malias/dnsbl_check_beta_lb.sh

## dnsbl_check_beta_lb.sh
#!/bin/sh
####
# Titel 			dnsbl_check
# Descritption 		This Script checks multiple ips and blacklist
####
# Mail recipients (multiple mail addresses separated by whitespace)
mail=''
# Logfiles
LogFile='/tmp/rbltemp.log'
LogRBLfile='/var/log/rblfound.log'
# In case a list isn't responding
LogRBLfileWarn='/var/log/rblfound_warn.log'
# All Mailserver IPs
# The format is chosen to make it easy to add or delete
# The shell will strip multiple whitespace
allip='
	0.0.0.0
	1.1.1.1
	'
# Check if an IP address is listed on one of the following blacklists
BLISTS="
	0spam.fusionzero.com
	0spam-killlist.fusionzero.com
	combined.abuse.ch
	drone.abuse.ch
	spam.abuse.ch
	httpbl.abuse.ch
	ipbl.zeustracker.abuse.ch
	rbl.abuse.ro
	spam.dnsbl.anonmails.de
	list.anonwhois.net
	dnsbl.anticaptcha.net
	orvedb.aupads.org
	rsbl.aupads.org
	aspews.ext.sorbs.net
	dnsbl.aspnet.hu
	ips.backscatterer.org
	b.barracudacentral.org
	bb.barracudacentral.org
	list.bbfh.org
	l1.bbfh.ext.sorbs.net
	l2.bbfh.ext.sorbs.net
	l3.bbfh.ext.sorbs.net
	l4.bbfh.ext.sorbs.net
	bbm.2ch.net
	niku.2ch.net
	bbx.2ch.net
	bitonly.dnsbl.bit.nl
	netscan.rbl.blockedservers.com
	rbl.blockedservers.com
	spam.rbl.blockedservers.com
	list.blogspambl.com
	bsb.empty.us
	bsb.spamlookup.net
	query.bondedsender.org
	plus.bondedsender.org
	dnsbl.burnt-tech.com
	blacklist.sci.kun.nl
	whitelist.sci.kun.nl
	rot.blackhole.cantv.net
	cbl.anti-spam.org.cn
	cblplus.anti-spam.org.cn
	cblless.anti-spam.org.cn
	cdl.anti-spam.org.cn
	cml.anti-spam.org.cn
	CBL	cbl.abuseat.org
	rbl.choon.net
	rwl.choon.net
	dnsbl.cyberlogic.net
	bogons.cymru.com
	v4.fullbogons.cymru.com
	tor.dan.me.uk
	torexit.dan.me.uk
	rbl.dns-servicios.com
	dnsbl.ipocalypse.net
	dnsbl.mags.net
	dnsbl.mcu.edu.tw
	dnsbl.rv-soft.info
	dnsblchile.org
	vote.drbl.caravan.ru
	vote.drbldf.dsbl.ru
	vote.drbl.gremlin.ru
	work.drbl.caravan.ru
	work.drbldf.dsbl.ru
	work.drbl.gremlin.ru
	bl.drmx.org
	DroneBL	dnsbl.dronebl.org
	rbl.efnet.org
	rbl.efnetrbl.org
	tor.efnet.org
	bl.emailbasura.org
	rbl.fasthosts.co.uk
	fnrbl.fast.net
	forbidden.icm.edu.pl
	88.blocklist.zap
	hil.habeas.com
	accredit.habeas.com
	sa-accredit.habeas.com
	hul.habeas.com
	sohul.habeas.com
	lookup.dnsbl.iip.lu
	spamrbl.imp.ch
	wormrbl.imp.ch
	dnsbl.inps.de
	dnswl.inps.de
	intercept.datapacket.net
	rbl.interserver.net
	netblock.dnsl.ipquery.org
	relay.dnsl.ipquery.org
	single.dnsl.ipquery.org
	iadb.isipp.com
	iadb2.isipp.com
	iddb.isipp.com
	wadb.isipp.com
	whitelist.rbl.ispa.at
	mail-abuse.blacklist.jippg.org
	dnsbl.justspam.org
	dnsbl.kempt.net
