Add GeoIP region filtering middleware

Add access-control feature to payjoin-mailroom providing IP-based
region filtering via axum middleware. Requests from blocked ISO
country codes are rejected at the network layer. A free DB-IP Lite
database is fetched automatically when no explicit path is configured.

Author: DanGould

Cargo-minimal.lock

@@ -1413,9 +1413,9 @@ dependencies = [
 
 [[package]]
 name = "flate2"
-version = "1.0.33"
+version = "1.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "324a1be68054ef05ad64b861cc9eaf1d623d2d8cb25b4bf2cb9cdd902b4bf253"
+checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c"
 dependencies = [
  "crc32fast",
  "miniz_oxide",
@@ -2090,6 +2090,12 @@ version = "2.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "187674a687eed5fe42285b40c6291f9a01517d415fad1c3cbc6a9f778af7fcd4"
 
+[[package]]
+name = "ipnetwork"
+version = "0.21.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf370abdafd54d13e54a620e8c3e1145f28e46cc9d704bc6d94414559df41763"
+
 [[package]]
 name = "iri-string"
 version = "0.7.8"
@@ -2280,6 +2286,19 @@ version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
 
+[[package]]
+name = "maxminddb"
+version = "0.27.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76371bd37ce742f8954daabd0fde7f1594ee43ac2200e20c003ba5c3d65e2192"
+dependencies = [
+ "ipnetwork",
+ "log",
+ "memchr",
+ "serde",
+ "thiserror 2.0.17",
+]
+
 [[package]]
 name = "memchr"
 version = "2.7.4"
@@ -2311,11 +2330,12 @@ dependencies = [
 
 [[package]]
 name = "miniz_oxide"
-version = "0.8.0"
+version = "0.8.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
 dependencies = [
  "adler2",
+ "simd-adler32",
 ]
 
 [[package]]
@@ -2777,6 +2797,8 @@ dependencies = [
  "axum-server",
  "clap",
  "config",
+ "flate2",
+ "maxminddb",
  "ohttp-relay",
  "opentelemetry",
  "opentelemetry-otlp",
@@ -3822,6 +3844,12 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "simd-adler32"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e320a6c5ad31d271ad523dcf3ad13e2767ad8b1cb8f047f75a8aeaf8da139da2"
+
 [[package]]
 name = "similar"
 version = "2.7.0"

Cargo-recent.lock

@@ -1413,9 +1413,9 @@ dependencies = [
 
 [[package]]
 name = "flate2"
-version = "1.0.33"
+version = "1.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "324a1be68054ef05ad64b861cc9eaf1d623d2d8cb25b4bf2cb9cdd902b4bf253"
+checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c"
 dependencies = [
  "crc32fast",
  "miniz_oxide",
@@ -2090,6 +2090,12 @@ version = "2.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "187674a687eed5fe42285b40c6291f9a01517d415fad1c3cbc6a9f778af7fcd4"
 
+[[package]]
+name = "ipnetwork"
+version = "0.21.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf370abdafd54d13e54a620e8c3e1145f28e46cc9d704bc6d94414559df41763"
+
 [[package]]
 name = "iri-string"
 version = "0.7.8"
@@ -2280,6 +2286,19 @@ version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
 
+[[package]]
+name = "maxminddb"
+version = "0.27.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76371bd37ce742f8954daabd0fde7f1594ee43ac2200e20c003ba5c3d65e2192"
+dependencies = [
+ "ipnetwork",
+ "log",
+ "memchr",
+ "serde",
+ "thiserror 2.0.17",
+]
+
 [[package]]
 name = "memchr"
 version = "2.7.4"
@@ -2311,11 +2330,12 @@ dependencies = [
 
 [[package]]
 name = "miniz_oxide"
-version = "0.8.0"
+version = "0.8.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
 dependencies = [
  "adler2",
+ "simd-adler32",
 ]
 
