cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
89ad05022268a4994878245e55fea207159c86ac
Linux-Server-Management-Too…/modules/email/blacklist-check.sh
T
cschantz 89ad050222 Fix critical logic errors in email diagnostics scripts 
CRITICAL FIXES (5 issues):
1. email-diagnostics.sh: Fix inverted sender/recipient extraction logic
   - Lines 292-303: Corrected pattern matching to properly extract recipients and senders
   - Removed inverted grep patterns that were looking for wrong log entry types

2. mail-log-analyzer.sh: Fix string comparison with percent sign
   - Line 1184-1186: Properly extract numeric value before '%' character
   - Use sed to isolate leading digits for numeric comparison

3. email-diagnostics.sh: Fix malformed grep syntax
   - Line 525-527: Corrected grep command structure with -e options
   - Changed to -iE with pipe patterns and proper file argument placement

4. mail-log-analyzer.sh: Fix overly broad domain bounce pattern
   - Line 749: Changed from "^.*${domain}" to "\b${domain}$"
   - Prevents false positives from substring domain matches

5. mail-log-analyzer.sh: Fix undefined TEMP_LOG variable
   - Line 860: Changed TEMP_LOG to MAIL_LOG (the actual global variable)
   - Added error handling with 2>/dev/null

HIGH SEVERITY FIXES (2 issues):
6. mail-log-analyzer.sh: Fix AWK uninitialized variable
   - Lines 1447-1456: Added BEGIN block to initialize print_line = 0
   - Prevents first log entries from being incorrectly filtered

7. mail-log-analyzer.sh: Fix overly permissive bounce detection pattern
   - Line 247: Changed from "(==|defer)" to more specific pattern
   - Prevents false positives from non-bounce defer messages

MODERATE FIXES (3 issues):
8. mail-queue-inspector.sh: Fix queue message count mismatch
   - Line 41: Changed head -40 to head -20 to match label

9. deliverability-test.sh: Fix fragile SMTP connection test
   - Lines 102-106: Added nc availability check and fallback to bash TCP
   - Proper variable quoting and error handling

10. blacklist-check.sh: Replace deprecated host command with dig
    - Line 52: Changed from host to dig +short for consistency and timeout control

All scripts pass syntax validation.
Impact: Logic errors fixed, no security issues introduced, all existing functionality preserved.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-02-07 00:39:07 -05:00

91 lines
3.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
################################################################################
# IP Blacklist Checker
################################################################################
# Purpose: Check if server IP is blacklisted
################################################################################
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"
source "$SCRIPT_DIR/lib/system-detect.sh"
show_banner "IP Blacklist Checker"
# Get server's public IP
print_info "Detecting server IP address..."
SERVER_IP=$(curl -s --max-time 5 ifconfig.me || curl -s --max-time 5 icanhazip.com || curl -s --max-time 5 ipecho.net/plain)
if [ -z "$SERVER_IP" ]; then
print_error "Could not detect server IP address"
exit 1
fi
print_success "Server IP: $SERVER_IP"
echo ""
# Blacklist database with difficulty ratings and removal URLs
# Format: "rbl_host|display_name|removal_url|difficulty|estimated_time"
BLACKLISTS_DB=(
"zen.spamhaus.org|Spamhaus (ZEN)|https://check.spamhaus.org/|HARD|1-7 days"
"bl.spamcop.net|SpamCop RBL|https://www.spamcop.net/bl.shtml|EASY|Same day"
"bl.barracudacentral.org|Barracuda|https://www.barracudacentral.org/rbl/removal-request|MODERATE|1-3 days"
"dnsbl.sorbs.net|SORBS|http://www.sorbs.net/lookup.shtml|MODERATE|1-2 days"
"cbl.abuseat.org|CBL (Composite Block List)|https://cbl.abuseat.org/lookup.cgi|MODERATE|1-3 days"
"psbl.surriel.com|PSBL|https://psbl.org/|MODERATE|1-2 days"
"dnsbl-1.uceprotect.net|UCEPROTECT|http://www.uceprotect.net/en/rblcheck.php|HARD|3-7 days"
)
print_header "Checking Blacklists"
echo ""
LISTED=0
NOT_LISTED=0
# Reverse IP once for all lookups
REVERSED_IP=$(echo $SERVER_IP | awk -F. '{print $4"."$3"."$2"."$1}')
for entry in "${BLACKLISTS_DB[@]}"; do
IFS='|' read -r rbl_host bl_name removal_url difficulty time_estimate <<< "$entry"
# Check if listed (using dig with timeout for consistency)
if dig +short +timeout=2 "$REVERSED_IP.$rbl_host" A 2>/dev/null | grep -q .; then
print_error "✗ LISTED on $bl_name [$difficulty - $time_estimate]"
echo " Removal: $removal_url"
((LISTED++))
else
print_success "✓ Not listed on $bl_name"
((NOT_LISTED++))
fi
done
echo ""
print_header "Summary"
if [ "$LISTED" -eq 0 ]; then
print_success "✓ Server IP is clean ($NOT_LISTED blacklists checked)"
echo " Your server is not currently listed on any major blacklists."
else
print_warning "⚠ Server IP is listed on $LISTED blacklist(s)"
echo ""
print_info "Delisting Difficulty Breakdown:"
echo " EASY (Same day): Check removal links above - usually automatic"
echo " MODERATE (1-3 days): Submit formal request, typically responsive"
echo " HARD (3-7+ days): Complex process, may require documentation"
echo ""
print_info "To delist your IP:"
echo " 1. Review the removal URLs shown above for each listing"
echo " 2. Identify and fix the underlying issue:"
echo " - Check for security compromises or spam accounts"
echo " - Verify SPF/DKIM/DMARC are correctly configured"
echo " - Review mail queue for suspicious content"
echo " 3. Submit delisting request with justification"
echo " 4. Track status using blacklist-check.sh regularly"
echo ""
print_info "Additional resources:"
echo " - Use 'email-diagnostics' for detailed analysis"
echo " - Check ~/email-diagnostics-history.json for patterns"
fi
echo ""
Reference in New Issue View Git Blame Copy Permalink