#!/usr/bin/env perl # # SPDX-FileCopyrightText: 2026 Graeme Walker # SPDX-License-Identifier: FSFAP # # Copyright (c) 2026 Graeme Walker # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright # notice and this notice are preserved. This file is offered as-is, # without any warranty. # === # # emailrelay-check-address-domains.pl # # An example E-MailRelay filter script that checks the # envelope-from address and all the envelope-to recipient # addresses against a hard-coded allow-list. # use strict ; use warnings ; use IO::File ; $SIG{__DIE__} = sub { (my $e = join(" ",@_)) =~ s/\n/ /g ; print "<>\n<>\n" ; exit 99 } ; # list of allowed domains... my @allow = qw( books.example.com xn--bcher-kva.example.de ) ; # read the envelope file my $envelope = $ARGV[1] or die "usage error\n" ; my $fh = new IO::File( $envelope ) or die "cannot open envelope file: $!\n" ; my $txt ; { local $/ = undef ; $txt = <$fh> ; } my @denied = () ; # check the envelope 'from' address { my ( $address_from ) = ( $txt =~ m/X-MailRelay-From:\s*(\S*)/m ) ; push @denied , $address_from if !allow_address($address_from) ; } # check the envelope 'to' addresses { my @address_to = () ; map { my $line = $_ ; my ( $a ) = ( $line =~ m/^X-MailRelay-To-[^:]*:\s*(\S*)/ ) ; push @denied , $a if ( defined($a) && !allow_address($a) ) ; } split( /\r\n/ , $txt ) ; } # return the result if( scalar(@denied) ) { print "<>\n" ; print "<<" , join(",",@denied) , ">>\n" ; exit( 1 ) ; } else { exit( 0 ) ; } # sub allow_address { my ( $address ) = @_ ; my ( $domain ) = ( $address =~ m/@(.*)/ ) ; $domain ||= "" ; return grep { m/^\Q$domain\E$/i } @allow ; }