	spamlist.or.kr
	bl.konstant.no
	admin.bl.kundenserver.de
	relays.bl.kundenserver.de
	schizo-bl.kundenserver.de
	spamblock.kundenserver.de
	worms-bl.kundenserver.de
	spamguard.leadmon.net
	ipbl.mailhosts.org
	ipwl.mailhosts.org
	rhswl.mailhosts.org
	shortlist.mailhosts.org
	xpews.mailhosts.org
	bl.mailspike.net
	z.mailspike.net
	bl.mav.com.br
	cidr.bl.mcafee.com
	rbl.megarbl.net
	dnsbl.forefront.microsoft.com
	bl.mipspace.com
	combined.rbl.msrbl.net
	images.rbl.msrbl.net
	phishing.rbl.msrbl.net
	spam.rbl.msrbl.net
	virus.rbl.msrbl.net
	web.rbl.msrbl.net
	relays.nether.net
	trusted.nether.net
	unsure.nether.net
	ix.dnsbl.manitu.net
	no-more-funn.moensted.dk
	nospam.ant.pl
	wl.nszones.com
	dyn.nszones.com
	sbl.nszones.com
	bl.nszones.com
	rbl.orbitrbl.com
	netblock.pedantic.org
	spam.pedantic.org
	pofon.foobar.hu	pofon.foobar.hu
	rbl.polarcomm.net
	dnsbl.proxybl.org
	psbl.surriel.com
	whitelist.surriel.com
	all.rbl.jp
	short.rbl.jp
	virus.rbl.jp
	rbl.schulte.org
	rbl.talkactive.net
	eswlrev.dnsbl.rediris.es
	mtawlrev.dnsbl.rediris.es
	dnsbl.rizon.net
	dynip.rothen.com
	asn.routeviews.org
	aspath.routeviews.org
	dul.ru
	dnsbl.rymsho.ru
	all.s5h.net
	tor.dnsbl.sectoor.de
	exitnodes.tor.dnsbl.sectoor.de
	sa.senderbase.org
	bl.score.senderscore.com
	rhswl.shlink.org
	wl.shlink.org
	dnsbl.sorbs.net
	problems.dnsbl.sorbs.net
	proxies.dnsbl.sorbs.net
	relays.dnsbl.sorbs.net
	safe.dnsbl.sorbs.net
	dul.dnsbl.sorbs.net
	zombie.dnsbl.sorbs.net
	block.dnsbl.sorbs.net
	escalations.dnsbl.sorbs.net
	http.dnsbl.sorbs.net
	misc.dnsbl.sorbs.net
	smtp.dnsbl.sorbs.net
	socks.dnsbl.sorbs.net
	spam.dnsbl.sorbs.net
	recent.spam.dnsbl.sorbs.net
	new.spam.dnsbl.sorbs.net
	old.spam.dnsbl.sorbs.net
	web.dnsbl.sorbs.net
	korea.services.net
	geobl.spameatingmonkey.net
	backscatter.spameatingmonkey.net
	badnets.spameatingmonkey.net
	bl.spameatingmonkey.net
	netbl.spameatingmonkey.net
	all.spam-rbl.fr
	bl.spamcannibal.org
	dnsbl.spam-champuru.livedoor.com
	bl.spamcop.net
	_vouch.dwl.spamhaus.org
	pbl.spamhaus.org
	sbl.spamhaus.org
	sbl-xbl.spamhaus.org
	swl.spamhaus.org
	xbl.spamhaus.org
	zen.spamhaus.org
	feb.spamlab.com
	rbl.spamlab.com
	all.spamrats.com
	dyna.spamrats.com
	noptr.spamrats.com
	spam.spamrats.com
	spamsources.fabel.dk
	bl.spamstinks.com
	dul.pacifier.net
	multi.surbl.org
	xs.surbl.org
	srn.surgate.net
	dnsrbl.swinog.ch
	st.technovision.dk
	opm.tornevall.org
	r.mail-abuse.com
	q.mail-abuse.com
	rbl2.triumf.ca
	wbl.triumf.ca
	truncate.gbudb.net
	dnsbl-0.uceprotect.net
	dnsbl-1.uceprotect.net
	dnsbl-2.uceprotect.net
	dnsbl-3.uceprotect.net
	ubl.unsubscore.com
	white.uribl.com
