open/check-email-cert.sh at master · KarmaComputing/open · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#!/bin/bash

EMAIL_DOMAINS=("email.karmacomputing.co.uk" "email.subscribie.co.uk")
RESULTS=()

for DOMAIN in "${EMAIL_DOMAINS[@]}"; do
   #timeout --preserve-status 2 openssl s_client -connect "$DOMAIN":25 -starttls smtp | tee out | grep 'certificate has expired' > /dev/null
   timeout --preserve-status 2 openssl s_client -connect "$DOMAIN":25 -starttls smtp 2>&1 | tee out

   STATUS="OK"

   # Grep for connect error
   grep 'connect:errno' out
   RET=$?

   if [ $RET -eq 0 ]; then
     STATUS="CONNECT_ERROR"
   fi

   # Grep for certificate has expired
   grep 'certificate has expired' out
   RET=$?
   if [ $RET -eq 0 ]; then
     STATUS="EXPIRED"
   fi


   # Store results as JSON-friendly array elements
   RESULTS+=("[\"$DOMAIN\", \"$STATUS\"]")
done

# Convert array to a JSON-compatible format and pass it to jq
jq -n --argjson data "[$(IFS=,; echo "${RESULTS[*]}")]" '
  $data | map({email_domain: .[0], email_cert_expiration_status: .[1]})
' | tee certs.json