Openrbl check script

The following Bourne shell and Expect scripts check for the presence of mail relays in the Openrbl multi-DNSBL (DNS blacklist) site. As of this writing, Openrbl checks 29 DNS blacklists.

Openrbl limits the number of daily lookups by IP address, so make sure to limit the number of $RELAYS_TO_CHECK and how often the script is executed.

$RECIPIENTS are alerted through an email if any of the mail relays in $RELAYS_TO_CHECK are listed in one or more DNS blacklists.

The scripts were written for a Fedora Core 3 system.

openrbl_check contents:

#!/bin/sh

# Path to openrbl Expect script.
OPENRBL_EXPECT_SCRIPT=/home/hutch/scripts/openrbl_check.exp

# HTTP proxy, if applicable. Leave blank if not using a proxy.
HTTP_PROXY=http://host1.example.com:3128

# Email recipients
RECIPIENTS=user@example.com

# List of relays to check
RELAYS_TO_CHECK="host1.example.com \
                 host2.example.com"

for RELAY in $RELAYS_TO_CHECK
do
   TMPFILE=`mktemp`
   http_proxy=$HTTP_PROXY $OPENRBL_EXPECT_SCRIPT $RELAY > $TMPFILE

   POSITIVE_MATCHES=`grep -E -o "Positive=[0-9]+" $TMPFILE | cut -d= -f2`
   # If the "Positive=[0-9]+" regex is not found, the openrbl.org report
   # structure may have changed, or there were other problems obtaining
   # the information.
   [ -z "$POSITIVE_MATCHES" ] && \
       cat $TMPFILE | mail -s "`basename $0` problem encountered" $RECIPIENTS \
          && rm $TMPFILE && exit 1

   case $POSITIVE_MATCHES in
      0)
         continue ;;
      *)
         SUBJECT="$RELAY in DNSBL"
         echo "$RELAY is listed in $POSITIVE_MATCHES DNSBL(s) at \
http://www.openrbl.org/" | mail -s "$SUBJECT" $RECIPIENTS
   esac
   rm $TMPFILE
done

openrbl_check.exp contents:

#!/usr/bin/expect

# Next line needed to prevent "send: spawn id exp3 not open"
# errors when executed with cron. See http://wiki.tcl.tk/cron
set env(TERM) vt100
# Default timeout is 10 seconds.
set timeout 300
log_user 0
spawn lynx -accept_all_cookies -nocolor http://www.openrbl.org/
expect "(NORMAL LINK)"
send "\t\t\t\t\t\t\t"
send "$argv\t\r"
expect "Commands:"
send "\r"
log_user 1
expect "(NORMAL LINK)"
log_user 0
send "q"
expect "Are you sure you want to quit?"
send "y"

Back to brandonhutchinson.com.
Last modified: 01/06/2005