	ip.v4bl.org
	virbl.dnsbl.bit.nl
	dnsbl.webequipped.com
	ips.whitelisted.org
	blacklist.woody.ch
	db.wpbl.info
	bl.blocklist.de
	dnsbl.zapbl.net
"
# Clear old Logfiles
test -n $LogRBLfile && rm $LogRBLfile
test -n $Logfile && rm $LogFile
test -n $LogRBLfileWarn && rm $LogRBLfileWarn
# Loop trough all IPs
for ip in $allip ; do
	# Reverse the IP
	reverse=$(echo $ip | sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
	# Loop trough all Blacklists with reversed IP
	for BL in ${BLISTS} ; do
	    # Print the date (without linefeed)
	    printf $(env TZ='Europe/Berlin' date "+%d-%m-%Y %H:%M") >> $LogFile
	    # Show the IP and the name of the blacklist
	    printf "%-40s" " IP $ip | Blacklist http://${BL} " >> $LogFile
	    # Use dig to lookup the name in the blacklist
	    LISTED="$(dig +short -t a ${reverse}.${BL}.)"
	    echo ${LISTED:----} >> $LogFile
	done
done
# Search output
egrep -v "(reached|\-)"$ $LogFile >> $LogRBLfile
egrep "reached"$ $LogFile >> $LogRBLfileWarn

# Check log
if [ -s $LogRBLfile ]; then
	echo "Please check http://multirbl.valli.org/list/ for further information about the blacklists" >> $LogRBLfile
    for mailaddress in $mail; do
        # Send mail with current excerpt of log
        mail -s "** Service Alert: Mailserver on Blacklist **" $mailaddress < $LogRBLfile
    done
fi

exit $?
	#!/bin/sh
	####
	# Titel dnsbl_check
	# Descritption This Script checks multiple ips and blacklist
	####
	# Mail recipients (multiple mail addresses separated by whitespace)
	mail=''
	# Logfiles
	LogFile='/tmp/rbltemp.log'
	LogRBLfile='/var/log/rblfound.log'
	# In case a list isn't responding
	LogRBLfileWarn='/var/log/rblfound_warn.log'
	# All Mailserver IPs
	# The format is chosen to make it easy to add or delete
	# The shell will strip multiple whitespace
	allip='
	0.0.0.0
	1.1.1.1
	'
	# Check if an IP address is listed on one of the following blacklists
	BLISTS="
	0spam.fusionzero.com
	0spam-killlist.fusionzero.com
	combined.abuse.ch
	drone.abuse.ch
	spam.abuse.ch
	httpbl.abuse.ch
	ipbl.zeustracker.abuse.ch
	rbl.abuse.ro
	spam.dnsbl.anonmails.de
	list.anonwhois.net
	dnsbl.anticaptcha.net
	orvedb.aupads.org
	rsbl.aupads.org
	aspews.ext.sorbs.net
	dnsbl.aspnet.hu
	ips.backscatterer.org
	b.barracudacentral.org
	bb.barracudacentral.org
	list.bbfh.org
	l1.bbfh.ext.sorbs.net
	l2.bbfh.ext.sorbs.net
	l3.bbfh.ext.sorbs.net
	l4.bbfh.ext.sorbs.net
	bbm.2ch.net
	niku.2ch.net
	bbx.2ch.net
	bitonly.dnsbl.bit.nl
	netscan.rbl.blockedservers.com
	rbl.blockedservers.com
	spam.rbl.blockedservers.com
	list.blogspambl.com
	bsb.empty.us
	bsb.spamlookup.net
