bundles/postfix: use dig in check_spam_blocklist instead of a python library

The library isn't available as a debian package, so we would have to manually install that every time the python package updates its minor version number.
2021-05-29 09:28:05 +02:00 · 2021-05-29 09:28:05 +02:00 · 6b90d568cf
commit 6b90d568cf
parent d756e3daf8
3 changed files with 12 additions and 16 deletions
--- a/bundles/postfix/files/check_spam_blocklist
+++ b/bundles/postfix/files/check_spam_blocklist
@ -2,10 +2,9 @@

 from concurrent.futures import ThreadPoolExecutor, as_completed
 from ipaddress import ip_address, IPv6Address
+from subprocess import check_output
 from sys import argv, exit

-from dns.exception import Timeout
-from dns.resolver import Resolver, NoAnswer, NXDOMAIN, NoNameservers


 BLOCKLISTS = [
@ -33,10 +32,6 @@ BLOCKLISTS = [
 ]

 def check_list(ip_list, blocklist):
-    resolver = Resolver()
-    resolver.timeout = 5
-    resolver.lifetime = 5
-
    dns_name = '{}.{}'.format(
        '.'.join(ip_list),
        blocklist,
@ -46,7 +41,13 @@ def check_list(ip_list, blocklist):
    msgs = []

    try:
-        result = resolver.query(dns_name)
+        result = check_output([
+            'dig',
+            '+tries=2',
+            '+time=5',
+            '+short',
+            dns_name
+        ]).decode().splitlines()
        for item in result:
            msgs.append('{} listed in {} as {}'.format(
                ip,
@ -54,10 +55,11 @@ def check_list(ip_list, blocklist):
                item,
            ))
            returncode = 2
-    except (NoAnswer, NXDOMAIN, NoNameservers, Timeout):
-        # Probably fine
-        pass
    except Exception as e:
+        if e.returncode == 9:
+            # no reply from server
+            pass
+
        return [repr(e)], 3

    return msgs, returncode