pax_global_header00006660000000000000000000000064135443772200014521gustar00rootroot0000000000000052 comment=bb66f867a8d63e4f1d92569c6a98f1fe6b8b3248 rblcheck-20190930/000077500000000000000000000000001354437722000135475ustar00rootroot00000000000000rblcheck-20190930/AUTHORS000066400000000000000000000000761354437722000146220ustar00rootroot00000000000000Edward S. Marshall Marco d'Itri rblcheck-20190930/COPYING000066400000000000000000000430701354437722000146060ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. rblcheck-20190930/ChangeLog000066400000000000000000000061241354437722000153240ustar00rootroot00000000000000Changes since 20190930: Marco d'Itri forked the original unmaintained code. Cleaned up the source code by updating obsolete language constructs and removing compatibility code for obsolete systemd. The documentation still needs to be updated to reflect most changes. Replaced "RBL" with "DNSBL" in user-visible messages. Added support for IPv6 DNSBLs. Added support for domain-based DNSBLs (URIBLs). Changes since 1.4: - Converted to automake/autoconf for configuration, which should make it easier to extend portability. - Added support for checking multiple addresses in one invokation. - Added support for reading addresses to check from standard input, by specifying an argument of '-'. - Updated sites.h to mesh with current reality (almost ALL of the sites listed had changed since the last update). Added a recommendation that distribution maintainers NOT enable any of the listings by default. - Converted documentation to docbook, with a script for automatically generating html, ps, and rtf formats. - Added an RPM spec file. Changes since 1.3: - Fixed output bug with some odd combinations of -q and -t. - Added T_TXT and PACKETSZ definitions in the event that some systems might not define them. - Fixed error with return values not matching the advertised values. - Fixed bug with rbl.dorkslayers.com's tendancy to use CNAMEs for everything. - Added support to dynamically grow the buffer used by res_query(), so that we can always support whatever the RBLs send back to us. - Minor documentation fixes. Changes since 1.2: - New feature: the ability to query multiple RBL-alike services in one invokation. - New command-line option: -l (list known RBL services) - New command-line option: -s (toggle an RBL service) - New command-line option: -c (clear the list of RBL services) - Compat-buster: formatting of the output has changed slightly, to accomodate multiple RBL services. The new output includes the name of the server currently being checked (ie. "RBL filtered by ..."), and there can be multiple outputs of "(not) RBL filtered by ...". - Added a very basic "install" target to the Makefile. - Some generalization of the code. Changes since 1.1: - a bunch of portability fixes, plus some minor code cleanup to make things a little more comfortable on multiple platforms. Should now compile on K&R-only systems, and on machines with wierd resolver libraries. Changes since 1.0: - clarified the procmail recipe in INSTALL to include some logic to prevent problems with local email if the system rblcheck is running on has actually been blacklisted. - Noticed a glaring error in QMail support: TCPREMOTEIP is NOT passed on to .qmail-executed programs. Damn. - added origip.c and origip.awk to obtain the sender's IP address from QMail headers. - added "docs" and "utils" directories to organize things a bit better. - added "extern int optind;" to make some platforms a little happier. - fixed compilation on NeXT. - added some useful usage output, and added a '-v' flag for version info. - added a '-t' flag for displaying of TXT RRs. rblcheck-20190930/INSTALL000066400000000000000000000173631354437722000146120ustar00rootroot00000000000000(For installation instructions which are specific to rblcheck, please see "docs/INSTALL".) Basic Installation ================== These are generic installation instructions. The `configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a `Makefile' in each directory of the package. It may also create one or more `.h' files containing system-dependent definitions. Finally, it creates a shell script `config.status' that you can run in the future to recreate the current configuration, a file `config.cache' that saves the results of its tests to speed up reconfiguring, and a file `config.log' containing compiler output (useful mainly for debugging `configure'). If you need to do unusual things to compile the package, please try to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release. If at some point `config.cache' contains results you don't want to keep, you may remove or edit it. The file `configure.in' is used to create `configure' by a program called `autoconf'. You only need `configure.in' if you want to change it or regenerate `configure' using a newer version of `autoconf'. The simplest way to compile this package is: 1. `cd' to the directory containing the package's source code and type `./configure' to configure the package for your system. If you're using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself. Running `configure' takes awhile. While running, it prints some messages telling which features it is checking for. 2. Type `make' to compile the package. 3. Optionally, type `make check' to run any self-tests that come with the package. 4. Type `make install' to install the programs and any data files and documentation. 5. You can remove the program binaries and object files from the source code directory by typing `make clean'. To also remove the files that `configure' created (so you can compile the package for a different kind of computer), type `make distclean'. There is also a `make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution. Compilers and Options ===================== Some systems require unusual options for compilation or linking that the `configure' script does not know about. You can give `configure' initial values for variables by setting them in the environment. Using a Bourne-compatible shell, you can do that on the command line like this: CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure Or on systems that have the `env' program, you can do it like this: env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure Compiling For Multiple Architectures ==================================== You can compile the package for more than one kind of computer at the same time, by placing the object files for each architecture in their own directory. To do this, you must use a version of `make' that supports the `VPATH' variable, such as GNU `make'. `cd' to the directory where you want the object files and executables to go and run the `configure' script. `configure' automatically checks for the source code in the directory that `configure' is in and in `..'