DNS Black List / RBL Checking in Python

November 22nd, 2014

Following on from performing basic DNS Lookups in Python, it’s relatively trivial to begin testing DNS Block Lists/Real Time Black Lists for blocked mail server IP addresses. To assist in preventing spam, a number of public and private RBLs are available. These track the IP addresses of mail servers that are known to produce spam, thus allowing recipient mail servers to deny delivery from known spammers.

RBLs operate over DNS. In order to test a RBL, a DNS query is made. As an example, zen.spamhaus.org is a popular RBL. If I wanted to test IP address 148.251.196.147 against the zen.spamhaus.org blocklist, I would reverse the octets in the IP address and then append ‘.zen.spamhaus.org’, i.e. 147.196.251.148.zen.spamhaus.org. I then perform an ‘A’ record lookup on said host:

root@w:~/tmp# host -t a 147.196.251.148.zen.spamhaus.org
Host 147.196.251.148.zen.spamhaus.org not found: 3(NXDOMAIN)

Excellent. IP 148.251.196.147 was not found in zen.spamhaus.org. NXDOMAIN is returned.

Now, to take a known spammer’s IP: 144.76.252.9:
Read the rest of this entry »

Shell Return Codes – Ping Monitoring

September 9th, 2009

BASH – The Bourne Again Shell amongst most if not all other shells allows each application to exit with a return code. Some shells and environments have limits on what range this integer can fall into. Something between 0 and 255 inclusive is always a safe bet. In BASH, the variable $? is populated with the return code of the last command to return control back to the shell. It is important to preserve the return code immediately after the application exits that we want to monitor, as subsequent commands will overwrite the variable. The ping tool returns 0 on success:

HOST=”192.168.1.5″
ping -c1 ${HOST} -q 2>&1 >/dev/null  #ping HOST once and do not print any output to the screen
RET=$?¬† #assign the return code to RET so we can preserve it for after the ‘if’
if [ ${RET} -eq 0 ]; then
#we were successful.
echo “We were successful”
else
#we weren’t successful
echo “Host ${HOST} failed ping monitoring on `date`” |mail -s “Uptime Monitoring” admin@example.com
fi

Now of course there are easier ways of achieving the above task, although I’ve laid out the script in this way hoping that the way I have laid it out illustrates capturing the code and preserving it beyond the ‘if’ that follows which would have overwritten it. Just as further illustration, calling ping invalid followed directly by echo $? shows a return code of ‘2’ – obviously the return code for such a failure. Calling echo $? again immediately after shows a return code of ‘0’ as the return code of ping was overwritten by the return code of the first echo statement. Bash builtins return codes to the shell as any other application would.

Linux virtualization, vmware, xen, hosting, and squeezing the most out of your resources

September 14th, 2008

I’d guess that 90% of hosting providers ‘oversell’. This essentially means that should they have 1,000GB allocated, they might offer 15 packages of 100Gb to 15 of their customers, banking on the fact that no one will fully use their 100GB allocation – Selling 5 Virtual Machines with 256MB RAM on a 1GB host, assuming that no one will use their full RAM allocation. This is bad, because you’ll generally be able to confirm that you’ve been allocated the resources, but nonetheless benchmark tests will show that you’re just not getting them, and your environment will be sluggish and unresponsive. This is the same as airlines selling 110 seats on a 100 seat plane. When that 101st paying customer does show up to claim his seat, he’s stuck without a flight.

The general consensus is that a VPS is a cheaper and lower-grade option than a dedicated service, however VPSs have a number of indisputable advantages over dedicated servers and I’m going to discuss why almost all the dedicated machines I manage are hosts for a range of VPSs.
Read the rest of this entry »