Created
June 22, 2018 22:07
-
-
Save lanbugs/b78eb0846d3bfa69890a243ff23b55d4 to your computer and use it in GitHub Desktop.
Check mailserver blacklists for Nagios / Check_MK
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- encoding: utf-8; py-indent-offset: 4 -*- | |
# | |
# check_dnspl.py - Check IP against Blacklist | |
# Use it on your own risk! | |
# | |
# Written 2017 - Maximilian Thoma | |
# | |
# This program is free software; you can redistribute it and/or modify it under the terms of the GNU | |
# General Public License as published by the Free Software Foundation; either version 2 of the | |
# License, or (at your option) any later version. | |
# | |
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without | |
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
# General Public License for more details. | |
# | |
# You should have received a copy of the GNU General Public License along with this program; if not, | |
# write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA | |
# | |
import getopt | |
import sys | |
import socket | |
# Define blacklists to be checked | |
blacklists = [ | |
'all.s5h.net', | |
'b.barracudacentral.org', | |
'bl.emailbasura.org', | |
'bl.spamcannibal.org', | |
'bl.spamcop.net', | |
'blacklist.woody.ch', | |
'bogons.cymru.com', | |
'cbl.abuseat.org', | |
# 'cdl.anti-spam.org.cn', | |
'combined.abuse.ch', | |
'db.wpbl.info', | |
'dnsbl-1.uceprotect.net', | |
'dnsbl-2.uceprotect.net', | |
'dnsbl-3.uceprotect.net', | |
'dnsbl.anticaptcha.net', | |
'dnsbl.cyberlogic.net', | |
'dnsbl.dronebl.org', | |
'dnsbl.inps.de', | |
'dnsbl.sorbs.net', | |
'drone.abuse.ch', | |
'drone.abuse.ch', | |
'duinv.aupads.org', | |
'dul.dnsbl.sorbs.net', | |
'dyna.spamrats.com', | |
'dynip.rothen.com', | |
'exitnodes.tor.dnsbl.sectoor.de', | |
'http.dnsbl.sorbs.net', | |
'ips.backscatterer.org', | |
'ix.dnsbl.manitu.net', | |
'korea.services.net', | |
'misc.dnsbl.sorbs.net', | |
'noptr.spamrats.com', | |
'orvedb.aupads.org', | |
'pbl.spamhaus.org', | |
'proxy.bl.gweep.ca', | |
'psbl.surriel.com', | |
'relays.bl.gweep.ca', | |
'relays.nether.net', | |
'sbl.spamhaus.org', | |
'short.rbl.jp', | |
'singular.ttk.pte.hu', | |
'smtp.dnsbl.sorbs.net', | |
'socks.dnsbl.sorbs.net', | |
'spam.abuse.ch', | |
'spam.dnsbl.sorbs.net', | |
'spam.spamrats.com', | |
'spambot.bls.digibase.ca', | |
'spamrbl.imp.ch', | |
'spamsources.fabel.dk', | |
'ubl.lashback.com', | |
'ubl.unsubscore.com', | |
'virus.rbl.jp', | |
'web.dnsbl.sorbs.net', | |
'wormrbl.imp.ch', | |
'xbl.spamhaus.org', | |
'z.mailspike.net', | |
'zen.spamhaus.org', | |
'zombie.dnsbl.sorbs.net', | |
] | |
def check_if_valid_host_ip(ip): | |
try: | |
socket.inet_aton(ip) | |
return True | |
except socket.error: | |
return False | |
def revert_ip(ip): | |
x = ip.split('.') | |
return x[3] + '.' + x[2] + '.' + x[1] + '.' + x[0] | |
def bls(olist): | |
x = '' | |
for bl in olist: | |
x += bl + " " | |
return x | |
def log(debug, s): | |
if debug: | |
print s | |
def usage(): | |
print "check_dnsbl.py - Check IP against DNS blacklists.\n" \ | |
" -H, --host <hostname or ip> Hostname or IP\n" \ | |
" -d, --debug Debug Modus\n" \ | |
" -h, --help Help" | |
def main(): | |
try: | |
opts, args = getopt.getopt(sys.argv[1:], "H:dh", ['host=', 'debug', 'help']) | |
except getopt.GetoptError as err: | |
print str(err) | |
sys.exit(2) | |
found_h = False | |
host = None | |
debug = False | |
for o, a in opts: | |
if o in ('-H', '--host'): | |
host = a | |
found_h = True | |
if o in ('-d', '--debug'): | |
debug = True | |
if o in ('-h', '--help'): | |
usage() | |
sys.exit(2) | |
if not found_h: | |
print "-H is not given" | |
usage() | |
sys.exit(2) | |
# print host | |
# print debug | |
# Check if valid Host IP | |
if check_if_valid_host_ip(host) is not True: | |
try: | |
resolved_ip = socket.gethostbyname(host) | |
except socket.gaierror: | |
sys.stderr.write('Unable to make an DNS lookup, provided IP or hostname is invalid.') | |
sys.exit(2) | |
if check_if_valid_host_ip(resolved_ip) is not True: | |
sys.stderr.write('Error no valid IP address.') | |
sys.exit(2) | |
else: | |
ip = resolved_ip | |
else: | |
ip = host | |
# Revert IP | |
rip = revert_ip(ip) | |
# Init variables | |
negative_result_buffer = [] | |
for bl in blacklists: | |
# Init Result | |
result = '' | |
# Build query string | |
q = rip + '.' + bl | |
log(debug, q) | |
# Query DNS | |
try: | |
result = socket.gethostbyname(q) | |
log(debug, "Result: %s" % result) | |
except socket.error: | |
log(debug, "No result") | |
pass | |
if "127.0.0" in result: | |
log(debug, "Found 127.0.0 in result.") | |
negative_result_buffer.append(bl) | |
if len(negative_result_buffer) == 0: | |
print "OK - %s (%s) is not listed at: %s" % (host, ip, bls(blacklists)) | |
sys.exit(0) | |
else: | |
print "CRITICAL - %s (%s) ist listed at: %s" % (host, ip, bls(negative_result_buffer)) | |
sys.exit(2) | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment