# $DUH: connect_dnsbl_ip,v 1.8 2002/12/16 22:23:41 tv Exp $
#
# Copyright (c) 2002 Todd Vierling <tv@pobox.com> <tv@duh.org>.
# All rights reserved.
# Please see the COPYRIGHT file, part of the PMilter distribution,
# for full copyright and license terms.

##### connect_dnsbl_ip #####
#
# Checks the IPv4 address of the connecting host against a DNSBL.

use Carp;
use PMilter::DNSBL::List;
use PMilter::Modules;
use UNIVERSAL;

my $dnsbl = PMilter::DNSBL::List->new(shift @_)->
	setdefault(shift_errmsg(@_, 'IP address %1 listed in %2'));
my $tempfailmsg = shift @_ || 'Could not lookup address %1 in list %2';
my $filter = shift @_;

confess 'filter sub is not a CODE reference' unless (!$filter || UNIVERSAL::isa($filter, 'CODE'));

+{
	connect => sub {
		my $ctx = shift;
		my $addr = $ctx->getaddress || return SMFIS_ACCEPT;

		my $rv = $dnsbl->query(join('.', reverse(split(/\./, $addr))));

		# filter subroutine
		$rv = &$filter($ctx, $rv) if $filter;

		return SMFIS_ACCEPT unless $rv;

		my $err = $rv->[0] ? "554 $rv->[2]" : "451 $tempfailmsg";
		$err =~ s/%1/$addr/g;
		$err =~ s/%2/$rv->[1]/g;

		return $ctx->reject($err);
	}
};