	query.bondedsender.org
	plus.bondedsender.org
	dnsbl.burnt-tech.com
	blacklist.sci.kun.nl
	whitelist.sci.kun.nl
	rot.blackhole.cantv.net
	cbl.anti-spam.org.cn
	cblplus.anti-spam.org.cn
	cblless.anti-spam.org.cn
	cdl.anti-spam.org.cn
	cml.anti-spam.org.cn
	CBL cbl.abuseat.org
	rbl.choon.net
	rwl.choon.net
	dnsbl.cyberlogic.net
	bogons.cymru.com
	v4.fullbogons.cymru.com
	tor.dan.me.uk
	torexit.dan.me.uk
	rbl.dns-servicios.com
	dnsbl.ipocalypse.net
	dnsbl.mags.net
	dnsbl.mcu.edu.tw
	dnsbl.rv-soft.info
	dnsblchile.org
	vote.drbl.caravan.ru
	vote.drbldf.dsbl.ru
	vote.drbl.gremlin.ru
	work.drbl.caravan.ru
	work.drbldf.dsbl.ru
	work.drbl.gremlin.ru
	bl.drmx.org
	DroneBL dnsbl.dronebl.org
	rbl.efnet.org
	rbl.efnetrbl.org
	tor.efnet.org
	bl.emailbasura.org
	rbl.fasthosts.co.uk
	fnrbl.fast.net
	forbidden.icm.edu.pl
	88.blocklist.zap
	hil.habeas.com
	accredit.habeas.com
	sa-accredit.habeas.com
	hul.habeas.com
	sohul.habeas.com
	lookup.dnsbl.iip.lu
	spamrbl.imp.ch
	wormrbl.imp.ch
	dnsbl.inps.de
	dnswl.inps.de
	intercept.datapacket.net
	rbl.interserver.net
	netblock.dnsl.ipquery.org
	relay.dnsl.ipquery.org
	single.dnsl.ipquery.org
	iadb.isipp.com
	iadb2.isipp.com
	iddb.isipp.com
	wadb.isipp.com
	whitelist.rbl.ispa.at
	mail-abuse.blacklist.jippg.org
	dnsbl.justspam.org
	dnsbl.kempt.net
	spamlist.or.kr
	bl.konstant.no
	admin.bl.kundenserver.de
	relays.bl.kundenserver.de
	schizo-bl.kundenserver.de
	spamblock.kundenserver.de
	worms-bl.kundenserver.de
	spamguard.leadmon.net
	ipbl.mailhosts.org
	ipwl.mailhosts.org
	rhswl.mailhosts.org
	shortlist.mailhosts.org
	xpews.mailhosts.org
	bl.mailspike.net
	z.mailspike.net
	bl.mav.com.br
	cidr.bl.mcafee.com
	rbl.megarbl.net
	dnsbl.forefront.microsoft.com
	bl.mipspace.com
	combined.rbl.msrbl.net
	images.rbl.msrbl.net
	phishing.rbl.msrbl.net
	spam.rbl.msrbl.net
	virus.rbl.msrbl.net
	web.rbl.msrbl.net
	relays.nether.net
	trusted.nether.net
	unsure.nether.net
	ix.dnsbl.manitu.net
	no-more-funn.moensted.dk
	nospam.ant.pl
	wl.nszones.com
	dyn.nszones.com
	sbl.nszones.com
	bl.nszones.com
	rbl.orbitrbl.com
	netblock.pedantic.org
	spam.pedantic.org
	pofon.foobar.hu pofon.foobar.hu
	rbl.polarcomm.net
	dnsbl.proxybl.org
	psbl.surriel.com
	whitelist.surriel.com
	all.rbl.jp
	short.rbl.jp
	virus.rbl.jp
	rbl.schulte.org
	rbl.talkactive.net
	eswlrev.dnsbl.rediris.es
	mtawlrev.dnsbl.rediris.es
	dnsbl.rizon.net
	dynip.rothen.com
	asn.routeviews.org
	aspath.routeviews.org
	dul.ru
	dnsbl.rymsho.ru
	all.s5h.net
	tor.dnsbl.sectoor.de
	exitnodes.tor.dnsbl.sectoor.de
	sa.senderbase.org
	bl.score.senderscore.com
	rhswl.shlink.org
	wl.shlink.org
