Output of the script when IP is not blacklisted





is blacklisted by any provider the script outputs

Output of the script when IP is blacklisted

However if the IP addressby any provider the script outputs

















Log File



I've included ability on the Script to create text log file for auditing. By Default the log files sits on the folder where you run the script and it will look like as below;

Contents of the log file





























Download Link at the bottom - NOTES

'dyna.spamrats.com'

'dynip.rothen.com'

'http.dnsbl.sorbs.net'

'images.rbl.msrbl.net'

'ips.backscatterer.org'

'ix.dnsbl.manitu.net'

'korea.services.net'

'misc.dnsbl.sorbs.net'

'noptr.spamrats.com'

'ohps.dnsbl.net.au'

'omrs.dnsbl.net.au'

'orvedb.aupads.org'

'osps.dnsbl.net.au'

'osrs.dnsbl.net.au'

'owfs.dnsbl.net.au'

'owps.dnsbl.net.au'

'pbl.spamhaus.org'

'phishing.rbl.msrbl.net'

'probes.dnsbl.net.au'

'proxy.bl.gweep.ca'

'proxy.block.transip.nl'

'psbl.surriel.com'

'rbl.interserver.net'

'rbl.megarbl.net'

'rdts.dnsbl.net.au'

'relays.bl.gweep.ca'

'relays.bl.kundenserver.de'

'relays.nether.net'

'residential.block.transip.nl'

'ricn.dnsbl.net.au'

'rmst.dnsbl.net.au'

'sbl.spamhaus.org'

'short.rbl.jp'

'smtp.dnsbl.sorbs.net'

'socks.dnsbl.sorbs.net'

'spam.abuse.ch'

'spam.dnsbl.sorbs.net'

'spam.rbl.msrbl.net'

'spam.spamrats.com'

'spamlist.or.kr'

'spamrbl.imp.ch'

't3direct.dnsbl.net.au'

'tor.ahbl.org'

'tor.dnsbl.sectoor.de'



'ubl.lashback.com'

'ubl.unsubscore.com'

'virbl.bit.nl'

'virus.rbl.jp'

'virus.rbl.msrbl.net'

'web.dnsbl.sorbs.net'

'wormrbl.imp.ch'

'xbl.spamhaus.org'

'zen.spamhaus.org'

'zombie.dnsbl.sorbs.net'

)

# Array of IP addresses if you need to check against multiple MX records for your domain.

$IPlist = @(

'72.167.238.201' # smtp.secureserver.net

'203.57.145.30' # mx1.akl.trademe.co.nz

)

foreach ($IP in $IPList) {

# This function writes output to a log file "Check_Blacklist_Providers_IP"

function log ($string) {

(date -format "HH:mm:sstt, dd MMM yyyy | ") + $string | Out-file ".\Check_Blacklist_Providers_$IP.log" -a -en ASCII

Write-Output $string

}

$reversedIP = ($IP -split '\.')[3..0] -join '.'

$blacklistedOn = @()

foreach ($server in $blacklistServers) {

$fqdn = "$reversedIP.$server"

try

{

$null = [System.Net.Dns]::GetHostEntry($fqdn)

$blacklistedOn += $server

}

catch { }

}

if ($blacklistedOn.Count -gt 0) {

log (write-output "$IP blacklisted on the following servers: $($blacklistedOn -join ', ')")

# variable store value sent by the $blackliston

$finaltext = "$IP is blacklisted on the following servers: $($blacklistedOn -join ', ')"

# This one line which sent email of the output.

Send-MailMessage -To "emailaddresswhereyouwant@themailtoarrive.com" -From "fromemail@address.com" -Subject "$IP detected on a DNS Blacklist" -Body $finaltext -SmtpServer "Your SMTP Address goes here" -BodyAsHtml

}

else {log (Write-Output "$IP is OK")}

}









You can downloaded script as as txt file from this link.



Would love to hear feed back if you have... If you like the script please leave comments.



'torserver.tor.dnsbl.sectoor.de''ubl.lashback.com''ubl.unsubscore.com''virbl.bit.nl''virus.rbl.jp''virus.rbl.msrbl.net''web.dnsbl.sorbs.net''wormrbl.imp.ch''xbl.spamhaus.org''zen.spamhaus.org''zombie.dnsbl.sorbs.net'# Array of IP addresses if you need to check against multiple MX records for your domain.$IPlist = @('72.167.238.201' # smtp.secureserver.net'203.57.145.30' # mx1.akl.trademe.co.nzforeach ($IP in $IPList) {# This function writes output to a log file "Check_Blacklist_Providers_IP"function log ($string) {(date -format "HH:mm:sstt, dd MMM yyyy | ") + $string | Out-file ".\Check_Blacklist_Providers_$IP.log" -a -en ASCIIWrite-Output $string$reversedIP = ($IP -split '\.')[3..0] -join '.'$blacklistedOn = @()foreach ($server in $blacklistServers) {$fqdn = "$reversedIP.$server"try$null = [System.Net.Dns]::GetHostEntry($fqdn)$blacklistedOn += $servercatch { }if ($blacklistedOn.Count -gt 0) {log (write-output "$IP blacklisted on the following servers: $($blacklistedOn -join ', ')")# variable store value sent by the $blackliston$finaltext = "$IP is blacklisted on the following servers: $($blacklistedOn -join ', ')"# This one line which sent email of the output.Send-MailMessage -To "emailaddresswhereyouwant@themailtoarrive.com" -From "fromemail@address.com" -Subject "$IP detected on a DNS Blacklist" -Body $finaltext -SmtpServer "Your SMTP Address goes here" -BodyAsHtmlelse {log (Write-Output "$IP is OK")}Would love to hear feed back if you have... If you like the script please leave comments.

=======================================================Created on: 27/03/2014 10:48 p.m.Updated on: 07/01/2014 10.32 PMCreated by: Balaji - www.askvp.blogspot.comModified by : Vinay MFilename: BlacklistChecker.ps1=======================================================.DESCRIPTION# This script checks the multiple MX records against 80 DNS Blacklist providers, write a log with date & time stamp for auditing purpose and sends email to specified email address#># Feel free to add any missing DNBL$blacklistServers = @('b.barracudacentral.org''bl.emailbasura.org''bl.spamcannibal.org''bl.spamcop.net''blackholes.five-ten-sg.com''blacklist.woody.ch''bogons.cymru.com''cbl.abuseat.org''cdl.anti-spam.org.cn''combined.abuse.ch''combined.rbl.msrbl.net''db.wpbl.info''dnsbl-1.uceprotect.net''dnsbl-2.uceprotect.net''dnsbl-3.uceprotect.net''dnsbl.ahbl.org' # As of Jan 1st 2015 this site no longer provides service of DNSBL.'dnsbl.cyberlogic.net''dnsbl.inps.de''dnsbl.sorbs.net''drone.abuse.ch''drone.abuse.ch''duinv.aupads.org''dul.dnsbl.sorbs.net''dul.ru'