Golfreeze.packetlove.com: Life style of Golfreeze Canon400D Family kammtan.com Jazz Freebsd Unix Linux System Admin guitar Music
All about unix linux freebsd and FAQ for Packetlove.com Web hosting , Mail hosting , VoIP + IP PBX server => command , shell script ,tool , crontab => Topic started by: golfreeze on ตุลาคม 12, 2014, 05:37:22 pm
-
มี script check blacklist มาฝากสำหรับคนที่ดูแลระบบ เมล แล้วจะเชคว่า ip เครื่องเซิฟเวอร์ของตัวเองติด blacklist ของ RBL ที่ไหนหรือเปล่านะครับผม
Special thank to : http://daemonforums.org/showthread.php?t=302 (http://daemonforums.org/showthread.php?t=302)
ถ้าเชคแล้วมีคำตอบออกมาเป็น range ของช่วง 128.0.0.0/8 แสดงว่า ip ของคุณติด list RBL ของ RBL ที่เชคแล้วละครับ
ทำการแก้ไขต้นตอภายในเครื่องคุณซะ แล้วก็แจ้งปลดไปที่ RBL เจ้านั้นนะครับผม
$ for X in 24.209.96.220 124.160.89.56; do ./blcheck $X; done
IP 24.209.96.220 NAME cpe-24-209-96-220.woh.res.rr.com.
2007-06-17_01:18:29_UTC 220.96.209.24.cbl.abuseat.org. 127.0.0.2
2007-06-17_01:18:29_UTC 220.96.209.24.dnsbl.sorbs.net. 127.0.0.10
2007-06-17_01:18:30_UTC 220.96.209.24.bl.spamcop.net. 127.0.0.2
2007-06-17_01:18:30_UTC 220.96.209.24.zen.spamhaus.org. 127.0.0.11 127.0.0.4
2007-06-17_01:18:30_UTC 220.96.209.24.combined.njabl.org. 127.0.0.3
IP 124.160.89.56 NAME ---
2007-06-17_01:18:31_UTC 56.89.160.124.cbl.abuseat.org. 127.0.0.2
2007-06-17_01:18:31_UTC 56.89.160.124.dnsbl.sorbs.net. ---
2007-06-17_01:18:31_UTC 56.89.160.124.bl.spamcop.net. 127.0.0.2
2007-06-17_01:18:31_UTC 56.89.160.124.zen.spamhaus.org. 127.0.0.11 127.0.0.4
2007-06-17_01:18:31_UTC 56.89.160.124.combined.njabl.org. 127.0.0.3
$ while true; do echo IP?; read IP; ./blcheck $IP; done
IP?
201.13.22.241
IP 201.13.22.241 NAME 201-13-22-241.dsl.telesp.net.br.
2007-06-17_23:12:10_UTC 241.22.13.201.cbl.abuseat.org. 127.0.0.2
2007-06-17_23:12:11_UTC 241.22.13.201.dnsbl.sorbs.net. 127.0.0.10
2007-06-17_23:12:11_UTC 241.22.13.201.bl.spamcop.net. 127.0.0.2
2007-06-17_23:12:11_UTC 241.22.13.201.zen.spamhaus.org. 127.0.0.11 127.0.0.4
2007-06-17_23:12:11_UTC 241.22.13.201.combined.njabl.org. 127.0.0.3
-
#!/bin/sh
# -- $Id: blcheck.xml,v 1.8 2007/06/17 23:38:00 j65nko Exp $ --
# Check if an IP address is listed on one of the following blacklists
# The format is chosen to make it easy to add or delete
# The shell will strip multiple whitespace
BLISTS="
cbl.abuseat.org
dnsbl.sorbs.net
bl.spamcop.net
zen.spamhaus.org
combined.njabl.org
"
# simple shell function to show an error message and exit
# $0 : the name of shell script, $1 is the string passed as argument
# >&2 : redirect/send the message to stderr
ERROR() {
echo $0 ERROR: $1 >&2
exit 2
}
# -- Sanity check on parameters
[ $# -ne 1 ] && ERROR 'Please specify a single IP address'
# -- if the address consists of 4 groups of minimal 1, maximal digits, separated by '.'
# -- reverse the order
# -- if the address does not match these criteria the variable 'reverse will be empty'
reverse=$(echo $1 |
sed -ne "s~^\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)\.\([0-9]\{1,3\}\)$~\4.\3.\2.\1~p")
if [ "x${reverse}" = "x" ] ; then
ERROR "IMHO '$1' doesn't look like a valid IP address"
exit 1
fi
# Assuming an IP address of 11.22.33.44 as parameter or argument
# If the IP address in $0 passes our crude regular expression check,
# the variable ${reverse} will contain 44.33.22.11
# In this case the test will be:
# [ "x44.33.22.11" = "x" ]
# This test will fail and the program will continue
# An empty '${reverse}' means that shell argument $1 doesn't pass our simple IP address check
# In that case the test will be:
# [ "x" = "x" ]
# This evaluates to true, so the script will call the ERROR function and quit
# -- do a reverse ( address -> name) DNS lookup
REVERSE_DNS=$(dig +short -x $1)
echo IP $1 NAME ${REVERSE_DNS:----}
# -- cycle through all the blacklists
for BL in ${BLISTS} ; do
# print the UTC date (without linefeed)
printf $(env TZ=UTC date "+%Y-%m-%d_%H:%M:%S_%Z")
# show the reversed IP and append the name of the blacklist
printf "%-40s" " ${reverse}.${BL}."
# use dig to lookup the name in the blacklist
#echo "$(dig +short -t a ${reverse}.${BL}. | tr '\n' ' ')"
LISTED="$(dig +short -t a ${reverse}.${BL}.)"
echo ${LISTED:----}
done
# --- EOT ------
-
check RBL ของ proofpoint
https://support.proofpoint.com/rbl-lookup.cgi?ip=116.68.xxx.xxx