# check_goodrcptto - bounce protection during a random joe-job attack
# Frank Johnson <ratty at they dot org>
# much code reused from check_badrcptto

# this plugin checks the goodrcptto config
# If you're getting joe-jobbed and have a limited list of valid aliases for your domain, this will kick out all the bad bounces.
# This is only a stop-gap measure and shouln't be used full-time.

# config lines resemble:
# example.com:user1:user2:user3:user4 

# domains not listed pass right thru (DECLINED)
# user1@example.com would also pass thru (DECLINED)
# aiugakhbf@example.com would be kicked out pre-DATA. (DENY)

sub register {
	my ($self, $qp) = @_;
	$self->register_hook("rcpt", "check_for_goodrcptto");
}

sub check_for_goodrcptto {
	my ($self, $transaction, $recipient) = @_;
	my @goodrcptto = $self->qp->config("goodrcptto") or return (DECLINED);
	return (DECLINED) unless $recipient->host && $recipient->user;

	my ($line,@goodnames);
	my ($h) = $recipient->host;
	my ($u) = $recipient->user;

	foreach $line (@goodrcptto)
	{
		$line = lc($line);
		next if ($line !~ /^$h:/);
		@goodnames = split(/:/,$line);
		shift @goodnames;
		last;
	}

# XXX This line may be overkill.
	return (DECLINED) if (! $goodnames[0] || $goodnames[0] eq '');
	return (DECLINED) if (grep(/^$u$/,@goodnames));
	return (DENY, "mail to $u not accepted here");
}