added files
This commit is contained in:
parent
d1c2a9a08e
commit
a2f6a3e5ff
3 changed files with 157 additions and 0 deletions
148
blacklist_check.sh
Executable file
148
blacklist_check.sh
Executable file
|
@ -0,0 +1,148 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Check if an IP address is listed on one of the
|
||||
# following blacklists. The format is chosen to
|
||||
# make it easy to add or delete. The shell script
|
||||
# will strip multiple white spaces.
|
||||
|
||||
BLISTS="
|
||||
aspews.ext.sorbs.net
|
||||
b.barracudacentral.org
|
||||
bl.deadbeef.com
|
||||
bl.spamcop.net
|
||||
blackholes.five-ten-sg.com
|
||||
blacklist.woody.ch
|
||||
bogons.cymru.com
|
||||
cbl.abuseat.org
|
||||
cdl.anti-spam.org.cn
|
||||
combined.abuse.ch
|
||||
combined.rbl.msrbl.net
|
||||
db.wpbl.info
|
||||
dnsbl.cyberlogic.net
|
||||
dnsbl.dronebl.org
|
||||
dnsbl.inps.de
|
||||
dnsbl.njabl.org
|
||||
dnsbl.sorbs.net
|
||||
drone.abuse.ch
|
||||
duinv.aupads.org
|
||||
dul.dnsbl.sorbs.net
|
||||
dul.ru
|
||||
dyna.spamrats.com
|
||||
dynip.rothen.com
|
||||
http.dnsbl.sorbs.net
|
||||
images.rbl.msrbl.net
|
||||
ips.backscatterer.org
|
||||
ix.dnsbl.manitu.net
|
||||
korea.services.net
|
||||
misc.dnsbl.sorbs.net
|
||||
noptr.spamrats.com
|
||||
ohps.dnsbl.net.au
|
||||
omrs.dnsbl.net.au
|
||||
orvedb.aupads.org
|
||||
osps.dnsbl.net.au
|
||||
osrs.dnsbl.net.au
|
||||
owfs.dnsbl.net.au
|
||||
owps.dnsbl.net.au
|
||||
pbl.spamhaus.org
|
||||
phishing.rbl.msrbl.net
|
||||
probes.dnsbl.net.au
|
||||
proxy.bl.gweep.ca
|
||||
proxy.block.transip.nl
|
||||
psbl.surriel.com
|
||||
rdts.dnsbl.net.au
|
||||
relays.bl.gweep.ca
|
||||
relays.bl.kundenserver.de
|
||||
relays.nether.net
|
||||
residential.block.transip.nl
|
||||
ricn.dnsbl.net.au
|
||||
rmst.dnsbl.net.au
|
||||
sbl.spamhaus.org
|
||||
short.rbl.jp
|
||||
smtp.dnsbl.sorbs.net
|
||||
socks.dnsbl.sorbs.net
|
||||
spam.abuse.ch
|
||||
spam.dnsbl.sorbs.net
|
||||
spam.rbl.msrbl.net
|
||||
spam.spamrats.com
|
||||
spamlist.or.kr
|
||||
spamrbl.imp.ch
|
||||
t3direct.dnsbl.net.au
|
||||
tor.dnsbl.sectoor.de
|
||||
torserver.tor.dnsbl.sectoor.de
|
||||
ubl.lashback.com
|
||||
ubl.unsubscore.com
|
||||
virbl.bit.nl
|
||||
virus.rbl.jp
|
||||
virus.rbl.msrbl.net
|
||||
web.dnsbl.sorbs.net
|
||||
wormrbl.imp.ch
|
||||
xbl.spamhaus.org
|
||||
zen.spamhaus.org
|
||||
zombie.dnsbl.sorbs.net
|
||||
dnsbl.httpbl.org
|
||||
combined.njabl.org
|
||||
dnsbl.spfbl.net
|
||||
"
|
||||
# register at http://www.projecthoneypot.org/httpbl_api.php to
|
||||
# obtain an API-key
|
||||
HTTPbl_API_KEY="[your_api_key]"
|
||||
# simple shell function to show an error message and exit
|
||||
# $0 : the name of shell script, $1 is the string passed as argument
|
||||
# >&2 : redirect/send the message to stderr
|
||||
ERROR() {
|
||||
echo $0 ERROR: $1 >&2
|
||||
exit 2
|
||||
}
|
||||
|
||||
# -- Sanity check on parameters
|
||||
[ $# -ne 1 ] && ERROR 'Please specify a single IP address'
|
||||
# -- if the address consists of 4 groups of minimal 1, maximal digits,
|
||||
# separated by '.'
|
||||
# -- reverse the order
|
||||
# -- if the address does not match these criteria the variable
|
||||
# 'reverse will be empty'
|
||||
reverse=$(echo $1 |
|
||||
sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
|
||||
if [ "x${reverse}" = "x" ] ; then
|
||||
ERROR "IMHO '$1' doesn't look like a valid IP address"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Assuming an IP address of 11.22.33.44 as parameter or argument
|
||||
# If the IP address in $0 passes our crude regular expression
|
||||
# check, the variable ${reverse} will contain 44.33.22.11
|
||||
# In this case the test will be:
|
||||
# [ "x44.33.22.11" = "x" ]
|
||||
# This test will fail and the program will continue
|
||||
# An empty '${reverse}' means that shell argument $1 doesn't pass our
|
||||
# simple IP address check. In that case the test will be:
|
||||
# [ "x" = "x" ]
|
||||
# This evaluates to true, so the script will call the ERROR function
|
||||
# and quit
|
||||
# -- do a reverse ( address -> name) DNS lookup
|
||||
REVERSE_DNS=$(dig +short -x $1)
|
||||
echo IP $1 NAME ${REVERSE_DNS:----}
|
||||
|
||||
# -- cycle through all the blacklists
|
||||
for BL in ${BLISTS} ; do
|
||||
# print the UTC date (without linefeed)
|
||||
printf $(env TZ=UTC date "+%Y-%m-%d_%H:%M:%S")
|
||||
# show the reversed IP and append the name of the blacklist
|
||||
if [ "$BL" == "dnsbl.httpbl.org" ];
|
||||
then
|
||||
printf "%-50s" " ${HTTPbl_API_KEY}.${reverse}.${BL}."
|
||||
else
|
||||
printf "%-50s" " ${reverse}.${BL}."
|
||||
fi
|
||||
# use dig to lookup the name in the blacklist
|
||||
# echo "$(dig +short -t a ${reverse}.${BL}. | tr 'n' ' ')"
|
||||
if [ "$BL" == "dnsbl.httpbl.org" ];
|
||||
then
|
||||
LISTED="$(dig +short -t a ${HTTPbl_API_KEY}.${reverse}.${BL}.)"
|
||||
echo ${LISTED:----}
|
||||
else
|
||||
LISTED="$(dig +short -t a ${reverse}.${BL}.)"
|
||||
echo ${LISTED:----}
|
||||
fi
|
||||
done
|
||||
# --- EOT ------
|
2
email_server.txt
Normal file
2
email_server.txt
Normal file
|
@ -0,0 +1,2 @@
|
|||
email_server.com
|
||||
second.email_server.com
|
7
multi_check.sh
Executable file
7
multi_check.sh
Executable file
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
for ADDRESS in $(cat email_server.txt);
|
||||
do
|
||||
IP=$(nslookup $ADDRESS | grep Address | cut -d: -f2 | tail -n1);
|
||||
./blacklist_check.sh $IP;
|
||||
done
|
Loading…
Reference in a new issue