata': False,
}
Raw
rbl_check.py
#!/usr/bin/python
# Sven Holter
# rbl check
import dns.resolver
import dns.exception
import sys
import netifaces
print '<<<rbl_check>>>'
dnbl= ["cbl.abuseat.org", "b.barracudacentral.org", "zen.spamhaus.org", "ix.dnsbl.manitu.net", "zombie.dnsbl.sorbs.net" ]
# die waren schon auskommentiert, habe noch zombie hochgetan
#"b.barracudacentral.org", "dnsbl.sorbs.net", "http.dnsbl.sorbs.net", "dul.dnsbl.sorbs.net", "misc.dnsbl.sorbs.net", "smtp.dnsbl.sorbs.net", "socks.dnsbl.sorbs.net", "spam.dnsbl.sorbs.net", "web.dnsbl.sorbs.net", "zombie.dnsbl.sorbs.net", "dnsbl-1.uceprotect.net", "dnsbl-2.uceprotect.net", "dnsbl-3.uceprotect.net", "pbl.spamhaus.org", "sbl.spamhaus.org", "xbl.spamhaus.org", "zen.spamhaus.org", "bl.spamcannibal.org", "psbl.surriel.com", "ubl.unsubscore.com", "dnsbl.njabl.org", "combined.njabl.org", "rbl.spamlab.com", "dnsbl.ahbl.org","ircbl.ahbl.org", "dyna.spamrats.com", "noptr.spamrats.com", "spam.spamrats.com", "cbl.anti-spam.org.cn", "cdl.anti-spam.org.cn", "dnsbl.inps.de","drone.abuse.ch", "httpbl.abuse.ch", "dul.ru", "korea.services.net", "short.rbl.jp", "virus.rbl.jp", "spamrbl.imp.ch", "wormrbl.imp.ch", "virbl.bit.nl", "rbl.suresupport.com", "dsn.rfc-ignorant.org", "ips.backscatterer.org", "spamguard.leadmon.net", "opm.tornevall.org", "netblock.pedantic.org", "multi.surbl.org", "ix.dnsbl.manitu.net", "tor.dan.me.uk", "rbl.efnetrbl.org", "relays.mail-abuse.org", "blackholes.mail-abuse.org", "rbl-plus.mail-abuse.org", "dnsbl.dronebl.org", "access.redhawk.org", "db.wpbl.info", "rbl.interserver.net", "query.senderbase.org", "bogons.cymru.com", "csi.cloudmark.com")
def check_rbl(ip, dnsbl):
if ip == '127.0.0.1':
return
revip = ".".join(reversed(ip.split('.')))
# print dnsbl, revip
data = False
try:
data = dns.resolver.query(revip + '.' + dnsbl + '.')
# print data
except dns.exception.DNSException:
pass
if data:
print ip, dnsbl, "found"
else:
print ip, dnsbl, "notfound"
#for interface in netifaces.interfaces():
# if netifaces.AF_INET in netifaces.ifaddresses(interface):
for ip in [ "your_exp_ip" ]:
for name in dnbl:
check_rbl(ip, name)
# wtf is that for.
#for name in dnbl:
# check_rbl("127.0.0.2", name)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment