c27 28
# IO::Stringy, Socket, Net::CIDR.  Before using this script, search
# for CONFIGURABLE SETTINGS and configure them appropriately for your
# site.
.
a80
# Whitelist any IP addresses or ranges from this filter
our @whitelist = ("127.0.0.1");

.
a199
use Socket;
use Net::CIDR;
.
a212
 'connect' => \&my_connect_callback,
.
a235
# convert whitelist into CIDR notation
our @cidr_list = ();
foreach my $IP (@whitelist) {
  if (not eval {@cidr_list = Net::CIDR::cidradd ($IP, @cidr_list)}) {
    &die("Error processing whitelist: \"$IP\" is not a valid IP address or range.");
  }
}

.
a264
sub my_connect_callback {
    my $ctx = shift; # milter context object
    my $hostname = shift;       # The connection's host name.
    my $sockaddr_in = shift;    # AF_INET portion of the host address, from getpeername(2) syscall
    my ($port,$ipaddr) = Socket::unpack_sockaddr_in($sockaddr_in) or &die("Could not unpack socket address: $!");
    $ipaddr = Socket::inet_ntoa($ipaddr); # translates it into a standard IPv4 address

    &debuglog("my_connect_callback: entering with hostname=$hostname, ipaddr=$ipaddr, port=$port");

    # check if the connecting server is listed in the whitelist
    if (scalar @whitelist)
    {
        if (eval {Net::CIDR::cidrlookup($ipaddr, @cidr_list)}) {
          syslog('info', '%s', "$ipaddr is in the whitelist, so this email is being accepted unfiltered.");
          $ctx -> setpriv(undef);
          return SMFIS_ACCEPT;
        }
        #else { syslog('info', '%s', "$ipaddr is not in the whitelist"); }
    }

    $ctx->setpriv(undef);
    &debuglog("my_connect_callback: return CONTINUE with undef");
    return SMFIS_CONTINUE;
}

.