. If you have to use a `make' that does not supports the `VPATH' variable, you have to compile the package for one architecture at a time in the source code directory. After you have installed the package for one architecture, use `make distclean' before reconfiguring for another architecture. Installation Names ================== By default, `make install' will install the package's files in `/usr/local/bin', `/usr/local/man', etc. You can specify an installation prefix other than `/usr/local' by giving `configure' the option `--prefix=PATH'. You can specify separate installation prefixes for architecture-specific files and architecture-independent files. If you give `configure' the option `--exec-prefix=PATH', the package will use PATH as the prefix for installing programs and libraries. Documentation and other data files will still use the regular prefix. In addition, if you use an unusual directory layout you can give options like `--bindir=PATH' to specify different values for particular kinds of files. Run `configure --help' for a list of the directories you can set and what kinds of files go in them. If the package supports it, you can cause programs to be installed with an extra prefix or suffix on their names by giving `configure' the option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. Optional Features ================= Some packages pay attention to `--enable-FEATURE' options to `configure', where FEATURE indicates an optional part of the package. They may also pay attention to `--with-PACKAGE' options, where PACKAGE is something like `gnu-as' or `x' (for the X Window System). The `README' should mention any `--enable-' and `--with-' options that the package recognizes. For packages that use the X Window System, `configure' can usually find the X include and library files automatically, but if it doesn't, you can use the `configure' options `--x-includes=DIR' and `--x-libraries=DIR' to specify their locations. Specifying the System Type ========================== There may be some features `configure' can not figure out automatically, but needs to determine by the type of host the package will run on. Usually `configure' can figure that out, but if it prints a message saying it can not guess the host type, give it the `--host=TYPE' option. TYPE can either be a short name for the system type, such as `sun4', or a canonical name with three fields: CPU-COMPANY-SYSTEM See the file `config.sub' for the possible values of each field. If `config.sub' isn't included in this package, then this package doesn't need to know the host type. If you are building compiler tools for cross-compiling, you can also use the `--target=TYPE' option to select the type of system they will produce code for and the `--build=TYPE' option to select the type of system on which you are compiling the package. Sharing Defaults ================ If you want to set default values for `configure' scripts to share, you can create a site shell script called `config.site' that gives default values for variables like `CC', `cache_file', and `prefix'. `configure' looks for `PREFIX/share/config.site' if it exists, then `PREFIX/etc/config.site' if it exists. Or, you can set the `CONFIG_SITE' environment variable to the location of the site script. A warning: not all `configure' scripts look for a site script. Operation Controls ================== `configure' recognizes the following options to control how it operates. `--cache-file=FILE' Use and save the results of the tests in FILE instead of `./config.cache'. Set FILE to `/dev/null' to disable caching, for debugging `configure'. `--help' Print a summary of the options to `configure', and exit. `--quiet' `--silent' `-q' Do not print messages saying which checks are being made. To suppress all normal output, redirect it to `/dev/null' (any error messages will still be shown). `--srcdir=DIR' Look for the package's source code in directory DIR. Usually `configure' can determine that directory automatically. `--version' Print the version of Autoconf used to generate the `configure' script, and exit. `configure' also accepts some other, not widely useful, options. rblcheck-20190930/Makefile.am000066400000000000000000000032431354437722000156050ustar00rootroot00000000000000## Process this file with automake to produce Makefile.in auxdir = @ac_aux_dir@ AUX_DIST = $(auxdir)/install-sh $(auxdir)/missing $(auxdir)/mkinstalldirs noinst_HEADERS = sites.h bin_PROGRAMS = rblcheck rblcheck_SOURCES = rblcheck.c bin_SCRIPTS = rbl XFAIL_TESTS = TESTS = tests/clearlist tests/addlisting tests/removelisting $(XFAIL_TESTS) # We don't include README.ALPHA or bootstrap here, so we don't include them # in a "make distcheck". Since all tests are shell scripts, we're including # the full list verbatim. EXTRA_DIST = \ rbl.in \ config/install-sh \ config/missing \ config/mkinstalldirs \ config/rblcheck.spec \ config/rblcheck.spec.in \ config/pkginfo.in \ utils/README \ utils/test_origip.sh \ utils/test_rblcheck.sh \ utils/dns/Makefile \ utils/dns/dump.c \ utils/qmail/Makefile \ utils/qmail/origip.awk \ utils/qmail/origip.c \ utils/sendmail/origip.pl \ $(TESTS) SUBDIRS = docs . MAINTAINERCLEANFILES = Makefile.in aclocal.m4 configure config.h.in stamp-h.in \ $(AUX_DIST) DISTCLEANFILES = config/rblcheck.spec config/pkginfo CLEANFILES = config/Prototype rbl ACLOCAL = aclocal -I $(auxdir) # Build a Solaris package. solarispkg: $(bin_PROGRAMS) test -x /usr/bin/pkgproto test -x /usr/bin/pkgmk $(MAKE) DESTDIR=`pwd`/$(distdir) install echo 'i pkginfo' > config/Prototype pkgproto $(distdir)/usr \ | sed -e "s, $(distdir), ," >> config/Prototype pkgmk -d config -f config/Prototype -r $(distdir) pkgtrans config ../$(distdir).pkg rblcheck rm -rf $(distdir) config/rblcheck rbl: rbl.in rm -f $@ $@.tmp sed -e 's,@bindir\@,$(bindir),g' \ -e 's,@sysconfdir\@,$(sysconfdir),g' $< >$@.tmp chmod +x $@.tmp mv $@.tmp $@ rblcheck-20190930/README000066400000000000000000000032351354437722000144320ustar00rootroot00000000000000rblcheck - Command-line interface to DNSBL-style filters. Copyright (C) 1997, 1998, 1999, 2000, 2001 Edward S. Marshall Copyright (C) 2019 Marco d'Itri This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ------------------------------------------------------------------------------- This program is a very basic interface to DNS listings such as the DNSBL filter operated by the MAPS project. The basic idea of the filter is that when someone is listed (for example, a blacklist for email abusers), a new domain name is resolved of the form "2.0.0.127.domain.name.com", where 2.0.0.127 is the abusive IP address in reverse (for example, 2.0.0.127 would be the IP address 127.0.0.2), and "domain.name.com" is the base domain name of the filtering service (such as "blackholes.mail-abuse.org", for the MAPS project DNSBL filter). To learn how to build this program, please read docs/INSTALL. Seriously. Make sure to check the default lists of DNSBLs in the "sites.h" file. The official home for rblcheck is https://github.com/rblcheck/whois/issues . rblcheck-20190930/autogen.sh000077500000000000000000000003251354437722000155500ustar00rootroot00000000000000#!/bin/sh set -e test -z "$SRCDIR" && SRCDIR=`dirname "$0"` test -z "$SRCDIR" && SRCDIR=. autoreconf --install if test -z "$NOCONFIGURE"; then echo "Running $SRCDIR/configure $@" "$SRCDIR/configure" $@ fi rblcheck-20190930/config/000077500000000000000000000000001354437722000150145ustar00rootroot00000000000000rblcheck-20190930/config/pkginfo.in000066400000000000000000000004461354437722000170050ustar00rootroot00000000000000PKG="@PACKAGE@" NAME="@PACKAGE@" VERSION="@VERSION@" ARCH="sparc" CATEGORY="system" DESC="A command-line interface to rbl-style services." VENDOR="http://rblcheck.sourceforge.net/" EMAIL="rblcheck-users@lists.sourceforge.net" ISTATES="S s 1 2 3" RSTATES="S s 1 2 3" BASEDIR="/" PSTAMP=20010403 rblcheck-20190930/config/rblcheck.spec.in000066400000000000000000000015331354437722000200540ustar00rootroot00000000000000Name: rblcheck Summary: A command-line interface to RBL-style listings. Version: @VERSION@ Release: 1 Source: http://download.sourceforge.neta/%{name}/%{name}-%{version}.tar.gz Group: Applications/Internet Copyright: GPL URL: http://rblcheck.sourceforge.net/ BuildRoot: /var/tmp/%{name}-root Prefix: %_prefix %description rblcheck is a very basic interface to RBL-style DNS listings such as those operated by the MAPS (http://www.maps.org/) and ORBL (http://www.orbl.org/) projects. %prep %setup -q %build %configure make %install rm -rf $RPM_BUILD_ROOT %makeinstall %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %doc AUTHORS ChangeLog INSTALL NEWS README COPYING %doc docs/rblcheck.ps docs/rblcheck.rtf docs/html/ %{_bindir}/rbl %{_bindir}/rblcheck %changelog * Mon Apr 2 2001 Edward S. Marshall - Created this RPM spec. rblcheck-20190930/configure.ac000066400000000000000000000020351354437722000160350ustar00rootroot00000000000000dnl Process