Python script to check DNSRBLs for IP address listing

In order to mitigate spam, most email servers use on or the other DNS-based Blackhole List to check if the sender IP address is known for sending spam emails.

While migrating my data to another server, I discovered that I check my own IP addresses with a shell script which acts as a wrapper around a very old Nagios Perl script which doesn't support IPv6.

Since I left Perl behind many years ago, I decided to rewrite the script as all-in-one solution for myself.

It only requires a single module which is not part of the standard library and is maybe useful for somebody else as well. I included as many DNSBLs as I could find, in my opinion it's better to check all of them instead of not being able to send emails successfully.


# install required package
apt install python3-dnspython

# download script
wget -O /usr/local/bin/check_dnsrbls
chmod 755 /usr/local/bin/check_dnsrbls

# print help
/usr/local/bin/check_dnsrbls -h

Without any arguments, the script tests if the local IP address (hostname -i) is listed in the preconfigured DNSRBLs. The exit code indicates the current status (0 - good, 1 - errors, 2 - listed). Please be aware that some of the preconfigured DNSBLs don't allow to be queried by large public DNS resolvers (ACLs). Use your providers nameservers instead.

# check if local IP address (hostname -i) is listed

# check if IP is listed use resolver with a timeout of 30
/usr/local/bin/check_dnsrbls -s -t 30

# check if IPv6 address is listed
/usr/local/bin/check_dnsrbls 2606:2800:220:1:248:1893:25c8:1946

Schreibe einen Kommentar