Checks if the given IP address(es) are listed at the given dnsrbl provider(s).
DNSRBL lists are used to fight against e-mail spams. They detect and list IP addresses that are used to send unwanted e-mails. When an e-mail sent from a blacklisted address, the anti-spam software will mark the message as Spam.
This software is useful for sysadmins who operates MTA (Mail Transfer Agent) softwares and want to see if their IP address they use to send e-mail is listed on an RBL list - therefore they can see a reason why some clients doesn't receive e-mail.
Providers must be listed in a file, one line should be one provider.
Empty lines are ignored.
Lines started with # are ignored.
The file name must be passed with the -p parameter to the command or - for standard input.
IP addresses or domain names which needs to be tested against the providers.
The addresses must be passed with the -i parameter to the command. Multiple address can be listed, separate them by comma (,).
go buildTest if the IP address 1.2.3.4 is blacklisted in providers listed in providers file (see how to get provider list section):
Variations for the same operation:
./dnsbl-check -i 1.2.3.4 -p ipv4providers./dnsbl-check -i 1.2.3.4 -p - < ipv4providerscat ipv4providers | ./dnsbl-check -i 1.2.3.4 -p -The program returns every result in a new line, fields are separated by TAB character \t.
The line starts with the status: OK or FAIL or ERR
OKreturned if no listing found for the addressFAILreturned if listing found for the addressERRreturned if the address lookup failed
Second field is the address
Third field is the provider
Fourth field is filled only if the status is either FAIL or ERR. If the status is FAIL and no reason returned from te provider, the unknown reason text will be shown. If the status is ERR the error message will be shown here.
OK 127.0.0.2 dyn.rbl.polspam.pl
FAIL 127.0.0.2 bl.spamcop.net Blocked - see https://www.spamcop.net/bl.shtml?127.0.0.2
ERR 127.0.0.2 spam.dnsbl.anonmails.de lookup 2.0.0.127.spam.dnsbl.anonmails.de on 127.0.0.53:53: server misbehaving
List of providers coming from http://multirbl.valli.org/list/
To get ipv4 blacklist providers run the following command:
awk '$5 == "b" && $2 == "ipv4" && $1 != "(hidden)" { print $1 }' < providers > ipv4providersThen you can test if a provider is working - responds to a test query (query the address 127.0.0.2):
./dnsbl-check -p ipv4providers -i 127.0.0.2 | awk '$1 == "FAIL" { print $3 }' > ipv4verifiedThen with that list you can check if your IP address (1.2.3.4) is blacklisted:
./dnsbl-check -p ip4verified -i 1.2.3.4It can be piped into one command:
awk '$5 == "b" && $2 == "ipv4" && $1 != "(hidden)" { print $1 }' < providers | \
./dnsbl-check -p - -i 127.0.0.2 | awk '$1 == "FAIL" { print $3 }' | \
./dnsbl-check -p - -i 1.2.3.4However it's recommended to keep the used provider list separately, to save the resources of the providers.
Similar to the IPv4 providers, but we filter the multirbl list to items which are maintaining balck lists of domains:
awk '$5 == "b" && $4 == "dom" && $1 != "(hidden)" { print $1 }' < providers > domain_providersThen check if the provider is looking good query the address TEST
./dnsbl-check -p domain_providers -i TEST | awk '$1 == "FAIL" { print$3 }' > domain_providers_verifiedYou can check the address INVALID as well, which should return OK:
./dnsbl-check -p domain_providers -i TEST | awk '$1 == "FAIL" { print $3 }' | \
./dnsbl-check -p - -i INVALID | awk '$1 == "OK" { print $3 }' > domain_providers_verified
Then you can query your domain:
./dnsbl-check -p domain_providers_verified -i mail.example.com