=pod

=head1 SYNOPSIS

This plugin checks the norelayclients config file to see if 
relaying is denied.

This allows specific clients, such as the gateway, to be denied 
relaying, even though they would be allowed relaying by the 
relayclients file.

=head1 CONFIG

config/norelayclients

Each line is:
- a full IP address
- partial IP address terminated by a dot for matching whole networks
  e.g. 192.168.42.

=head1 BUGS AND LIMITATIONS

This plugin does not have a more_norelayclients map equivalent
of the more_relayclients map of the check_relay plugin.

=head1 AUTHOR

Based on check_relay plugin from the qpsmtpd distribution.

Copyright 2005 Gordon Rowell <gordonr@gormand.com.au>

This software is free software and may be distributed under the same
terms as qpsmtpd itself.

=cut

sub hook_connect {
  my ($self, $transaction) = @_;
  my $connection = $self->qp->connection;

  # Check if this IP is not allowed to relay
  my @no_relay_clients = $self->qp->config("norelayclients");
  my %no_relay_clients = map { $_ => 1 } @no_relay_clients;
  my $client_ip = $self->qp->connection->remote_ip;
  while ($client_ip) {
    if ( exists($no_relay_clients{$client_ip}) )
    {
      $connection->relay_client(0);
      delete $ENV{RELAYCLIENT};
      $self->log(LOGNOTICE, "check_norelay: $client_ip denied relaying");
      last;
    }
    $client_ip =~ s/\d+\.?$//; # strip off another 8 bits
  }
  
  return (DECLINED);
}