feat(policy): inbound whitelist + subject-regex filter

2026-06-21 23:49:04 +01:00
parent 4d6ac3e7c6
commit b9d0b57f84
2 changed files with 72 additions and 0 deletions
@@ -0,0 +1,29 @@
+package policy
+
+import "regexp"
+
+// InboundRule captures one account's read-side filtering.
+type InboundRule struct {
+	WhitelistInEnabled bool
+	WhitelistIn        []string
+	SubjectRegex       *regexp.Regexp // nil = no subject filter
+}
+
+// CompileSubject compiles a subject filter; empty pattern => (nil, nil).
+func CompileSubject(pattern string) (*regexp.Regexp, error) {
+	if pattern == "" {
+		return nil, nil
+	}
+	return regexp.Compile(pattern)
+}
+
+// Allows reports whether a message with the given sender and subject is visible.
+func (r InboundRule) Allows(from, subject string) bool {
+	if r.WhitelistInEnabled && !MatchAddress(r.WhitelistIn, from) {
+		return false
+	}
+	if r.SubjectRegex != nil && !r.SubjectRegex.MatchString(subject) {
+		return false
+	}
+	return true
+}