# Original script written by Jake Vickers on # December 19, 2006 to check RBL timing and adjust your blacklists file # to remove slow RBLs. # Script rewritten by Jake Vickers on October 28, 2009 to bring enhancements # and more features. #!/bin/sh # Define some variables and static mappings here RBL_loc="/var/qmail/control/blacklists" RBL_master="/var/qmail/control/blacklists.master" CEILING=20 # Number of seconds to set as our max before we dump a blacklist DATENAME=`date +%Y%m%d%H%M` TMP_dir="/tmp" TMP_file="$TMP_dir/BL-CHECK_$DATENAME" ################################################### ### You shouldn't need to edit anything else below ################################################### ############## ### Everyone should be running a recent version of BASH, but let's not assume bashtest[0]='test' || (echo 'Failure: arrays are not supported in this version of bash.' && exit 2) ############## ### Check to make sure we have the correct files in place if [ ! -e $RBL_loc ] ; then echo "Missing $RBL_loc! This is a fatal error and we cannot continue!" echo "This file must exist or we have nothing to check." exit 2 fi if [ ! -e $RBL_master ] ; then echo "Missing $RBL_master! This is a fatal error and we cannot continue!" echo "This file must exist so we have a baseline to check against." exit 2 fi ############## ### We generate the random IP address to check against the RBLs in this routine generate_ipv4() { LOEND=1 # lowest IP number to use HIEND=253 # highest IP number to use RANDMAX=32767 # for random number generator TIMEFORMAT="%R" # needed for time to output a whole number we can use # Generate our IP octets ANUMBER=$(( $LOEND + ($HIEND * $RANDOM) / ($RANDMAX + 1) )) BNUMBER=$(( $LOEND + ($HIEND * $RANDOM) / ($RANDMAX + 1) )) CNUMBER=$(( $LOEND + ($HIEND * $RANDOM) / ($RANDMAX + 1) )) DNUMBER=$(( $LOEND + ($HIEND * $RANDOM) / ($RANDMAX + 1) )) } ############## ### Get the list of RBLs into an array, and get a count of the number of entries process_rblfile() { a=`cat $RBL_loc` set -- $(echo ${a//-r/}) rbllist=($@) count=0 while [ "x${rbllist[count]}" != "x" ] do count=$(( $count + 1 )) done } ############## ### Read the RBL master file into an array read_master() { b=`cat $RBL_master` set -- $(echo ${b//-r/}) rblmaster=($@) master_count=0 while [ "x${rblmaster[master_count]}" != "x" ] do master_count=$(( $master_count + 1 )) done } ############## ### Let's check the timing of our RBLs here, and write them to a temp file check_rbl_timing() { for blcheck in ${rbllist[@]} ; do NBR=$(time dig +time=$CEILING +short $ANUMBER.$BNUMBER.$CNUMBER.$DNUMBER.$blcheck) > /dev/null if [ `expr '$NBR' \<= '$CEILING'` ] ; then # If a RBL exceeds $CEILING, it should not be written to the $TMP_file echo -n "-r $blcheck " >> $TMP_file fi done } ############## ### Check to see if the tmp file is the same as the master file check_diff() { cmp -s $TMP_file $RBL_master > /dev/null if [ $? -eq 1 ]; then # Files are different, so we move the original to -backup and move the tmp file to the original location mv -f $RBL_loc $RBL_loc-backup mv -f $TMP_file $RBL_loc # Reload qmail to apply changes /usr/bin/qmailctl reload else # Files are the same, so we do not do anything really, except some cleanup rm -f $TMP_file fi } ############## ### Check to see if there is a $RBL_loc-backup file and put it back in place check_modded() { if [ -e $RBL_loc-backup ] ; then mv -f $RBL_loc $RBL_loc-modded mv -f $RBL_loc-backup $RBL_loc /usr/bin/qmailctl reload fi } ############## ### Perform some cleanup tasks cleanup() { if [ -e $TMP_file ] ; then rm -f $TMP_file fi } ############## ### Main program here generate_ipv4 check_modded read_master process_rblfile check_rbl_timing echo >> $TMP_file # Add a linefeed just to make sure everything parses correctly check_diff cleanup exit 0