Monday, December 31, 2012

When Spammers Attack, Make Musubi

Musubi is a little tool I wrote to check your mail servers' reputation on DNSBLs. There are quite a few of these scripts out there, but this one does more than simply check a list of DNSBLs.

Unlike other scripts I found, when musubi finds an IP listed on a DNSBL, it also queries for a DNS TXT record to find the reason you were blacklisted.

Finding all your mail servers' IPs can be a little confusing. Musubi will take a domain name, find the MX records, give you all the IPS for the servers and make sure the reverse DNS (PTR) is correct. It also fetches SPF TXT records.

Normally, you'd use a tool like 'dig' to figure this all out. I wanted something the average person can use without needing to use multiple 'dig' commands.

If you work for an ISP or web hosting company, you can throw a whole range of IPs at Musubi for your shared hosting using CIDR notation.

Most ISPs and web hosting companies have their own internal tools for this, but you may want to take a look at Musubi if you used threads. Musubi uses gevent and is very fast (hundreds of DNSBL lookups in seconds) thanks to some borrowed code from Vince Carney's

Musubi uses cliff for the command-line framework and is easily extensible. Web front-end with scheduled checks, Twilio SMS notification etc. are coming next.

I wrote most of this while helping a friend in a panic fix his company's PTR records and add an SPF record for his mail servers that were getting blacklisted, so it's a bit messy and un-tested. 0.1 is available on Github and PyPi