diff --git a/modules/email/email-diagnostics.sh b/modules/email/email-diagnostics.sh index b2f3f28..7a036c4 100755 --- a/modules/email/email-diagnostics.sh +++ b/modules/email/email-diagnostics.sh @@ -578,42 +578,42 @@ if [ "$bounced" -gt 0 ]; then # Blacklist/Provider detection with real-world message patterns # Format: "name|display_name|removal_url|detection_keywords" blacklist_db=( - # Traditional RBLs - "spamhaus|Spamhaus (ZEN/SBL/XBL)|https://check.spamhaus.org/|spamhaus|sbl.spamhaus|zen.spamhaus|xbl.spamhaus|pbl.spamhaus" - "barracuda|Barracuda Central BRBL|https://www.barracudacentral.org/rbl/removal-request|barracuda" - "spamcop|SpamCop Blocking List|https://www.spamcop.net/bl.shtml|spamcop|bl.spamcop" - "sorbs|SORBS DNSBL|http://www.sorbs.net/lookup.shtml|sorbs|dnsbl.sorbs" - "cbl|CBL (Composite Block List)|https://cbl.abuseat.org/lookup.cgi|cbl.abuseat|abuseat" - "psbl|PSBL (Passive Spam Block List)|https://psbl.org/|psbl.surriel|psbl" - "uceprotect|UCEPROTECT Network|http://www.uceprotect.net/en/rblcheck.php|uceprotect" - "invaluement|Invaluement DNSBL|http://www.invaluement.com/removal/|invaluement" - "mailspike|Mailspike Blacklist|https://mailspike.net/anubis/lookup.html|mailspike" - "truncate|GBUdb (Truncate)|http://www.gbudb.com/|truncate.gbudb|gbudb" - "dnsrbl|DNSRBL.org|http://www.dnsrbl.org/|dnsrbl" - "backscatterer|Backscatterer.org|http://www.backscatterer.org/|backscatterer" - "dnswl|DNSWL (actually whitelist)|https://www.dnswl.org/|dnswl" - "mxtoolbox|MXToolbox Blacklist|https://mxtoolbox.com/blacklists.aspx|mxtoolbox" + # Traditional RBLs - Format: "id|name|url|patterns|difficulty|avg_time" + "spamhaus|Spamhaus (ZEN/SBL/XBL)|https://check.spamhaus.org/|spamhaus|sbl.spamhaus|zen.spamhaus|xbl.spamhaus|pbl.spamhaus|HARD|1-7 days" + "barracuda|Barracuda Central BRBL|https://www.barracudacentral.org/rbl/removal-request|barracuda|MODERATE|1-3 days" + "spamcop|SpamCop Blocking List|https://www.spamcop.net/bl.shtml|spamcop|bl.spamcop|EASY|Same day" + "sorbs|SORBS DNSBL|http://www.sorbs.net/lookup.shtml|sorbs|dnsbl.sorbs|MODERATE|1-2 days" + "cbl|CBL (Composite Block List)|https://cbl.abuseat.org/lookup.cgi|cbl.abuseat|abuseat|MODERATE|1-3 days" + "psbl|PSBL (Passive Spam Block List)|https://psbl.org/|psbl.surriel|psbl|MODERATE|1-2 days" + "uceprotect|UCEPROTECT Network|http://www.uceprotect.net/en/rblcheck.php|uceprotect|HARD|3-7 days" + "invaluement|Invaluement DNSBL|http://www.invaluement.com/removal/|invaluement|MODERATE|1-3 days" + "mailspike|Mailspike Blacklist|https://mailspike.net/anubis/lookup.html|mailspike|EASY|Same day" + "truncate|GBUdb (Truncate)|http://www.gbudb.com/|truncate.gbudb|gbudb|EASY|Same day" + "dnsrbl|DNSRBL.org|http://www.dnsrbl.org/|dnsrbl|MODERATE|1-2 days" + "backscatterer|Backscatterer.org|http://www.backscatterer.org/|backscatterer|EASY|Same day" + "dnswl|DNSWL (actually whitelist)|https://www.dnswl.org/|dnswl|N/A|N/A" + "mxtoolbox|MXToolbox Blacklist|https://mxtoolbox.com/blacklists.aspx|mxtoolbox|EASY|Same day" # Major Email Providers (not traditional RBLs but they block based on reputation) - "microsoft|Microsoft/Outlook/Hotmail/Live Block|https://sendersupport.olc.protection.outlook.com/snds/|outlook.*block|hotmail.*block|live\.com.*block|msn\.com.*block|protection\.outlook.*block|on our block list|S3150|S3140|AS\(48" - "gmail|Gmail Reputation Filter|https://support.google.com/mail/contact/bulk_send_new|gmail.*suspicious|gmail.*reputation|gmail.*spam|gmail.*blocked|gmail.*detected" - "apple|Apple iCloud/me.com/mac.com Block|https://support.apple.com/|local policy|icloud.*reject|me\.com.*reject|mac\.com.*reject|CS01" - "yahoo|Yahoo/AOL Mail Block|https://senders.yahooinc.com/contact|yahoo.*block|yahoo.*reject|aol.*block|aol.