use Socket;
sub filter_relay ($$$) {

	my ($hostip, $hostname, $helo) = @_;

#        md_syslog('debug', "RELAY: <$hostip> <$hostname> <$helo>");
	my $addr = '';
	my $network_string = '';
	my $mask_string = '';

	# List networks that should be exempt from all filtering by
	# putting their network/mask pairs into the exempt_subnets
	# associative array.  (Follow the example for the loopback.)

	my %exempt_subnets = (
	'127.0.0.0',		'255.0.0.0',	# loopback
	'192.168.254.0',	'255.255.255.0'	# my internal net
	);

	# Relays
	@trusted = ("relay.org", "another-relay.com");
	for $host (@trusted) {
		return ('ACCEPT_AND_NO_MORE_FILTERING', 'ok') 
						if ($host =~ /$helo/i);
	}

	# If the address of the connecting client falls within one of
	# the subnets defined by %exempt_subnets, then bypass all
	# further filtering.

	$addr = inet_aton $hostip;
	while (($network_string, $mask_string) = each %exempt_subnets) {
		my $network = inet_aton $network_string;
		my $mask = inet_aton $mask_string;
		if (($addr & $mask) eq $network) {
			return ('ACCEPT_AND_NO_MORE_FILTERING', 'ok');
		}
	}

	# The client isn't in an exempt subnet; filtering should
	# continue.
	return ('CONTINUE', 'ok');
}