this file with autoconf to produce a configure script. AC_INIT(rblcheck, 20190930, , rblcheck, https://github.com/rfc1036/rblcheck) AC_CONFIG_SRCDIR(rblcheck.c) AC_CONFIG_AUX_DIR(build-aux) AM_INIT_AUTOMAKE(foreign -Wall) AM_MAINTAINER_MODE dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL dnl Checks for header files. AC_CHECK_HEADERS(getopt.h) dnl Figure out where to get res_query from. First, see if it's in the dnl C library (Linux, and probably a few others). Then, check libbind dnl (generally, if you've installed bind 8, you're going to want to use dnl the new library). Finally, check for libresolv (which should exist dnl on most systems). AC_CHECK_FUNC([res_query], [], [ AC_CHECK_LIB([resolv],[res_query], [], [ AC_CHECK_LIB([resolv],[__res_query], [], [ AC_CHECK_LIB([bind],[res_query], [], AC_MSG_ERROR(cannot locate res_query function))])])]) AC_CHECK_FUNCS(getaddrinfo) AC_CONFIG_HEADERS(config.h) dnl All done. AC_CONFIG_FILES( Makefile docs/Makefile config/rblcheck.spec config/pkginfo ) AC_OUTPUT rblcheck-20190930/docs/000077500000000000000000000000001354437722000144775ustar00rootroot00000000000000rblcheck-20190930/docs/INSTALL000066400000000000000000000060341354437722000155330ustar00rootroot00000000000000This is a placeholder for an older file which is still referenced from the README files all over the place. A transition to SGML-based documentation is under way. Refer to the file rlbcheck.sgml in this directory. If you have downloaded the CVS source tree, the installation instructions in the SGML file will not suffice, though. What follows is a brief stopgap-type installation manual, which explains how to build a distribution from the CVS source tree. This assumes you are vaguely familiar with Autoconf and related systems. The distribution tarball doesn't require these tools to build, and comes with a ready-made copy of the ./configure script. If you're not curious and/or do not wish to work with the sources, just grab the distribution tarball and install from that. Here's what you need to build from the CVS sources: 0. Disregard any mention of docs/INSTALL and ./configure in the "real" instructions for the time being. 1. In the root directory, run ./bootstrap This will run various auto-configuration tools. If you don't have autoconf and automake, you will have insurmountable problems. Nevertheless, if you want to understand whats going on, here's a brief explanation. aclocal will create ./aclocal.m4 for autoconf, based on the contents of configure.in. autoheader will create config.in based on the contents of acconfig.h and configure.in. automake will generate Makefile.in from Makefile.am. autoconf, finally, will generate the ./configure shell script, based on the contents of configure.in and aclocal.m4. You can try your luck with the config/missing script if you don't have exactly the needed tools. Here's a crude schematic of the dependencies of these files: Makefile.am ------> Makefile.in ----------> Makefile \ / ,> configure.cache aclocal ---> aclocal.m4 ---> configure -----> config.status / \ `> config.log configure.in \ >-----> config.in ------------> config.h acconfig.h ------> stamp-h.in -----------> stamp-h Also, some other files ending in .am or .in are source files for other generated files; .am is used by automake to generate the corresponding .in, file, and .in files are used by autoconf to generate the actual target files. See also the Autoconf and Automake Info documentation. 2. In the root directory, edit sites.h. All services are disabled by default, so you will end up with a useless piece of binary unless you enable at least some of the services in this file. 3. Now, you can proceed to follow the instructions in ./INSTALL To wit, run ./configure with the options you like, then make, then make install. If you run into any trouble, please file a bug report. This software is provided in this state in the hope that it will be useful, but we think it would be more useful still if any problems are reported back to the authors. Thanks for contributing! rblcheck-20190930/docs/Makefile.am000066400000000000000000000025001354437722000165300ustar00rootroot00000000000000docdir = $(datadir)/docs EXTRA_DIST = rblcheck.sgml DISTCLEANFILES = rblcheck.ps rblcheck.rtf rblcheck.tex html/*.html MAINTAINERCLEANFILES = Makefile.in html/index.html: rblcheck.sgml -srcdir=`cd $(srcdir) && pwd`; \ db2html $$srcdir/rblcheck.sgml -mv rblcheck html rblcheck.ps: rblcheck.sgml -srcdir=`cd $(srcdir) && pwd`; \ db2ps $$srcdir/rblcheck.sgml rblcheck.rtf: rblcheck.sgml -srcdir=`cd $(srcdir) && pwd`; \ db2rtf $$srcdir/rblcheck.sgml dist-hook: html/index.html rblcheck.ps rblcheck.rtf -$(mkinstalldirs) $(distdir)/html -cp $(srcdir)/html/*.html $(distdir)/html -cp $(srcdir)/rblcheck.ps $(distdir)/rblcheck.ps -cp $(srcdir)/rblcheck.rtf $(distdir)/rblcheck.rtf distclean-local: -rmdir html install-data-local: html/index.html rblcheck.ps rblcheck.rtf -for file in $(srcdir)/*.html; do \ basefile=`echo $$file | sed -e 's,^.*/,,'`; \ $(INSTALL_DATA) $$file $(DESTDIR)$(docdir)/$$basefile; \ done -$(INSTALL_DATA) $(srcdir)/rblcheck.ps $(DESTDIR)$(docdir)/rblcheck.ps -$(INSTALL_DATA) $(srcdir)/rblcheck.rtf $(DESTDIR)$(docdir)/rblcheck.rtf uninstall-local: -for file in $(srcdir)/html/*.html; do \ basefile=`echo $$file | sed -e 's,^.*/,,'`; \ rm -f $(docdir)/html/$$basefile; \ done -rm -f $(docdir)rblcheck.rtf -rm -f $(docdir)rblcheck.ps -rm -f $(docdir)rblcheck.sgml -rmdir $(docdir)/html rblcheck-20190930/docs/rblcheck.sgml000066400000000000000000002401411354437722000171420ustar00rootroot00000000000000 rblcheck A command-line interface to RBL-style listings Edward S. Marshall 2001 Edward S. Marshall Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in . rblcheck Manual About rblcheck rblcheck is a very basic interface to RBL-style DNS listings such as those operated by the MAPS and ORBS projects. The general idea behind RBL-style listings is rapid lookup of IP addresses using DNS (for example, for blacklisting IP addresses because of abuse). Each IP address is reversed and has a domain name attached to it; for example, the IP address 127.0.0.2 would become 2.0.0.127, and then a domain such as "relays.visi.com" would be added to it. You would then try to resolve the result (ie. 2.0.0.127.relays.visi.com); if you receive a positive reply, then you know that the address is listed. Further information can also be queried, such as text descriptions of why the address was listed. rblcheck is licensed under the terms of the GNU General Public License, a free software license. Building
Supported Platforms I currently perform a manual build and test of rblcheck on the following platforms prior to each release: Red Hat Linux 7.0/Intel Debian GNU/Linux 2.2r2/Intel Sun Solaris 7/SPARC I speculate that most releases will compile on the following platforms: Sun SunOS 4.x Sun Solaris 2.x/7/8 IBM AIX 4.3.3 BSDI BSD/OS 2.x/3.x/4.x FreeBSD 2.x/3.x/4.x Compaq Digital UNIX/Tru64 4.0x Hewlett-Packard HP/UX 10.x/11.x Most versions of Linux (libc5- and glibc-based) Almost any relatively POSIX platform with a resolver library.
Compiling Before building rblcheck, edit the file sites.h for the listings you wish to check against (to un-comment a listing, remove the /* and */ around the SITE(...) line). To compile rblcheck, just run ./configure in the main directory, followed by make when the first command is complete. To make sure that what you now have works correctly, run make check; make sure that you have an Internet connection handy when you do, or a large number of the tests will produce (non-fatal) failures. When you are done, you can type make install to install the software (by default, everything will be installed in /usr/local. For more details on how the configure command works, please see the file INSTALL in the main directory, which has a complete breakdown of all of your options.
Note to developers You may have received the version of rblcheck that you're currently working from via a nightly CVS snapshot (the file you downloaded would likely have been called rblcheck-20020101.tar.gz or something similar), or you might have downloaded a version of the source directly from the CVS tree. The most distinguishing feature of these developer-only versions is the lack of a configure script in the main distribution directory, and the presense of a bootstrap script instead. These releases are not for the faint of heart, and you may very well be unable to build them without a bit of work. As a matter of fact, the documentation you're reading right now may not even apply to one of these experimental versions. If you are not building a development release, you do NOT need to read this section, as none of these instructions apply to you. Please read for instructions on how to build a normal rblcheck release. And with that out of the way, welcome to rblcheck development! You will need a number of utilities to build a development release, above and beyond the usual build requirements: Autoconf 2.13 Automake 1.4 docbook-tools 0.6.8 (the Red Hat RPM package identifies itself as docbook-utils, other distributions may name the package differently, if they include it at all) Autoconf and automake are tools which make cross-platform development easier by automatically checking for issues related to particular platforms. The basic idea is to ensure that even though the primary developers of a piece of software may not have access to a wide range of platforms, the chances of a successful "out of the box" build will still work. The reality is a little different, of course, but it works relatively well. If this sounds like your cup of tea, you might be interested in reading the definitive book on GNU Autotools: GNU Autoconf, Automake, and Libtool. The docbook-tools package is required for building multiple formats of the documentation included with rblcheck. The documentation is written entirely in SGML (Docbook 4.1), and is located in the file docs/rblcheck.sgml. Once you've verified that you have these installed, you'll need to run ./bootstrap from the main rblcheck source directory, which will create a number of the files you need to complete the build. At this point, you should follow the usual instructions for building the application (see ).
Note to distributors and packagers If you're distributing a pre-built version of rblcheck for your users, I strongly recommend leaving everything in sites.h commented out. The ability to add sites there was only added as a convenience feature for people building a personal copy for their own use, and was never intended to be used to pre-set policy for people using pre-packaged versions. Over the years, there has been a great deal of volatility in the RBL listing "market"; even the venerable MAPS RBL is no longer publically available without making special arrangements. Therefore, along with those pre-defined lists of RBL services is built-in obsolescence. As a side-note, I don't make new releases just to update the sites.h file, and at some point in the future, I'll probably stop seeding it with suggestions. As the package maintainer, you're taking on the burden of keeping that up-to-date. Do you really want that hassle, or would it just be easier to point your users at a list of RBL services that is up-to-date (see the rblcheck homepage for links to several current listings)? You're also making life a more difficult for the user; users will come to depend on that pre-built list of sites. What happens when, by necessity, you need to change that built-in list (because some listings are no longer available, or because new ones are now online)? Your users will very likely complain about the change in behavior, and rightly so. Even worse, what does the user do when they disagree with your selection of services? Recompile from source (which defeats the purpose of providing them with a pre-compiled binary in the first place)? Let them pick their own listings. You and your users will be much happier. If you feel that you just can't release rblcheck without a built-in list, may I suggest using the global rblcheckrc which the rbl script uses? At least that way, the end user can change your pre-selections on their own, without having to build from source.
Using
rblcheck basics The program has several command line options: Display only listed addresses, if none is listed then there is no output. Display, if available, a textual description of why the site was originally placed in a particular listing. Stop checking listings after the first successful match of any IP address against any listing. List the currently defined RBL listings. By default, rblcheck has no pre-defined listings; you can change this behavior by editing the file sites.h as described in . Clear the list of defined RBL listings. This is handy if you don't want to use the default listings added by the installation of rblcheck on your system. <service> Toggle a service in the list of defined RBL listings. , Get help about rblcheck. Display the version of rblcheck. You can check multiple addresses at once, to make life a little easier with scripts; just add additional addresses on the command line after all of the options. By specifying an address of "-", rblcheck will read from stdin and perform a lookup on every line of input (if it is a valid IP address).
Return codes When invoked, rblcheck returns either 0 (to indicated error, or that the address was not in any of the listings), or a positive number (indicating the number of listings that the IP address was found in).
Verifying your installation To verify that the program is working after you've compiled it, try the following test: $ ./rblcheck -s relays.ordb.org 127.0.0.1 127.0.0.1 not RBL filtered by relays.ordb.org $ ./rblcheck -s relays.ordb.org 127.0.0.2 127.0.0.2 RBL filtered by relays.ordb.org If you see any other result than the above, then something has gone wrong; please see below about reporting bugs and finding help.
The rbl wrapper A recent addition to the rblcheck package is the rbl shell script, which is a simple wrapper around rblcheck, with one special feature: it will read a global rblcheckrc (usually in /etc or /usr/etc), and then a .rblcheckrc from the current user's home directory. These files can contain any of the usual rblcheck command-line arguments (see ), but are most useful for setting the most common RBL-style listings you use day-to-day. For example, your personal .rblcheckrc might contain: -t -m -c -s relays.ordb.org -s relays.visi.com -s some.future.rbl.listing Please note that for mail filtering, or any performance-sensitive use, you should use rblcheck directly, to avoid adding additional latency to the process. rbl is mainly intended as a convenience tool for interactive use.
Third-Party Software rblcheck works well as a command-line tool for performing lookups, but it also serves an important role working with other software, such as mail servers and email filtering programs.
Procmail rblcheck was really designed to be used with procmail, as long as you have access to the IP address of the system sending you email. Surprisingly, most MTAs make obtaining this information more difficult than it needs to be. The procmail rule I present here assumes you've found some way to put the IP address of the sender in the variable TCPREMOTEIP. See the sections below on Sendmail and QMail for ideas on how you can get ahold of this value. The following procmail rule will, once you have TCPREMOTEIP, use rblcheck to look up the IP address in the built-in filters: :0 * ! ? if [ -n "$TCPREMOTEIP" ]; then rblcheck -q "$TCPREMOTEIP"; fi { EXITCODE=100 LOGABSTRACT=all LOG="Filter: RBL-filtered address: \"$TCPREMOTEIP\" " :0: $FILTER_FOLDER } FILTERFOLDER is assumed to have been set up ahead of time as the place to put email that you don't want to see (either another incoming folder, /dev/null, or a 'formail' invokation that rewrites the message and tacks on an extra header or munges the subject so you can easily identify it. Note that EXITCODE above is for QMail, and indicates a permanent error. Under Sendmail, 77 is more appropriate. Under anything else, it's hard to say; your best bet is to refer to the documentation regarding execution of programs. One more thing: procmail has a nasty habit of munging the environment, but most MTAs already do this for you. Hence, you should add the '-p' flag to the invokation of procmail (either from a local delivery rule in Sendmail, or from a .forward or .qmail file). This will ensure that procmail doesn't clean out the value of TCPREMOTEIP. To test the procmail recipe: Save any mail message, with full headers, to a file. Run procmail with the environment variable TCPREMOTEIP set to an offending address, and with the message you just saved as input: cat message | env - TCPREMOTEIP=127.0.0.2 procmail -p Check your procmail log and mailbox. If the message went through, you have a problem. If you have a message in your logfile stating that the message was bounced for being in the RBL, you're fine. Run procmail with the environment variable TCPREMOTEIP set to a non-filtered address, such as 127.0.0.1, and with the message as input: cat message | env - TCPREMOTEIP=127.0.0.1 procmail -p Check your procmail log and mailbox. If the message didn't go through, you have a problem. If you have a copy of the message in your mailbox, and no errors in your log file, you're fine.
