Implemented remote Bad AS lookup

2023-07-28 20:27:38 +02:00
parent 731fabef58
commit 525364ba65
3 changed files with 64 additions and 13 deletions
--- a/data/Dockerfiles/postfix/postfix.sh
+++ b/data/Dockerfiles/postfix/postfix.sh
@@ -393,6 +393,7 @@ query = SELECT goto FROM spamalias
    AND validity >= UNIX_TIMESTAMP()
 EOF

+echo -e "\e[33mChecking if ASN for your IP is listed for Spamhaus Bad ASN List...\e[0m"
 if [ -n "$SPAMHAUS_DQS_KEY" ]; then
  echo -e "\e[32mDetected SPAMHAUS_DQS_KEY variable from mailcow.conf...\e[0m"
  echo -e "\e[33mUsing DQS Blocklists from Spamhaus!\e[0m"
@@ -431,7 +432,8 @@ if [ -n "$SPAMHAUS_DQS_KEY" ]; then
 EOF

 else
-  if curl -s http://fuzzy.mailcow.email/asn_list.txt | grep $(whois -h whois.radb.net $(curl -s http://ipv4.mailcow.email) | grep -i origin | tr -s " " | cut -d " " -f2 | head -1) > /dev/null; then
+  response=$(curl --connect-timeout 15 --retry 5 --max-time 30 -s -o /dev/null -w "%{http_code}" "https://asn-check.mailcow.email")
+  if [ "$response" -eq 403 ]; then
  echo -e "\e[31mThe AS of your IP is listed as a banned AS from Spamhaus!\e[0m"
  echo -e "\e[33mNo SPAMHAUS_DQS_KEY found... Skipping Spamhaus blocklists entirely!\e[0m"
  cat <<EOF > /opt/postfix/conf/dns_blocklists.cf
@@ -461,7 +463,7 @@ else
      dnsbl.sorbs.net=127.0.0.6*2
      dnsbl.sorbs.net=127.0.0.9*2
 EOF
-  else
+  elif [ "$response" -eq 200 ]; then
  echo -e "\e[32mThe AS of your IP is NOT listed as a banned AS from Spamhaus!\e[0m"
  echo -e "\e[33mUsing the open Spamhaus blocklists.\e[0m"
  cat <<EOF > /opt/postfix/conf/dns_blocklists.cf
@@ -495,6 +497,37 @@ EOF
      zen.spamhaus.org=127.0.0.3*4
      zen.spamhaus.org=127.0.0.2*3
 EOF
+
+  else
+  echo -e "\e[31mWe couldn't determine your AS... (maybe DNS/Network issue?) Response Code: $response\e[0m"
+  echo -e "\e[33mDeactivating Spamhaus DNS Blocklists to be on the safe site!\e[0m"
+  cat <<EOF > /opt/postfix/conf/dns_blocklists.cf
+    # Autogenerated by mailcow
+    postscreen_dnsbl_sites = wl.mailspike.net=127.0.0.[18;19;20]*-2
+      hostkarma.junkemailfilter.com=127.0.0.1*-2
+      list.dnswl.org=127.0.[0..255].0*-2
+      list.dnswl.org=127.0.[0..255].1*-4
+      list.dnswl.org=127.0.[0..255].2*-6
+      list.dnswl.org=127.0.[0..255].3*-8
+      ix.dnsbl.manitu.net*2
+      bl.spamcop.net*2
+      bl.suomispam.net*2
+      hostkarma.junkemailfilter.com=127.0.0.2*3
+      hostkarma.junkemailfilter.com=127.0.0.4*2
+      hostkarma.junkemailfilter.com=127.0.1.2*1
+      backscatter.spameatingmonkey.net*2
+      bl.ipv6.spameatingmonkey.net*2
+      bl.spameatingmonkey.net*2
+      b.barracudacentral.org=127.0.0.2*7
+      bl.mailspike.net=127.0.0.2*5
+      bl.mailspike.net=127.0.0.[10;11;12]*4
+      dnsbl.sorbs.net=127.0.0.10*8
+      dnsbl.sorbs.net=127.0.0.5*6
+      dnsbl.sorbs.net=127.0.0.7*3
+      dnsbl.sorbs.net=127.0.0.8*2
+      dnsbl.sorbs.net=127.0.0.6*2
+      dnsbl.sorbs.net=127.0.0.9*2
+EOF
  fi
 fi