From c7ad869541732de9548882bef84f16a373862681 Mon Sep 17 00:00:00 2001 From: Phil! Gold Date: Mon, 8 Aug 2016 11:45:22 -0400 Subject: [PATCH 1/7] Basic SenderBase plugin. --- plugins/senderbase/senderbase | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100755 plugins/senderbase/senderbase diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase new file mode 100755 index 00000000..c0079366 --- /dev/null +++ b/plugins/senderbase/senderbase @@ -0,0 +1,20 @@ +#!/bin/sh + +real_ip_address=${ip_address:-$(hostname -I | head -1)} + +if [ "$1" = "config" ]; then + cat < Date: Mon, 8 Aug 2016 12:51:37 -0400 Subject: [PATCH 2/7] Documentation for SenderBase plugin. --- plugins/senderbase/senderbase | 45 +++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index c0079366..cbfdb9a7 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -1,12 +1,55 @@ #!/bin/sh +: << =cut + +=head1 NAME + +senderbase - Gives the current SenderBase reputation for a mail host. + +=head1 CONFIGURATION + +By default, the script will use the first IP address returned by C. +If that's not the right address to use, set the C environment +variable to the appropriate value. + + [senderbase] + env.ip_address 8.8.8.8 + +=head1 AUTHOR + +Phil! Gold + +=head1 MAGIC MARKERS + + #%# family=auto + #%# capabilities=autoconf + +=cut + real_ip_address=${ip_address:-$(hostname -I | head -1)} +ip_reversed=$(echo $real_ip_address | sed -re 's/^([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)$/\4.\3.\2.\1/') +query_host=${ip_reversed}.rf.senderbase.org + +if [ "$1" = "autoconf" ]; then + if which dig >/dev/null; then + value=$(dig +short $query_host TXT | sed 's/"//g' | head -1) + if [ -n "$value" ]; then + echo 'yes' + else + echo "no (No SenderBase reputation for IP address ${ip_address}.)" + fi + else + echo 'no (No "dig" executable found.)' + fi + exit 0 +fi if [ "$1" = "config" ]; then cat < Date: Tue, 9 Aug 2016 15:26:47 -0400 Subject: [PATCH 3/7] SenderBase limits were wrong. --- plugins/senderbase/senderbase | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index cbfdb9a7..d00f5d18 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -51,8 +51,8 @@ graph_title SenderBase Reputation for $real_ip_address graph_info Current reputation from senderbase.org. Ranges from -10 (very poor) through 0 (neutral) to 10 (very good). graph_args --lower-limit -10 --upper-limit 10 reputation.label Reputation -reputation.warning :0 -reputation.critical :-5 +reputation.warning 0: +reputation.critical -5: EOF exit 0 fi From 50783de9916208031229e36cfe51384671b7e61c Mon Sep 17 00:00:00 2001 From: Phil! Gold Date: Mon, 17 Oct 2016 09:53:58 -0400 Subject: [PATCH 4/7] senderbase licensing --- plugins/senderbase/senderbase | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index d00f5d18..99d404cb 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -19,6 +19,12 @@ variable to the appropriate value. Phil! Gold +=head1 LICENSE + +This plugin is made available under a CC0 waiver: + + https://creativecommons.org/publicdomain/zero/1.0/ + =head1 MAGIC MARKERS #%# family=auto From 24ffbb8c29026d56633fbb1e208fe6c2d49f9131 Mon Sep 17 00:00:00 2001 From: Phil! Gold Date: Mon, 17 Oct 2016 10:00:03 -0400 Subject: [PATCH 5/7] Document SenderBase in case people are unfamiliar with it. --- plugins/senderbase/senderbase | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index 99d404cb..77a55bad 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -6,6 +6,14 @@ senderbase - Gives the current SenderBase reputation for a mail host. +SenderBase is a mail server reputation service run by Cisco. It's +basically a measure of how likely or unlikely they think it is for the +server in question to be sending spam, rated on a scale of -10 (near-100% +chance of spam) to 10 (near-0% chance of spam). The SenderBase score for +a server is one of several criteria that may be used when doing spam +filtering; consequently, it's useful for the operator of a mail server to +track their current reputation score. + =head1 CONFIGURATION By default, the script will use the first IP address returned by C. From 5355c24b491b84ea0ebeaad99c47b85a85a4241e Mon Sep 17 00:00:00 2001 From: Phil! Gold Date: Mon, 17 Oct 2016 10:04:03 -0400 Subject: [PATCH 6/7] `hostname -I` returns all values on one line. --- plugins/senderbase/senderbase | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index 77a55bad..921c056f 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -16,9 +16,11 @@ track their current reputation score. =head1 CONFIGURATION -By default, the script will use the first IP address returned by C. -If that's not the right address to use, set the C environment -variable to the appropriate value. +By default, the script will use the first IP address returned by +C. If that's not the right address to use, set the +C environment variable to the appropriate value. (Note that +if a host has multiple IP addresses, there's no guaranteed ordering for +C, so you should set the address explicitly in that case.) [senderbase] env.ip_address 8.8.8.8 @@ -40,7 +42,7 @@ This plugin is made available under a CC0 waiver: =cut -real_ip_address=${ip_address:-$(hostname -I | head -1)} +real_ip_address=${ip_address:-$(hostname -I | awk '{print $1}')} ip_reversed=$(echo $real_ip_address | sed -re 's/^([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)$/\4.\3.\2.\1/') query_host=${ip_reversed}.rf.senderbase.org From 2c09bd7de700e1f4b17a55e972690e6030f06d44 Mon Sep 17 00:00:00 2001 From: Phil! Gold Date: Mon, 17 Oct 2016 10:30:26 -0400 Subject: [PATCH 7/7] Check SenderBase with either dig or host, depending on what's available. --- plugins/senderbase/senderbase | 42 ++++++++++++++++++++++++----------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/plugins/senderbase/senderbase b/plugins/senderbase/senderbase index 921c056f..88da9590 100755 --- a/plugins/senderbase/senderbase +++ b/plugins/senderbase/senderbase @@ -42,20 +42,36 @@ This plugin is made available under a CC0 waiver: =cut -real_ip_address=${ip_address:-$(hostname -I | awk '{print $1}')} -ip_reversed=$(echo $real_ip_address | sed -re 's/^([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)$/\4.\3.\2.\1/') -query_host=${ip_reversed}.rf.senderbase.org +if which dig >/dev/null; then + query_program=dig + do_query () { + hostname=$1 + dig +short $hostname TXT | sed 's/"//g' | head -1 + } +elif which host >/dev/null; then + query_program=host + do_query () { + hostname=$1 + host -t TXT $hostname | grep -m 1 'descriptive text' | cut -d\" -f2 + } +else + query_program= + do_query () { + true + } +fi + +real_ip_address="${ip_address:-$(hostname -I | awk '{print $1}')}" +ip_reversed="$(echo $real_ip_address | sed -re 's/^([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)$/\4.\3.\2.\1/')" +query_host="${ip_reversed}.rf.senderbase.org" if [ "$1" = "autoconf" ]; then - if which dig >/dev/null; then - value=$(dig +short $query_host TXT | sed 's/"//g' | head -1) - if [ -n "$value" ]; then - echo 'yes' - else - echo "no (No SenderBase reputation for IP address ${ip_address}.)" - fi + if [ -z "$query_program" ]; then + echo 'no (No "dig" or "host" executable found.)' + elif [ -z "$(do_query "$query_host")" ]; then + echo "no (No SenderBase reputation for IP address ${ip_address}.)" else - echo 'no (No "dig" executable found.)' + echo 'yes' fi exit 0 fi @@ -73,5 +89,5 @@ EOF exit 0 fi -value=$(dig +short $query_host TXT | sed 's/"//g' | head -1) -echo reputation.value ${value:-U} +value="$(do_query "$query_host")" +echo reputation.value "${value:-U}"