Sendmail This solution for obtaining the IP address of the connecting host could be considered to be a bit of a hack, but it works quite reliably. If you're an ordinary user on your system, you won't be able to use this; talk to your system administrator about the possibility of installing the sendmail.cf patch below. Point them at this file as a source of information. Currently, in your sendmail.cf file, you'll probably have something like: Mlocal, P=/bin/mail, F=lsDFMAw5:/|@SnE, S=10/30, R=20/40, T=DNS/RFC822/X-Unix, A=mail -f $g -d $u Or, if you're using procmail as the local delivery agent: Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@ShPfn, S=10/30, R=20/40, T=DNS/RFC822/X-Unix, A=procmail -a $h -d $u This is the local delivery rule used to execute .forward scripts. Your system might use something like rsh or another restricted shell instead of sh for running programs. Don't let that scare you; they all basically work the same. Change the above lines to look like this (there will also be Mprog lines which look similar; you can modify them in exactly the same manner): Mlocal, P=/usr/bin/env, F=lsDFMAw5:/|@SnE, S=10/30, R=20/40, T=DNS/RFC822/X-Unix, A=env TCPREMOTEIP="${client_addr}" mail -f $g -d $u (replacing "mail -f $g -d $u" with "procmail -a $h -d $u" appropriately.) ONLY change the P=... and A=... entries. Most certainly do not mess with F=... unless you know what you are doing. This will create an environment variable TCPREMOTEIP, which you can now use with rblcheck to determine if the address has been blocked. To test this, set up an alias like: foo: |mailx -s "$TCPREMOTEIP" user@domain.com Then, send email to the alias "foo" (or whatever). You should immediately get a piece of email with the IP address which sent the message in the subject line. (Replace mailx with mail on some systems.) This is about the most efficient means of getting this information to executed programs that I can see with sendmail. What would -really- be nice here would be a way to program how Sendmail sets up the environment before executing an external program, at the point of execution. Bug the Sendmail developers if you agree with me. ;-)
QMail Getting this going under QMail turns out to be a real challenge, since QMail doesn't have the same level of programmability that Sendmail has. Hence, we need to employ an additional script to grab the IP address from the headers. (Thanks to Russell Nelson for confirming QMail's behavior here.) QMail has a very specific means of adding Received: lines to messages, making them relatively easy to parse. For example, the following headers are typical: Return-Path: <emarshal@xnet.com> Delivered-To: emarshal@LOGIC.NET Received: (qmail 26029 invoked from network); 13 Oct 1997 15:04:13 -0000 Received: from quake.xnet.com (HELO mail.xnet.com) (198.147.221.35) by labyrinth.logic.net with SMTP; 13 Oct 1997 15:04:13 -0000 We can disregard the Return-Path: and Delivered-To: lines; they're unimportant to us. The Received: headers are the most interesting. The first Received: line we'll see is the local delivery of the mail; hence, the "qmail 2609 invoked from network". The second Received: line is the most important to us; it's the one which contains the IP address of the sender...in this case, 198.147.221.35. To complicate things, the "(HELO mail.xnet.com)" section may not exist, and the IP address might have ident information prepended to it (like "qmailr@198.147.221.35"). Two programs are provided to help you retrieve this information automatically from the headers, both with the same semantics. "origip.c" compiles into "origip", and for those who have trouble compiling it (if you do, please email me with any errors), "origip.awk" is provided which behaves the same way. Essentially, you pass either of these programs an email message, and they in turn extract the sending address and either print it back to you, or exit with a non-zero return value. To use this in procmail, just use: TCPREMOTEIP=`origip || echo 127.0.0.1` This will pipe the message through origip (replace origip with "origip.awk" in the case of using the awk script), and will capture the address. If there is an error, we'll default to 127.0.0.1, which will allow the mail through. (If you're undecided which program of the two you want to use, consider that the C version is much faster, and will be maintained more than the awk script. However, the C version is probably more prone to bugs. ;-) Once you have that line in place, go ahead and use the procmail recipe supplied above in good health.
inetd and smtpd If you use an smtp server which runs from inetd (sendmail can operate this way, as can QMail and a number of other MTAs), here's a good way to do site-wide filtering using rblcheck; add the following to /etc/hosts.allow: smtpd: ALL: spawn /usr/local/bin/rblcheck -q %a && \ exec /usr/local/bin/smtpd || /bin/echo \ "469 Connection refused. See http://maps.vix.com/rbl/\r\b\r\n" This gives you RBL support on a site-wide basis, even if native support doesn't yet exist for your MTA of choice. This assumes that your inetd has support for tcp_wrappers checks; many Linux variants fall into this category, but other platforms may differ. A word of warning, however: there are a number of very good reasons to not run a production mail server from inetd, which I won't elaborate on here. You might want to investigate more secure and reliable alternatives, such as tcpserver from D. J. Bernstein's excellent daemontools package.
Other Software Don't ask me. If you figure out a way to make this work under another setup, let me know how you did it, and I'll add it here. If you find better ways of doing this than the ones I'm using above, let me know too, and you'll see your idea show up in here in the next release.
Future
To Do There are a number of enhancements to rblcheck that are up for consideration, in no particular order. Patches for any of the below will earn you fame, fortune, and a warm fuzzy feeling for having made the world a better place. ;-) Follow CNAMEs from rblcheck(). This will let us get at the eventual TXT RRs for a domain name. Optional support for adns. Timeout option. Should default to no timeout, but apparently there is an issue with rblcheck hanging in an offline environment where the nameserver in use is located off-site. This would compensate for the misconfiguration, and provide a 'quick-fail' mode for people to play with. I'm still not entirely convinced that this should be rblcheck's problem, though; using a local cache like dnscache from djbdns seems like a much more reliable solution to what is a general misconfiguration. (from Aaron Schrab aaron@schrab.com, era eriksson era@iki.fi, and torben fjerdingstad tfj@fjerdingstad.dk) Add the ability to only list successful matches, and add a debug mode which outputs what is happening internally, and any errors received. This could be best implemented with a '-v X' option, where 'X' is a number between 0 and 9 (0 being silent, 4 being default/ordinary output, 9 displaying heavy debugging info). Add an option to display the PTR address returned by the original query, prior to following it. (from Craig Callender craig@mosquitonet.com) Add the ability to specify a particular PTR address; for example, when performing a lookup in ORBS, allow for matching against only a specific returned address (such as 127.0.0.2). Perhaps allow a list of these matches. The question is: is this better implemented here, or in the caller via a filter (after the display of PTR addresses is added)?
...or Not To Do? These are the features that you'll never see in the version of rblcheck that I produce (rblcheck is GPL; you're free to produce your own version if this doesn't suit you well), and the rationale behind why not. I'm hoping that the explainations will make sense, but I'm always open to criticism if you feel my logic is flawed. Support for doing lookups of FQDNs This is a futile method of checking whether a particular system is blackholed; if the originating system has control of reverse DNS for their IP space, they can make their IP address resolve to anything they want, such as system.network.com. If rblcheck were to do a lookup on that, "system.network.com" might resolve to anything (such as "127.0.0.1, which will always pass with every currently known RBL-based blacklist). A compromise that I've considered would be similar to TCP Wrapper's system of multiple lookups: take the IP address, look up the reverse, then resolve the reverse to an IP address. If both lookups match, then proceed, otherwise exit with a failure. I'd consider integrating code from someone who implemented this behavior. (A note for the confused: some people might mistake this for my saying that a tool for looking up hosts in DNSBL listings (a means of looking up originating domains in a blacklist, much like the RBL) isn't a good idea. On the contrary, I'd like to see a complimentary dnsblcheck to go along with rblcheck. The problem I have is specifically with resolving the name to an IP address for use by an RBL lookup tool.) Return codes that identify a particular blacklist This took a while to convince me it was wrong. Here are the questions I went over when deciding against this: What do you do with your scripts when the blacklist order changes, or new blacklists appear (assuming a dynamic assignment of identifiers)? If you hard-code a number for each and every blacklist, who becomes responsible for being a registry for those numerical identifiers? What happens to already-assigned values when blacklists shutdown or change incompatibly? How do you scale beyond 256 RBL services? With the advent of software such as rbldns (a part of the djbdns package which allows anyone to host an RBL-style service), and with nearly a dozen OsiruSoft domains alone, does this limitation seem reasonable? How do you report multiple matches with a return code, when the return code can only hold one number? Some of these can be solved, but not cleanly; you'll need no end of special cases to accomodate them. Integrated scanning of email and similar features This is a question of UNIX philosophy: design one tool for one task, and do it well. There are plenty of far more powerful text parsing tools available which are more appropriate for the job (email parsing is easily handled by tools such as formail, general text parsing is better suited by tools such as sed, awk, perl, python, etc), and they can do a much better job than something that I could integrate into rblcheck while still maintaining a small footprint.