*reject|verizonmedia.*block" - "zoho|Zoho Mail Block|https://www.zoho.com/mail/help/|zoho.*reject|zoho.*block|zohomail.*reject" - "protonmail|ProtonMail Block|https://protonmail.com/support/|protonmail.*reject|protonmail.*block|pm\.me.*reject" - "fastmail|Fastmail Block|https://www.fastmail.help/|fastmail.*reject|fastmail.*block" - "att|AT&T/SBC Block List|https://www.att.com/support/|att\.net.*block|sbcglobal.*block" - "comcast|Comcast/Xfinity Block|http://postmaster.comcast.net/|comcast.*block|xfinity.*block" - "cox|Cox Communications Block|https://www.cox.com/residential/support.html|cox\.net.*block" - "verizon|Verizon/Frontier Block|https://www.verizon.com/support/|verizon.*block|frontier.*block" - "spectrum|Spectrum/Charter Block|https://www.spectrum.net/support|spectrum.*block|charter.*block|rr\.com.*block" + "microsoft|Microsoft/Outlook/Hotmail/Live Block|https://sendersupport.olc.protection.outlook.com/snds/|outlook.*block|hotmail.*block|live\.com.*block|msn\.com.*block|protection\.outlook.*block|on our block list|S3150|S3140|AS\(48|MODERATE|Same day" + "gmail|Gmail Reputation Filter|https://support.google.com/mail/contact/bulk_send_new|gmail.*suspicious|gmail.*reputation|gmail.*spam|gmail.*blocked|gmail.*detected|EASY|Same day" + "apple|Apple iCloud/me.com/mac.com Block|https://support.apple.com/|local policy|icloud.*reject|me\.com.*reject|mac\.com.*reject|CS01|HARD|3-7 days" + "yahoo|Yahoo/AOL Mail Block|https://senders.yahooinc.com/contact|yahoo.*block|yahoo.*reject|aol.*block|aol.*reject|verizonmedia.*block|MODERATE|1-2 days" + "zoho|Zoho Mail Block|https://www.zoho.com/mail/help/|zoho.*reject|zoho.*block|zohomail.*reject|EASY|Same day" + "protonmail|ProtonMail Block|https://protonmail.com/support/|protonmail.*reject|protonmail.*block|pm\.me.*reject|MODERATE|1-3 days" + "fastmail|Fastmail Block|https://www.fastmail.help/|fastmail.*reject|fastmail.*block|MODERATE|1-2 days" + "att|AT&T/SBC Block List|https://www.att.com/support/|att\.net.*block|sbcglobal.*block|MODERATE|1-3 days" + "comcast|Comcast/Xfinity Block|http://postmaster.comcast.net/|comcast.*block|xfinity.*block|MODERATE|1-3 days" + "cox|Cox Communications Block|https://www.cox.com/residential/support.html|cox\.net.*block|MODERATE|1-3 days" + "verizon|Verizon/Frontier Block|https://www.verizon.com/support/|verizon.*block|frontier.*block|MODERATE|1-3 days" + "spectrum|Spectrum/Charter Block|https://www.spectrum.net/support|spectrum.*block|charter.*block|rr\.com.*block|MODERATE|1-3 days" ) detected_blacklists="" # Check each blacklist pattern against rejection messages for entry in "${blacklist_db[@]}"; do - IFS='|' read -r bl_id bl_name bl_url bl_patterns <<< "$entry" + IFS='|' read -r bl_id bl_name bl_url bl_patterns bl_difficulty bl_time <<< "$entry" # Split patterns and check each one matched=0 @@ -626,7 +626,7 @@ if [ "$bounced" -gt 0 ]; then done if [ $matched -eq 1 ]; then - detected_blacklists="${detected_blacklists}${bl_name}|${bl_url}\n" + detected_blacklists="${detected_blacklists}${bl_name}|${bl_url}|${bl_difficulty}|${bl_time}\n" fi done @@ -637,9 +637,14 @@ if [ "$bounced" -gt 0 ]; then print_info " Server IP detected: $extracted_ip" echo "" fi - echo -e "$detected_blacklists" | sort -u | while IFS='|' read -r bl_name bl_url; do + echo -e "$detected_blacklists" | sort -u | while IFS='|' read -r bl_name bl_url bl_difficulty bl_time; do if [ -n "$bl_name" ]; then - print_error " • $bl_name" + # Format difficulty and time if available + if [ -n "$bl_difficulty" ] && [ -n "$bl_time" ]; then + print_error " • $bl_name [$bl_difficulty - $bl_time]" + else + print_error " • $bl_name" + fi # Generate IP-specific lookup URL if IP was extracted if [ -n "$extracted_ip" ]; then case "$bl_url" in