A Zabbix template which uses UserParameters to check the status of every local IP address on a Linux machine.

It features a Low Level Discovery rule for the IP address of the server which generates a set of items and triggers that check the following DNSBL services:

• cbl.abuseat.org
• ips.backscatterer.org
• b.barracudacentral.org
• dnsbl.sorbs.net
• bl.spamcop.net
• zen.spamhaus

• Create a value mapping (Administration → General → Value mapping) with the following information:
  • Name: Blacklist listing status
  • Mappings:
    • 0 : Not listed
    • 1: Listed
• Install the .xml template using the GUI (Configuration → Templates → Import).
• Add the templates to the hosts you want monitored.

• Create the directory /etc/zabbix/bin.
• Copy both rbl_listips.sh and rbl_check.sh files to your /etc/zabbix/bin directory.
• Copy the file userparameter_blacklist.conf to your Zabbix agent configuration directory (normally /etc/zabbix/zabbix_agentd.d/).
• Restart your zabbix-agent service.

Some DNSBL services might require registration or payment to use their services.

Take that into consideration if you plan on using this service on a high number of servers.

This template is loosely based on Martin Mørch's "Automatically check DNS Blackhole Lists (DNSBL)".

I created a new templates because Martin's uses external scripts to check the hostname of a remote system on the different DNSBL services and I needed to check every IP on a mail server with multiple network interfaces.

Héctor Luaces Novo <hector |at| luaces-novo |dot| es>