Adding a Command with hosts | Email Blacklist Check

ottonaut · February 7, 2022, 10:18am

Hello everyone,
I’ve been trying to add an Email Blacklist-Check, specifically this one: https://github.com/matteocorti/check_rbl/wiki
And it will add the External Command “rbl” to the Icinga Director. Yet the command does not work as a Service as no -s (Server to check on) has been defined. To counter that I’ll have to write my very first own command.
Yet I do not really know how to and that’s what I want to ask here

This is the rbl-Check Preview:

object CheckCommand "rbl" {
    import "plugin-check-command"
    command = [ PluginDir + "/check_rbl" ]
    timeout = 1m
    arguments += {
        "-H" = {
            description = "Name or IP address of SMTP server to check."
            value = "$rbl_hostname$"
        }
        "-c" = {
            description = "Number of blacklisting servers for a critical."
            value = "$rbl_critical$"
        }
        "-s" = {
            description = "List of RBL servers as an array."
            repeat_key = true
            required = true
            value = "$rbl_server$"
        }
        "-t" = {
            description = "Seconds before plugin times out (default: 15)."
            value = "$rbl_timeout$"
        }
        "-w" = {
            description = "Number of blacklisting servers for a warning."
            value = "$rbl_warning$"
        }
    }
    vars.check_address = {
        arguments = [  ]
        deprecated = false
        name = "<anonymous>"
        side_effect_free = false
        type = "Function"
    }
    vars.check_ipv4 = false
    vars.check_ipv6 = false
    vars.rbl_critical = 1
    vars.rbl_hostname = "$check_address$"
    vars.rbl_timeout = 15
    vars.rbl_warning = 1
}

And this is the command I’m trying to add so far:

Note:

check_rbl --extra-opts=rbl@check_rbl.ini opens a file which has all servers that I want to check for blacklisting. So there is a server defined.

Yet in the Icinga Web I get a unknown error:

Error: Non-optional macro 'rbl_server' used in argument '-s' is missing.
(0) Executing check for object 'Gudrun.epages.housing.iphh.net!Mail-Blacklist'

If I run this command on the terminal with a defined host it will look like this:

perl check_rbl -t 60 -H  email.that.i.want.to.check.net --extra-opts=rbl@check_rbl.ini 
CHECK_RBL CRITICAL - email.that.i.want.to.check.net BLACKLISTED on 1 server of 89 (all.s5h.net (127.0.0.2)) | servers=1;0;0 time=12s;;

Can anybody help me with this issue. If more information is needed I’m happy to supply

One more note:

Even if I add the command like this:

perl check_rbl -t 60 -H $check_adress$ \  
-s cbl.abuseat.org \  
-s dnsbl.cyberlogic.net \  
-s bl.deadbeef.com \  
-s spamtrap.drbl.drand.net \  
-s spamsources.fabel.dk \  
-s 0spam.fusionzero.com \  
-s mail-abuse.blacklist.jippg.org \  
-s korea.services.net \  
-s spamguard.leadmon.net \  
-s ix.dnsbl.manitu.net \  
-s relays.nether.net \  
-s dnsbl.njabl.org \  
-s bhnc.njabl.org \  
-s no-more-funn.moensted.dk \  
-s rbl.orbitrbl.com \  
-s psbl.surriel.com \  
-s dyna.spamrats.com \  
-s noptr.spamrats.com \  
-s spam.spamrats.com \  
-s dnsbl.sorbs.net \  
-s spam.dnsbl.sorbs.net \  
-s bl.spamcannibal.org \  
-s bl.spamcop.net \  
-s pbl.spamhaus.org \  
-s sbl.spamhaus.org \  
-s xbl.spamhaus.org \  
-s ubl.unsubscore.com \  
-s dnsbl-1.uceprotect.net \  
-s dnsbl-2.uceprotect.net \  
-s dnsbl-3.uceprotect.net \  
-s db.wpbl.info \  
-s access.redhawk.org \  
-s blacklist.sci.kun.nl \  
-s bl.technovision.dk \  
-s dnsbl.kempt.net \  
-s dnsbl.solid.net \  
-s dul.ru \  
-s forbidden.icm.edu.pl \  
-s hil.habeas.com \  
-s rbl.schulte.org \  
-s sbl-xbl.spamhaus.org

It is stating that the -s is missing.

dbodky · February 7, 2022, 10:42am

Hey!

From what I’m seeing here in your config as well as your screenshot, you are defining the argument -s to take the value of the macro $rbl_server$ , yet never assign this macro any value. I haven’ t taken a second look at the check-plugin you’re trying to execute yet, but from what I gather, --extra-opts takes a list of hosts and passes them on internally, just as -s would do if provided.

My suggestion would be to do the following:

Create a custom variable in your Director called rbl_server, with data type Array
Define a field using this custom variable in your Director definition of the Email Blacklist check command from your screenshot (it should get suggested automatically since you defined a matching argument in your check_command definition already)
Fill in all the servers from check_rbl.ini into this data field
Remove the --extra-opts... part from your check command, as you are now directly passing all servers to the check_plugin via -s

I hope this is comprehensive, feel free to ask questions if not.

Best,
Daniel

ottonaut · February 8, 2022, 9:23am

I have not created a custom variable before and the documentation of handling them [here] seems to be currently missing.
I created a data field called rbl_server is that the correct way?
After that I added this variable to the field option under my Email Blacklist (now just called Email) but now I’m stuck on step 3 with filling all the servers in.

This is my data field rbl_server:

And this is how I set it to the Email-Command:

Can you please elaborate how I can add the servers to the data-field?

Thank you very much in advance

dbodky · February 8, 2022, 9:42am

Hey,

so far this looks good! The final step would be to add the data - after adding the field like you did in your last screenshot, go back to the Command tab of the same view (the one where you defined the name and used check_plugin for your command).

You should see a new field there in the Custom Properties section called CheckServers - add all servers you wish to blacklist into this field, as separate entries and you’re good to go.

Best,
Daniel