Notes on origip Not convinced that you should use the C version of origip? Here's some data (using test_origip.sh as a testbed) which definitely speaks volumes: With origip.awk: 18.60user 22.46system 0:43.59elapsed 94%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (102172major+51041minor)pagefaults 0swaps With origip.c: 13.16user 19.41system 0:33.73elapsed 96%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (71381major+46044minor)pagefaults 0swaps 10 seconds faster, 3 seconds less system time used, 5 seconds less user time, and over 30,000 less page faults. In other words: a LOT easier on the box you'll be running this on. This test was run on a little under 600 messages, from various mailing lists and private messages, on a Linux 2.0.31 system. Reporting Problems All software has bugs, and rblcheck has a place for you to report them if you believe you've found one. (Bug tracker) If you have a SourceForge account already, please log in before reporting a bug so that you can be notified of changes. Credits Thanks, kudos, and other good stuff go to: Paul Vixie paul@vix.com For the original RBL, a fantastic tool for the prevention of spam. Often duplicated, never repeated, and all that jazz. The MAPS Project A great gathering point for protection services regarding email. Everyone there should be given a pat on the back for the thankless hours they put into maintaining an excellent resource for everyone. Stephen R. van den Berg srb@cuci.nl For writing Procmail, a nifty little mail filtering tool. While certainly not the only place to use rblcheck, it's certainly one of the more useful. Dire Straits For writing good music to write code to. ;-) I wonder if spam qualifies as a symptom of industrial disease? ...and a cast of thousands: Russell Nelson nelson@crynwr.com Frank Tegtmeyer fte@iqweb.de Anders Eriksson aer@cdt.luth.se Kevin Kadow kadokev@ripco.com Ronald F. Guilmette rfg@monkeys.com era eriksson era@iki.fi Ophir Ronen ophir@internap.com Brian Willoughby brianw@sounds.wa.com Jeff A. Earickson jaearick@colby.edu Gerald Pfeifer pfeifer@dbai.tuwien.ac.at Pat Myrto pat@rwing.COM William Yang wyang@freenet.columbus.oh.us Dougal Campbell dougal@advicom.net Jason Gunthorpe jgg@gpu.srv.ualberta.ca Timothy J Luoma luomat@peak.org Adam Shand larry@alaska.net Andrew Kelley kelleya@dimensional.com Thomas Meyer tmeyer@ifi.unizh.ch Jonathan Bradshaw jonathan@NrgUp.Com Jacques Distler distler@golem.ph.utexas.edu Harlan Stenn Harlan.Stenn@pfcs.com Marco d'Itri md@Linux.IT Appendixes Version 2, June 1991 2000 Free Software Foundation, Inc.
Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. GNU General Public License Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software - to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: copyright the software, and offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION Section 0 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a work based on the Program means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term modification.) Each licensee is addressed as you. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. Section 1 You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Section 2 You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. Exception: If the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. Section 3 You may copy and distribute the Program (or a work based on it, under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. Section 4 You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. Section 5 You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. Section 6 Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. Section 7 If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. Section 8 If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. Section 9 The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. Section 10 If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY Section 11 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. Section 12 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Version 1.1, March 2000 2000Free Software Foundation, Inc.
Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. GNU Free Documentation License 0. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document free in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of copyleft, which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. 1. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The Document, below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as you. A Modified Version of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A Secondary Section is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The Invariant Sections are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The Cover Texts are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Transparent copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not Transparent is called Opaque. Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The Title Page means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, Title Page means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. 2. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. 3. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. 4. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C State on the Title Page the name of the publisher of the Modified Version, as the publisher. D Preserve all the copyright notices of the Document. E Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H Include an unaltered copy of this License. I Preserve the section entitled History, and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled History in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the History section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K In any section entitled Acknowledgements or Dedications, preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M Delete any section entitled Endorsements. Such a section may not be included in the Modified Version. N Do not retitle any existing section as Endorsements or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled Endorsements, provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version . 5. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled History in the various original documents, forming one section entitled History; likewise combine any sections entitled Acknowledgements, and any sections entitled Dedications. You must delete all sections entitled Endorsements. 6. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and dispbibute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. 7. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an aggregate, and this License does not apply to the other self-contained works thus compiled with the Document , on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. 8. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. 9. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 10. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See http://www.gnu.org/copyleft/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License or any later version applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. Addendum To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page:
Copyright © YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled GNU Free Documentation License.