	dnsbl.sorbs.net
	problems.dnsbl.sorbs.net
	proxies.dnsbl.sorbs.net
	relays.dnsbl.sorbs.net
	safe.dnsbl.sorbs.net
	dul.dnsbl.sorbs.net
	zombie.dnsbl.sorbs.net
	block.dnsbl.sorbs.net
	escalations.dnsbl.sorbs.net
	http.dnsbl.sorbs.net
	misc.dnsbl.sorbs.net
	smtp.dnsbl.sorbs.net
	socks.dnsbl.sorbs.net
	spam.dnsbl.sorbs.net
	recent.spam.dnsbl.sorbs.net
	new.spam.dnsbl.sorbs.net
	old.spam.dnsbl.sorbs.net
	web.dnsbl.sorbs.net
	korea.services.net
	geobl.spameatingmonkey.net
	backscatter.spameatingmonkey.net
	badnets.spameatingmonkey.net
	bl.spameatingmonkey.net
	netbl.spameatingmonkey.net
	all.spam-rbl.fr
	bl.spamcannibal.org
	dnsbl.spam-champuru.livedoor.com
	bl.spamcop.net
	_vouch.dwl.spamhaus.org
	pbl.spamhaus.org
	sbl.spamhaus.org
	sbl-xbl.spamhaus.org
	swl.spamhaus.org
	xbl.spamhaus.org
	zen.spamhaus.org
	feb.spamlab.com
	rbl.spamlab.com
	all.spamrats.com
	dyna.spamrats.com
	noptr.spamrats.com
	spam.spamrats.com
	spamsources.fabel.dk
	bl.spamstinks.com
	dul.pacifier.net
	multi.surbl.org
	xs.surbl.org
	srn.surgate.net
	dnsrbl.swinog.ch
	st.technovision.dk
	opm.tornevall.org
	r.mail-abuse.com
	q.mail-abuse.com
	rbl2.triumf.ca
	wbl.triumf.ca
	truncate.gbudb.net
	dnsbl-0.uceprotect.net
	dnsbl-1.uceprotect.net
	dnsbl-2.uceprotect.net
	dnsbl-3.uceprotect.net
	ubl.unsubscore.com
	white.uribl.com
	ip.v4bl.org
	virbl.dnsbl.bit.nl
	dnsbl.webequipped.com
	ips.whitelisted.org
	blacklist.woody.ch
	db.wpbl.info
	bl.blocklist.de
	dnsbl.zapbl.net
	"
	# Clear old Logfiles
	test -n $LogRBLfile && rm $LogRBLfile
	test -n $Logfile && rm $LogFile
	test -n $LogRBLfileWarn && rm $LogRBLfileWarn
	# Loop trough all IPs
	for ip in $allip ; do
	# Reverse the IP
	reverse=$(echo $ip \| sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
	# Loop trough all Blacklists with reversed IP
	for BL in ${BLISTS} ; do
	# Print the date (without linefeed)
	printf $(env TZ='Europe/Berlin' date "+%d-%m-%Y %H:%M") >> $LogFile
	# Show the IP and the name of the blacklist
	printf "%-40s" " IP $ip \| Blacklist http://${BL} " >> $LogFile
	# Use dig to lookup the name in the blacklist
	LISTED="$(dig +short -t a ${reverse}.${BL}.)"
	echo ${LISTED:----} >> $LogFile
	done
	done
	# Search output
	egrep -v "(reached\|\-)"$ $LogFile >> $LogRBLfile
	egrep "reached"$ $LogFile >> $LogRBLfileWarn

	# Check log
	if [ -s $LogRBLfile ]; then
	echo "Please check http://multirbl.valli.org/list/ for further information about the blacklists" >> $LogRBLfile
	for mailaddress in $mail; do
	# Send mail with current excerpt of log
	mail -s " Service Alert: Mailserver on Blacklist " $mailaddress < $LogRBLfile
	done
	fi

	exit $?