Blacklist monitoring script for Zabbix.

blcheck.sh

#!/usr/bin/env bash
DEBUG="$2"
IP="$1"
blstatus=0

# RBL list from http://www.anti-abuse.org/multi-rbl-check/, slightly customized
RBL="bl.spamcop.net cbl.abuseat.org b.barracudacentral.org dnsbl.sorbs.net http.dnsbl.sorbs.net dul.dnsbl.sorbs.net misc.dnsbl.sorbs.net smtp.dnsbl.sorbs.net socks.dnsbl.sorbs.net spam.dnsbl.sorbs.net web.dnsbl.sorbs.net zombie.dnsbl.sorbs.net dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net dnsbl-3.uceprotect.net bl.spamcannibal.org psbl.surriel.com ubl.unsubscore.com rbl.spamlab.com dyna.spamrats.com noptr.spamrats.com spam.spamrats.com cbl.anti-spam.org.cn cdl.anti-spam.org.cn dnsbl.inps.de drone.abuse.ch httpbl.abuse.ch dul.ru spamrbl.imp.ch wormrbl.imp.ch virbl.bit.nl rbl.suresupport.com dsn.rfc-ignorant.org ips.backscatterer.org spamguard.leadmon.net opm.tornevall.org netblock.pedantic.org black.uribl.com grey.uribl.com multi.surbl.org ix.dnsbl.manitu.net blackholes.mail-abuse.org rbl-plus.mail-abuse.org dnsbl.dronebl.org rbl.interserver.net query.senderbase.org bogons.cymru.com"

r_ip=$(echo $IP|awk -F"." '{for(i=NF;i>0;i--) printf i!=1?$i".":"%s",$i}')

for rbl in $RBL
do
	if [ ! -z "$DEBUG" ]
    then
			echo "testing $IP against $rbl"
	fi

	result=$(dig +short $r_ip.$rbl)
    
	if [ ! -z "$result" ]
    then
			blstatus=1
			if [ ! -z "$DEBUG" ]
			then
			  echo "$server ($IP) is in $rbl with code $result"
			fi

  fi
done

echo $blstatus

hi there, just curious how would i put the script on the zabbix monitor? or would i need to put each script on each email server?
and as for the variable IP="$1" i would change it to IP="$181.xx.xx.xx"
Thank you

I'm used this as External item blcheck.sh[<ip-address>]. You can also use discovery rules if your IP is changing.

Thanks for the reply i have a different script but not sure if it would be possible to add it on zabbix?

https://pastebin.com/219JCbr0