If you have no Invariant Sections, write with no Invariant Sections instead of saying which ones are invariant. If you have no Front-Cover Texts, write no Front-Cover Texts instead of Front-Cover Texts being LIST; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. rblcheck-20190930/rbl.in000066400000000000000000000002371354437722000146600ustar00rootroot00000000000000#!/bin/sh @bindir@/rblcheck ` [ -f "@sysconfdir@/rblcheckrc" ] && cat "@sysconfdir@/rblcheckrc"; [ -f "$HOME/.rblcheckrc" ] && cat "$HOME/.rblcheckrc"` $* rblcheck-20190930/rblcheck.c000066400000000000000000000332741354437722000155010ustar00rootroot00000000000000/* ** rblcheck - Command-line interface to RBL-style filters. ** ** Copyright (C) 1997, 1998, 1999, 2000, 2001, ** Edward S. Marshall ** ** Copyright (C) 2019 Marco d'Itri . ** ** This program is free software; you can redistribute it and/or modify ** it under the terms of the GNU General Public License as published by ** the Free Software Foundation; either version 2 of the License, or ** (at your option) any later version. ** ** This program is distributed in the hope that it will be useful, ** but WITHOUT ANY WARRANTY; without even the implied warranty of ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ** GNU General Public License for more details. ** ** You should have received a copy of the GNU General Public License ** along with this program; if not, write to the Free Software ** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #ifdef HAVE_GETOPT_H #include #endif /*-- LOCAL DEFINITIONS ------------------------------------------------------*/ #define RESULT_SIZE 4096 /* What is the longest result text we support? */ /*-- GLOBAL VARIABLES -------------------------------------------------------*/ /* Simple linked list to hold the sites we support. See sites.h. */ struct rbl { char *site; struct rbl *next; }; /* Name the program was invoked as. */ const char *progname; /* Global options. */ struct opts { struct rbl *rblsites; struct rbl *uribls; int firstmatch; int quiet; int txt; }; /*-- PROTOTYPES -------------------------------------------------------------*/ void *do_nofail(void *, const char *, const int); void version(void); void usage(void); struct rbl *togglesite(const char *, struct rbl *); char *rblcheck_ip(const char *, char *, int); char *rblcheck_domain(const char *, char *, int); char *query_dns(const char *, const int); int is_domain(const char *); int full_rblcheck(char *, struct opts *); /*-- FUNCTIONS --------------------------------------------------------------*/ void *do_nofail(void *ptr, const char *file, const int line) { if (ptr) return ptr; fprintf(stderr, "Memory allocation failure at %s:%d.", file, line); exit(-1); } #define NOFAIL(ptr) do_nofail((ptr), __FILE__, __LINE__) /* version() * Display the version of this program back to the user. */ void version(void) { fprintf(stderr, "%s %s\nCopyright (C) 1997, 1998, 1999, 2000, 2001 Edward S. Marshall\n" "Copyright (C) 2019 Marco d'Itri\n", PACKAGE, VERSION); } /* usage() * Display how to use this program back to the user. */ void usage(void) { version(); fprintf(stderr, "Usage: %s [-qtlcvh?] [-s ]
[
... ]\n\ \n\ -q Quiet mode; print only listed addresses\n\ -t Print a TXT record, if any\n\ -m Stop checking after first address match in any list\n\ -l List default DNSBL services to check\n\ -c Clear the current list of DNSBL services\n\ -s Toggle a service to the DNSBL services list\n\ -h, -? Display this help message\n\ -v Display version information\n\
An IP address to look up; specify '-' to read multiple\n\ addresses from standard input.\n", progname); } /* togglesite() * This function takes the name of the site, and either adds it to the * list of sites to check, or removes it if it already exists. */ struct rbl *togglesite(const char *sitename, struct rbl *sites) { struct rbl *ptr; struct rbl *last = NULL; size_t sitelen; sitelen = strlen(sitename); for (ptr = sites; ptr != NULL; last = ptr, ptr = ptr->next) { if ((strlen(ptr->site) == sitelen) && (!strcmp(ptr->site, sitename))) { if (last) last->next = ptr->next; else sites = ptr->next; free(ptr->site); free(ptr); return sites; } } ptr = NOFAIL(malloc(sizeof(struct rbl))); if (last) last->next = ptr; else sites = ptr; ptr->site = NOFAIL(malloc(sitelen + 1)); strcpy(ptr->site, sitename); ptr->next = NULL; return sites; } /* rblcheck_ip() * Checks the specified dotted-quad address against the provided RBL * domain. If "txt" is non-zero, we perform a TXT record lookup. We * return the text returned from a TXT match, or an empty string, on * a successful match, or NULL on an unsuccessful match. */ char *rblcheck_ip(const char *addr, char *rbldomain, int txt) { char *domain; #ifdef HAVE_GETADDRINFO struct addrinfo *res = NULL; struct addrinfo hints; int rc; memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = AF_UNSPEC; hints.ai_flags = AI_NUMERICHOST | AI_NUMERICSERV; rc = getaddrinfo(addr, NULL, &hints, &res); if (rc == EAI_NONAME || res == NULL) { fprintf(stderr, "%s: warning: invalid address '%s'\n", progname, addr); exit(-1); } if (rc < 0) { fprintf(stderr, "%s: warning: getaddrinfo(%s): %s\n", progname, addr, gai_strerror(rc)); exit(-1); } /* 32 characters and 32 dots in a reversed v6 address, plus 1 for null */ domain = NOFAIL(malloc(32 + 32 + 1 + strlen(rbldomain))); if (res->ai_family == AF_INET) { struct sockaddr_in *saddr = (struct sockaddr_in *) res->ai_addr; unsigned char *a = (unsigned char *) &(saddr->sin_addr); sprintf(domain, "%d.%d.%d.%d.%s", *(a + 3), *(a + 2), *(a + 1), *a, rbldomain); } else if (res->ai_family == AF_INET6) { struct sockaddr_in6 *saddr = (struct sockaddr_in6 *) res->ai_addr; unsigned char *a = (unsigned char *) &(saddr->sin6_addr); sprintf(domain, "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x." "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%s", *(a + 15) & 0xF, *(a + 15) >> 4, *(a + 14) & 0xF, *(a + 14) >> 4, *(a + 13) & 0xF, *(a + 13) >> 4, *(a + 12) & 0xF, *(a + 12) >> 4, *(a + 11) & 0xF, *(a + 11) >> 4, *(a + 10) & 0xF, *(a + 10) >> 4, *(a + 9) & 0xF, *(a + 9) >> 4, *(a + 8) & 0xF, *(a + 8) >> 4, *(a + 7) & 0xF, *(a + 7) >> 4, *(a + 6) & 0xF, *(a + 6) >> 4, *(a + 5) & 0xF, *(a + 5) >> 4, *(a + 4) & 0xF, *(a + 4) >> 4, *(a + 3) & 0xF, *(a + 3) >> 4, *(a + 2) & 0xF, *(a + 2) >> 4, *(a + 1) & 0xF, *(a + 1) >> 4, *(a + 0) & 0xF, *(a + 0) >> 4, rbldomain ); } else { fprintf(stderr, "%s: getaddrinfo(%s) returned ai_family=%d!\n", progname, addr, res->ai_family); exit(-1); } freeaddrinfo(res); #else int a, b, c, d; if (sscanf(addr, "%d.%d.%d.%d", &a, &b, &c, &d) != 4 || a < 0 || a > 255 || b < 0 || b > 255 || c < 0 || c > 255 || d < 0 || d > 255) { fprintf(stderr, "%s: warning: invalid address '%s'\n", progname, addr); exit(-1); } /* 16 characters max in a dotted-quad address, plus 1 for null */ domain = NOFAIL(malloc(17 + strlen(rbldomain))); /* Create a domain name, in reverse. */ sprintf(domain, "%d.%d.%d.%d.