# Automated "am I blacklisted?" check?



## raindog308 (Feb 28, 2014)

I'm looking for something I can run as a cron job that checks if any of my IPs are blacklisted.

There are online tools but I want to script something that will check and email me.  Before I invent it...does something like this exist?

(To be clear - there's no reason they _should_ be blacklisted since I'm not spamming.  But obviously things happen, customers might misbehave, etc.)


----------



## drmike (Feb 28, 2014)

Something like this has to exist, but I am unaware of such.... There are all those various DNS based lookup lists...

Seems like a decent project idea.


----------



## tchen (Feb 28, 2014)

https://gist.github.com/danielpunkass/4287421


----------



## raindog308 (Feb 28, 2014)

So that checks Spamhaus...there are many others.

The script is conceptually trivial to write - it's just a lookup.  Just wondering if someone already had a tool (with a maintained list of RBLs, etc.)


----------



## KuJoe (Feb 28, 2014)

I haven't used this in a while but I found this back in 2011:


```
<?php
require_once('Net/DNSBL.php');
$iplist = file("/root/iplist");
foreach ($iplist as $ip){
$dnsbl = new Net_DNSBL();
$dnsbl->setBlacklists(array(
'asiaspam.spamblocked.com',
'bl.deadbeef.com',
'bl.emailbasura.org',
'bl.spamcop.net',
'blackholes.five-ten-sg.com',
'blacklist.woody.ch',
'bogons.cymru.com',
'cbl.abuseat.org',
'cdl.anti-spam.org.cn',
'combined.abuse.ch',
'combined.rbl.msrbl.net',
'db.wpbl.info',
'dnsbl-1.uceprotect.net',
'dnsbl-2.uceprotect.net',
'dnsbl-3.uceprotect.net',
'dnsbl.abuse.ch',
'dnsbl.ahbl.org',
'dnsbl.cyberlogic.net',
'dnsbl.inps.de',
'dnsbl.njabl.org',
'dnsbl.sorbs.net',
'drone.abuse.ch',
'duinv.aupads.org',
'dul.dnsbl.sorbs.net',
'dul.ru',
'dyna.spamrats.com',
'dynip.rothen.com',
'eurospam.spamblocked.com',
'fl.chickenboner.biz',
'http.dnsbl.sorbs.net',
'images.rbl.msrbl.net',
'ips.backscatterer.org',
'isps.spamblocked.com',
'ix.dnsbl.manitu.net',
'korea.services.net',
'lacnic.spamblocked.com',
'misc.dnsbl.sorbs.net',
'noptr.spamrats.com',
'ohps.dnsbl.net.au',
'omrs.dnsbl.net.au',
'orvedb.aupads.org',
'osps.dnsbl.net.au',
'osrs.dnsbl.net.au',
'owfs.dnsbl.net.au',
'owps.dnsbl.net.au',
'pbl.spamhaus.org',
'phishing.rbl.msrbl.net',
'probes.dnsbl.net.au',
'proxy.bl.gweep.ca',
'proxy.block.transip.nl',
'psbl.surriel.com',
'rbl.interserver.net',
'rdts.dnsbl.net.au',
'relays.bl.gweep.ca',
'relays.bl.kundenserver.de',
'relays.nether.net',
'residential.block.transip.nl',
'ricn.dnsbl.net.au',
'rmst.dnsbl.net.au',
'sbl.spamhaus.org',
'short.rbl.jp',
'smtp.dnsbl.sorbs.net',
'socks.dnsbl.sorbs.net',
'spam.dnsbl.sorbs.net',
'spam.rbl.msrbl.net',
'spam.spamrats.com',
'spamlist.or.kr',
'spamrbl.imp.ch',
't3direct.dnsbl.net.au',
'tor.ahbl.org',
'tor.dnsbl.sectoor.de',
'torserver.tor.dnsbl.sectoor.de',
'ubl.lashback.com',
'ubl.unsubscore.com',
'virbl.bit.nl',
'virus.rbl.jp',
'virus.rbl.msrbl.net',
'web.dnsbl.sorbs.net',
'wormrbl.imp.ch',
'xbl.spamhaus.org',
'zen.spamhaus.org'
));
if ($dnsbl->isListed($ip)) {
echo "----->BAD $ip";
}
else {
echo "CLEAN $ip";
}
}
?>
```


----------



## tchen (Feb 28, 2014)

raindog308 said:


> So that checks Spamhaus...there are many others.
> 
> The script is conceptually trivial to write - it's just a lookup.  Just wondering if someone already had a tool (with a maintained list of RBLs, etc.)


Try https://github.com/polera/rblwatch

I know 37signals used to have something, but i can't find their github anymore.  But ya, google 'rbl github check' should give you a whole list of people reinventing the wheel


----------



## DomainBop (Feb 28, 2014)

> google 'rbl github check' should give you a whole list of people reinventing the wheel


That google search gave me a list of pr0n sites, 

for the Zabbix users in the house:

https://github.com/jjmartres/Zabbix/blob/master/zbx-scripts/rbl.check/rbl.check


----------



## GIANT_CRAB (Feb 28, 2014)

@KuJoe, that script is so old that it no longer works on PHP 5.4+

There's no good PHP scripts lying around...


----------



## skytoastersal (Feb 28, 2014)

I posted the PHP code we use at SkyToaster to check our IPs on GitHub, hope it helps. It can take a little time to run so if you run it on a cron I would test how long it takes first.

@GIANT_CRAB, this actually works on modern versions of PHP.

https://github.com/salscode/rblcheck


----------



## tchen (Feb 28, 2014)

skytoastersal said:


> It can take a little time to run so if you run it on a cron I would test how long it takes first.


tip: if you use cron on long-running jobs, consider using flock.


----------



## Wintereise (Mar 1, 2014)

Navyn said:


> One of my friend also was looking for the same script but he did not found so now he is trying to develop a script for the same in PHP and have done almost completed. but sorry to say he will not share this script with someone else as he created this script after 2-3 month hard work.


Can you please stop spamming?

Useless posts (like the one quoted here) are not relevant, and this is not WHT.


----------



## KS_Phillip (Mar 1, 2014)

Nodeping can do RBL checks as well.


----------



## drmike (Mar 1, 2014)

tchen said:


> tip: if you use cron on long-running jobs, consider using flock.


@tchen thank you for mentioning flock!   This is just what I've needed for various cron-overlapping tasks for a while.   Awesome!

Good description of flock and real world use over here:

http://www.elevatedcode.com/2013/05/07/flock-for-cron-jobs.html


----------



## concerto49 (Mar 3, 2014)

Wintereise said:


> Can you please stop spamming?
> 
> Useless posts (like the one quoted here) are not relevant, and this is not WHT.


Why don't you report him to Spamhaus for spamming?


----------



## QuatroVPS (Mar 3, 2014)

mxtoolbox can autocheck your IPs


----------

