#!/bin/sh
# getwhite: Retrieve whitelists into a file and load into pf
######################################################################

PATH=/sbin:/bin:/usr/sbin:/usr/bin
WHITELIST=/etc/spamd/white

umask 037

rm -f ${WHITELIST}.new

if [ -f ${WHITELIST}.top ]
then
	cat ${WHITELIST}.top > ${WHITELIST}.new
fi

######################################################################
# White list section. This is where we add the different whitelists  #
# to the file.                                                       #
######################################################################

# Add Google and Hotmail SPF records (for hotmail/gmail etc)

for DOM in _netblocks.google.com spf-{a,b,c,d}.hotmail.com \
    facebook.com
do
	host -t TXT ${DOM} | tr ' ' \\n | grep ^ip4 | \
		cut -f2 -d':' >> $WHITELIST.new
done

# NLWhilelist, see http://noc.bit.nl/dnsbl/nlwhitelist for more info

dig -t AXFR nlwhitelist.dnsbl.bit.nl @nsauth1.bit.nl | \
	awk -F. '/600 IN A/ { if ( $5 == "nlwhitelist" ) \
		{ print $4"."$3"."$2"."$1 } }' >> ${WHITELIST}.new

######################################################################

if cmp -s ${WHITELIST} ${WHITELIST}.new 
then
	rm ${WHITELIST}.new
else
	if pfctl -t self-white -T replace -f ${WHITELIST}.new
	then
		cp ${WHITELIST} ${WHITELIST}.prev
		mv ${WHITELIST}.new ${WHITELIST}
		diff -u ${WHITELIST}.prev ${WHITELIST} | grep ^[+-]\ 
	else
		echo Error loading new whitelists, please investigate
	fi
fi