 [[package]]
@@ -2777,6 +2797,8 @@ dependencies = [
  "axum-server",
  "clap",
  "config",
+ "flate2",
+ "maxminddb",
  "ohttp-relay",
  "opentelemetry",
  "opentelemetry-otlp",
@@ -3822,6 +3844,12 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "simd-adler32"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e320a6c5ad31d271ad523dcf3ad13e2767ad8b1cb8f047f75a8aeaf8da139da2"
+
 [[package]]
 name = "similar"
 version = "2.7.0"

flake.nix

@@ -85,6 +85,7 @@
           filter =
             path: type:
             (builtins.match ".*nginx.conf.template$" path != null)
+            || (builtins.match ".*\\.mmdb$" path != null)
             || (craneLibVersions.msrv.filterCargoSources path type);
           name = "source";
         };
@@ -162,7 +163,7 @@
               "payjoin-cli" = "--features v1,v2";
               "payjoin-directory" = "";
               "ohttp-relay" = "";
-              "payjoin-mailroom" = "--features acme,telemetry";
+              "payjoin-mailroom" = "--features access-control,acme,telemetry";
             };
 
         # nix2container for building OCI/Docker images

payjoin-mailroom/Cargo.toml

@@ -22,6 +22,7 @@ acme = [
   "dep:rustls",
   "dep:tokio-stream",
 ]
+access-control = ["dep:flate2", "dep:maxminddb", "dep:reqwest"]
 telemetry = ["dep:opentelemetry-otlp"]
 
 [dependencies]
@@ -32,6 +33,8 @@ axum-server = { version = "0.8", features = [
 ], optional = true }
 clap = { version = "4.5", features = ["derive", "env"] }
 config = "0.15"
+flate2 = { version = "1.1", optional = true }
+maxminddb = { version = "0.27", optional = true }
 ohttp-relay = { path = "../ohttp-relay", features = ["bootstrap"] }
 opentelemetry = "0.31"
 opentelemetry-otlp = { version = "0.31", optional = true, features = [
@@ -40,6 +43,9 @@ opentelemetry-otlp = { version = "0.31", optional = true, features = [
 opentelemetry_sdk = "0.31"
 payjoin-directory = { path = "../payjoin-directory" }
 rand = "0.8"
+reqwest = { version = "0.12", default-features = false, features = [
+  "rustls-tls",
+], optional = true }
 rustls = { version = "0.23", default-features = false, features = [
   "ring",
 ], optional = true }

payjoin-mailroom/config.example.toml

@@ -0,0 +1,35 @@
+# Payjoin Mailroom configuration example
+#
+# Configuration can also be set via environment variables with the `PJ_`
+# prefix.  Nested values use double underscores as separators, e.g.
+# PJ_ACCESS_CONTROL__BLOCKED_REGIONS=CU,IR,KP,SY
+
+# Address and port to listen on
+# listener = "[::]:8080"
+
+# Directory for persistent storage (OHTTP keys, caches, etc.)
+# storage_dir = "./data"
+
+# Request timeout in seconds
+# timeout = 30
+
+# --- Access-control (requires `access-control` feature) ---
+# [access_control]
+
+# Optional path to a MaxMind GeoIP2 / DB-IP Country database.
+# If omitted but blocked_regions is non-empty, a free DB-IP Lite
+# database will be fetched automatically and cached under storage_dir.
+# geo_db_path = "/path/to/GeoIP2-Country.mmdb"
+
+# ISO 3166-1 alpha-2 country codes whose requests should be blocked.
+# blocked_regions = ["CU", "IR", "KP", "SY"]
+
+# Path to a local file containing blocked Bitcoin addresses (one per line).
+# Used for V1 PSBT screening.
+# blocked_addresses_path = "/path/to/blocked_addresses.txt"
+
+# URL to periodically fetch an updated blocked-address list from.
+# blocked_addresses_url = "https://example.com/blocked_addresses.txt"
+
+# How often (in seconds) to refresh the remote address list (default: 86400).
+# blocked_addresses_refresh_secs = 86400