RBL Nagios script
Written by Eric Schwimmer
We send a lot of email, and consequently we have a lot of email servers. Occasionally, one of them will be accidentally marked as spam on one of the various DNS real-time blacklists (RBLs), which can cause email delivery problems for us. This nagios check will tell you if the host it is run on is listed in any of the major RBL servers:
#!/bin/bash
RBL_SERVERS=(
'cbl.abuseat.org'
'dnsbl.cyberlogic.net'
'bl.deadbeef.com'
'spamtrap.drbl.drand.net'
'spamsources.fabel.dk'
'0spam.fusionzero.com'
'mail-abuse.blacklist.jippg.org'
'korea.services.net'
'spamguard.leadmon.net'
'ix.dnsbl.manitu.net'
'relays.nether.net'
'no-more-funn.moensted.dk'
'psbl.surriel.com'
'dyna.spamrats.com'
'noptr.spamrats.com'
'spam.spamrats.com'
'dnsbl.sorbs.net'
'spam.dnsbl.sorbs.net'
'bl.spamcannibal.org'
'bl.spamcop.net'
'pbl.spamhaus.org'
'sbl.spamhaus.org'
'xbl.spamhaus.org'
'dnsbl-1.uceprotect.net'
'dnsbl-2.uceprotect.net'
'dnsbl-3.uceprotect.net'
'db.wpbl.info'
'access.redhawk.org'
'blacklist.sci.kun.nl'
'dnsbl.kempt.net'
'dul.ru'
'forbidden.icm.edu.pl'
'hil.habeas.com'
'rbl.schulte.org'
'sbl-xbl.spamhaus.org'
)
RevIP() { local IFS; IFS=.; set -- $1; echo $4.$3.$2.$1; }
MY_IP=$(curl -s ifconfig.co)
REV_IP=$(RevIP $MY_IP)
HITS=$(
printf '%s\n' "${RBL_SERVERS[@]}" |
xargs -P0 -I{} dig +nocmd $REV_IP.{} a +noall +answer |
sed "s/^$REV_IP\.\(\S\+\)\.\s.\+/\\1/"
)
[[ -z $HITS ]] && echo "OK: $MY_IP not listed in any RBL blacklists" && exit 0
echo -e "ERROR: $MY_IP found in one or more blacklists\n$HITS" && exit 2