%s", d, c, b, a, rbldomain); #endif return query_dns(domain, txt); } char *query_dns(const char *domain, const int txt) { char *result = NULL; unsigned char fixedans[PACKETSZ]; unsigned char *answer; const unsigned char *cp; char *rp; const unsigned char *cend; const char *rend; int len; /* Make our DNS query. */ res_init(); answer = fixedans; len = res_query(domain, C_IN, T_A, answer, PACKETSZ); /* Was there a problem? If so, the domain doesn't exist. */ if (len == -1) return result; if (len > PACKETSZ) { answer = NOFAIL(malloc(len)); len = res_query(domain, C_IN, T_A, answer, len); if (len == -1) return result; } result = NOFAIL(malloc(RESULT_SIZE)); result[0] = '\0'; if (!txt) { return result; } /* Make another DNS query for textual data; this shouldn't be a performance hit, since it'll now be cached at the nameserver we're using. */ res_init(); len = res_query(domain, C_IN, T_TXT, answer, PACKETSZ); /* Just in case there's no TXT record... */ if (len == -1) { return result; } /* Skip the header and the address we queried. */ cp = answer + sizeof(HEADER); while (*cp != '\0') { unsigned char p; p = *cp++; while (p--) cp++; } /* This seems to be a bit of magic data that we need to skip. I wish there were good online documentation for programming for libresolv, so I'd know what I'm skipping here. Anyone reading this, feel free to enlighten me. */ cp += 1 + NS_INT16SZ + NS_INT32SZ; /* Skip the type, class and ttl. */ cp += (NS_INT16SZ * 2) + NS_INT32SZ; /* Get the length and end of the buffer. */ NS_GET16(len, cp); cend = cp + len; /* Iterate over any multiple answers we might have. In this context, it's unlikely, but anyway. */ rp = result; rend = result + RESULT_SIZE - 1; while (cp < cend && rp < rend) { unsigned char p; p = *cp++; if (p != 0) { unsigned char x; for (x = p; x > 0 && cp < cend && rp < rend; x--) { if (*cp == '\n' || *cp == '"' || *cp == '\\') { *rp++ = '\\'; } *rp++ = *cp++; } } } *rp = '\0'; return result; } char *rblcheck_domain(const char *addr, char *rbldomain, int txt) { char *domain; domain = NOFAIL(malloc(strlen(addr) + 1 + strlen(rbldomain) + 1)); strcpy(domain, addr); strcat(domain, "."); strcat(domain, rbldomain); return query_dns(domain, txt); } int is_domain(const char *s) { const char *p; /* not a valid domain, but hopefully a valid IPv6 address */ if (strrchr(s, ':')) return 0; /* does not contain a dot nor a colon, so it is not a v4 or v6 IP */ p = strrchr(s, '.'); if (!p) return 1; /* check the character after the dot */ p++; /* a trailing dot is invalid, so have getaddrinfo() fail on it */ if (*p == '\0') return 0; /* contains an alphabetic character */ for (p = s; *p != '\0'; p++) if ((*p >= 'a' && *p <= 'z') || (*p >= 'a' && *p <= 'z')) return 1; return 0; } /* full_rblcheck * Takes an IP address, and feeds it to rblcheck() for each defined * RBL listing, handling output of results if necessary. */ int full_rblcheck(char *addr, struct opts *opt) { int count = 0; int domain; char *response; struct rbl *ptr; domain = is_domain(addr); if (domain) ptr = opt->uribls; else ptr = opt->rblsites; for (; ptr != NULL; ptr = ptr->next) { if (domain) response = rblcheck_domain(addr, ptr->site, opt->txt); else response = rblcheck_ip(addr, ptr->site, opt->txt); if (!opt->quiet || response) printf("%s %s%s%s%s%s%s", addr, (!opt->quiet && !response ? "not " : ""), (!opt->quiet ? "listed by " : ""), (!opt->quiet ? ptr->site : ""), (opt->txt && response && strlen(response) && !opt->quiet ? ": " : ""), (opt->txt && response ? response : ""), (opt->quiet && (!opt->txt || (response && !strlen(response))) ? "" : "\n")); if (response) { count++; free(response); } if (opt->firstmatch && count) return count; } return count; } /*-- MAINLINE ---------------------------------------------------------------*/ int main(int argc, char *argv[]) { int a; struct opts *opt; struct rbl *ptr; int rblfiltered = 0; char inbuf[RESULT_SIZE]; opt = NOFAIL(calloc(1, sizeof(struct opts))); /* Hack to handle the easy addition of sites at compile time. */ #define SITE(x) opt->rblsites = togglesite( (x), opt->rblsites ); #define URI_SITE(x) opt->uribls = togglesite( (x), opt->uribls ); #include "sites.h" #undef SITE #undef URI_SITE progname = argv[0]; while ((a = getopt(argc, argv, "qtlms:c?hv")) != EOF) switch (a) { case 'q': /* Quiet mode. */ opt->quiet = 1; break; case 't': /* Display TXT record. */ opt->txt = 1; break; case 'm': /* Stop after first successful match. */ opt->firstmatch = 1; break; case 'l': /* Display supported RBL systems. */ for (ptr = opt->rblsites; ptr != NULL; ptr = ptr->next) printf("%s\n", ptr->site); for (ptr = opt->uribls; ptr != NULL; ptr = ptr->next) printf("%s\n", ptr->site); exit(0); case 's': /* Toggle a particular zone. */ opt->rblsites = togglesite(optarg, opt->rblsites); opt->uribls = togglesite(optarg, opt->uribls); break; case 'c': /* Clear the rbl zones. */ ptr = opt->rblsites; while (ptr != NULL) { opt->rblsites = ptr->next; free(ptr->site); free(ptr); ptr = opt->rblsites; } ptr = opt->uribls; while (ptr != NULL) { opt->uribls = ptr->next; free(ptr->site); free(ptr); ptr = opt->uribls; } break; case '?': case 'h': /* Help */ usage(); exit(0); case 'v': /* Version */ version(); exit(0); } /* Did they tell us to check anything? */ if (optind == argc) { fprintf(stderr, "%s: no IP address(es) specified\n", progname); usage(); exit(-1); } /* Do we have any listings to search? */ if (!opt->rblsites) { fprintf(stderr, "%s: no rbl listing(s) specified (need '-s '?)\n", progname); exit(-1); } /* Loop through the command line. */ while (optind < argc) { /* Handle addresses from stdin. */ if (argv[optind][0] == '-' && argv[optind][1] == '\0') while (fgets(inbuf, RESULT_SIZE - 1, stdin) != NULL) { inbuf[strlen(inbuf) - 1] = '\0'; rblfiltered += full_rblcheck(inbuf, opt); if (opt->firstmatch && rblfiltered) return rblfiltered; } else rblfiltered += full_rblcheck(argv[optind], opt); if (opt->firstmatch && rblfiltered) return rblfiltered; optind++; } exit(rblfiltered); } rblcheck-20190930/sites.h000066400000000000000000000032571354437722000150560ustar00rootroot00000000000000/* rblcheck DNSBL systems Add new sites to this listing in the format: // for IP-based DNSBLs SITE("site.example.com") // for domain-based DNSBLs URI_SITE("site.example.com") Do not add any extra whitespace, and make sure you place quotes around the address. Use C comments in this file if you want to add comments about each site. Uncomment the sites you want to use by default. The listings are checked in the order they are listed here. These listings are provided as a convenience, and examples of how to add new listings. I'll try to keep them updated if at all possible, but you should not rely blindly on these values being correct, nor should you rely on someone else's judgement about the "goodness" of a particular list; test them, and see if their policies suit your tastes. DNSBL-style systems tend to move around a bit, so you should check the service websites regularly for updates. In other words, if you use one of these, and the world ends, don't blame me. You're using them at your own risk. If they break, you get to keep both pieces. */ /* https://www.spamhaus.org/sbl/ */ SITE("sbl.spamhaus.org"); /* https://www.spamhaus.org/xbl/ */ SITE("xbl.spamhaus.org"); /* https://www.spamhaus.org/pbl/ */ SITE("pbl.spamhaus.org"); /* https://www.spamcop.net/bl.shtml */ SITE("bl.spamcop.net"); /* https://psbl.org/ */ SITE("psbl.surriel.com"); /* http://www.sorbs.net/general/using.shtml */ SITE("dul.dnsbl.sorbs.net"); /* https://www.spamhaus.org/dbl/ */ URI_SITE("dbl.spamhaus.org"); /* http://www.surbl.org/lists */ URI_SITE("multi.surbl.org"); /* http://uribl.com/about.shtml */ URI_SITE("multi.uribl.com"); rblcheck-20190930/tests/000077500000000000000000000000001354437722000147115ustar00rootroot00000000000000rblcheck-20190930/tests/addlisting000077500000000000000000000002201354437722000167530ustar00rootroot00000000000000#!/bin/sh # Clear the list, add an entry, and display it. if test x"`./rblcheck -c -s testlisting -l 2>&1`" != x"testlisting" then exit 1 fi rblcheck-20190930/tests/clearlist000077500000000000000000000002071354437722000166200ustar00rootroot00000000000000#!/bin/sh # Clear the list, then display it. Should result in an empty listing. if test -n "`./rblcheck -c -l 2>&1`" then exit 1 fi rblcheck-20190930/tests/removelisting000077500000000000000000000002561354437722000175310ustar00rootroot00000000000000#!/bin/sh # Clear the list, add an entry, toggle it off, then display (hopefully) blank. if test -n "`./rblcheck -c -s testlisting -s testlisting -l 2>&1`" then exit 1 fi