WHMCS IP Blacklist Monitor

[Steven F]

Hey everyone! I'm developing a WHMCS IP blacklist monitor, which will be released for free. It's all very simple stuff, but I wanted to know what features you think I should include. What blacklists should be included? I currently have Spamhaus, but maybe there are others you'd like?

 

[tonyg]

The ones I use for my monitoring script:

cbl.abuseat.org
bl.spamcop.net
dnsbl.sorbs.net
zen.spamhaus.org
b.barracudacentral.org

 

[Steven F]

The ones I use for my monitoring script:

cbl.abuseat.org


bl.spamcop.net


dnsbl.sorbs.net


zen.spamhaus.org


b.barracudacentral.org

Alright, I'll definitely look into those. Thanks!

 

[Ishaq]

I think this is a bad idea, many residential ISPs are listed on blacklists.

I'm listed on Spamhaus ZEN. And my previous IPs were even though I haven't done anything.

What would the module do if someone is on the blacklist?

 

[AMDbuilder]

I think this is a bad idea, many residential ISPs are listed on blacklists.

I'm listed on Spamhaus ZEN. And my previous IPs were even though I haven't done anything.

What would the module do if someone is on the blacklist?

Um... I think the goal is to monitor your servers...

 

[Ishaq]

Oh, right. That makes sense.

 

[rmlhhd]

Bad idea, reasons are mentioned about. Just use Maxmind or validate orders manually.

 

[HostUS-Alexander]

I think what @Steven F is saying an IP monitor that monitors your VPS IP in blacklists, which is a very smart idea. 

 

[Steven F]

I think what @Steven F is saying an IP monitor that monitors your VPS IP in blacklists, which is a very smart idea. 

^I thought this was clear, but apparently not...

 

[MartinD]

So..random question, what if the VPS has more than 1 IP and that's not recorded in WHMCS?

 

[Steven F]

So..random question, what if the VPS has more than 1 IP and that's not recorded in WHMCS?

That's not part of what this module will do, at least initially.

 

[MartinD]

Okay so...what is it supposed to be doing?

 

[Steven F]

Okay so...what is it supposed to be doing?

It will integrate blacklist monitoring with your WHMCS. When a blacklist is detected it can: open a ticket with the client (or in a department of your choosing, privately), send you an e-mail, and will have functionality to allow for easy suspensions (however this functionality may not be provided initially. If people would like to let me test stuff out on their SolusVM or other APIs, I'll gladly work on it).

It will also display current blacklists and contain logs, so you can keep track of your blacklists. It's meant to be a simple add-on to help hosts prevent spam. It's nothing complicated and the only reason the code is more than a few lines is because it's being integrated with WHMCS.

 

[Wintereise]

Why don't you just create an external daemon that can hook into the whmcs api to create tickets.

Have users specify CIDR ranges to scan and track, seems better than your current approach.

 

[splitice]

Is a WHMCS module really needed?

Perhaps just run this script on a cron, create tickets using WHMCS api (or by emailing in using a spoofed email from) and use a small database to not repeated reports...

 

[MartinD]

It will integrate blacklist monitoring with your WHMCS. When a blacklist is detected it can: open a ticket with the client (or in a department of your choosing, privately), send you an e-mail, and will have functionality to allow for easy suspensions (however this functionality may not be provided initially. If people would like to let me test stuff out on their SolusVM or other APIs, I'll gladly work on it).


It will also display current blacklists and contain logs, so you can keep track of your blacklists. It's meant to be a simple add-on to help hosts prevent spam. It's nothing complicated and the only reason the code is more than a few lines is because it's being integrated with WHMCS.

Then surely my question still stands. It won't check all the ips, will it?

 

[DomainBop]

It will also display current blacklists and contain logs, so you can keep track of your blacklists. It's meant to be a simple add-on to help hosts prevent spam.

spammer spams > IP gets blacklisted > plugin kicks in after 7 million spam emails have been sent (or doesn't kick in at all if the IP isn't in WHMCS)

 

[Steven F]

Then surely my question still stands. It won't check all the ips, will it?

It will check all of the IPs which you tell it to check.

Why don't you just create an external daemon that can hook into the whmcs api to create tickets.

Have users specify CIDR ranges to scan and track, seems better than your current approach.

Because this ends up being much more simple for most users to handle.

 

[Steven F]

Is a WHMCS module really needed?

Perhaps just run this script on a cron, create tickets using WHMCS api (or by emailing in using a spoofed email from) and use a small database to not repeated reports...

I'm doing this for people that would like some simple integration with their WHMCS and some blacklist checking. It's not fancy and it shouldn't be your primary anti-spam defense. It just makes life a little easier for the people that use external blacklist monitoring. That's all it does. Maybe I'll extend some functionality to make it a little bit more involved, but again, it's not a first line of defense. It's just meant for some simple monitoring.

I do intend to include additional functionality to allow people to extend the plugin and make it a bit more involved, but I most likely will not be doing anything more than that (unless people would like a SolusVM/Virtualizor/whatever addition, in which case, I have no problem helping out).

 

[MartinD]

It will check all of the IPs which you tell it to check.

Is it going to check the IP's in WHMCS that are against products/services or not?

If not, what's the point in involving WHMCS? If it is, then what about extra IP addresses?

This is like pulling teeth.