# http://www.natur.cuni.cz/~mmokrejs/procmail/relaying.rc written by Martin Mokrejs version 1.0
#
# This recipe tries to automatically respond to returned email messages which have been rejected
#  with message Relaying denied. This often happens as sysadmins have no clue what relaying is
#  and what action they have to take to make sure all backup mail servers for a given domain really
#  do allow relaying messages.
#
# So, what often happens is that some sysadmin disable relaying for all domains except their own
#  but completely ignore/forget the fact that their SMTP machine is an MX backup server for another
#  domain.
#
# Or alternatively some sysadmins just put an MX record for their machines/domain pointing
#  to some SMTP server in another domain without talking to the remote admins first (who have to enable
#  the relaying for the domain).
#
# See also http://www.natur.cuni.cz/~mmokrejs/sendmail for more details on this.
#
# Test this recipe with `procmail -m relaying.rc < mail.txt' command!
# and set the following four testing variables. Disable them for regular use!
# There are few more lines commented out now which were prepared for debugging of the below code,
# go and uncomment them too!
# LOGABSTRACT=yes
# VERBOSE=yes
# DEFAULT=$HOME/relaying.mbox
# LOGFILE=$HOME/relaying.log
#
#

#    ----- Transcript of session follows -----
# ... while talking to rommel.atlas.cz.:
# >>> DATA
# <<< 550 5.1.1 Mailbox <kropacekjan@atlas.cz> does not exist
# 550 5.1.1 <kropacekjan@atlas.cz>... User unknown
# <<< 550 5.1.1 Mailbox <mikon@atlas.cz> does not exist
# 550 5.1.1 <mikon@atlas.cz>... User unknown
# <mahy13@centrum.cz>,<lyzbicki@centrum.cz>,<andulkak@centrum.cz>,<divisr@centrum.cz>... Deferred
# ... while talking to mspool.gts.cz.:
# >>> DATA
# <<< 550 5.7.1 <Tomas.Karc@passerinvest.cz>... Relaying denied
# 550 5.1.1 <Tomas.Karc@passerinvest.cz>... User unknown
# <<< 503 5.0.0 Need RCPT (recipient)

#   ----- Transcript of session follows -----
# ... while talking to mail2.cscnet.cz.:
# >>> RCPT To:<radim.scudla@jmpbrno.cz>
# <<< 550 5.7.1 <radim.scudla@jmpbrno.cz>... Relaying denied
# 550 5.1.1 <radim.scudla@jmpbrno.cz>... User unknown

#   ----- Transcript of session follows -----
#... while talking to mail.avi.cz.:
#>>> RCPT To:<BLECHA@egu-prg.cz>
#<<< 550 Relaying is prohibited
#550 5.1.1 <BLECHA@egu-prg.cz>... User unknown

#   ----- The following addresses had permanent fatal errors -----
#<kadourek@vema.cz>
#    (reason: 550 5.7.1 Unable to relay for kadourek@vema.cz)
#<babak@vema.cz>
#    (reason: 550 5.7.1 Unable to relay for babak@vema.cz)
#
#   ----- Transcript of session follows -----
#... while talking to mailpalac.vema.cz.:
#>>> RCPT To:<babak@vema.cz>
#<<< 550 5.7.1 Unable to relay for babak@vema.cz
#550 5.1.1 <babak@vema.cz>... User unknown
#>>> RCPT To:<kadourek@vema.cz>
#<<< 550 5.7.1 Unable to relay for kadourek@vema.cz
#550 5.1.1 <kadourek@vema.cz>... User unknown

#    ----- The following addresses had permanent fatal errors -----
# <k.plechackova@sh.cvut.cz>
#     (reason: 553 <k.plechackova@sh.cvut.cz>... Unknown address on Silicon Hill.)
# <Michal.Benes@sh.cvut.cz>
#     (reason: 553 <Michal.Benes@sh.cvut.cz>... Unknown address on Silicon Hill.)
#
#    ----- Transcript of session follows -----
# ... while talking to cache.sh.cvut.cz.:
# >>> RCPT To:<Michal.Benes@sh.cvut.cz>
# <<< 553 <Michal.Benes@sh.cvut.cz>... Unknown address on Silicon Hill.
# 550 5.1.1 <Michal.Benes@sh.cvut.cz>... User unknown
# >>> RCPT To:<k.plechackova@sh.cvut.cz>
# <<< 553 <k.plechackova@sh.cvut.cz>... Unknown address on Silicon Hill.
# 550 5.1.1 <k.plechackova@sh.cvut.cz>... User unknown

#
#  ----- The following addresses had permanent fatal errors -----
# <tbelz@email.cz>
#    (reason: 552 User quota exceeded.)
#
#   ----- Transcript of session follows -----
# ... while talking to tajfun.atc.cz.:
# >>> RCPT To:<tbelz@email.cz>
# <<< 552 User quota exceeded.
# 554 5.0.0 <tbelz@email.cz>... Service unavailable
# 

# Hi. This is the qmail-send program at email.seznam.cz.
# I'm afraid I wasn't able to deliver your message to the following addresses.
# This is a permanent error; I've given up. Sorry it didn't work out.
# 
# <Luci-CIA@t-zone.cz>:
# 62.141.0.125 does not like recipient.
# Remote host said: 550 Relaying not allowed
# Giving up on 62.141.0.125.
# 
# --- Below this line is a copy of the message.

:0B
* ! ^Berte to prosim jako upozorneni na chybu v konfiguraci at jiz vaseho SMTP serveru nebo
* ! ^X-Loop: mmokrejs+relaying error for
{
  :0B
  * 1^0 550.*Relaying
  * 1^0 550 5.7.1 Unable to relay
  {

    # disable these three lines while debugging
    LOGFILE=$HOME/tmp/.relaying.log
    VERBOSE=no
    LOGABSTRACT=no

    # match only the closest "while talking to" and "Relaying denied" section
    :0B
    * ^\.\.\. while talking to \/[^ 	][a-zA-Z\.]+:$\>\>\> DATA$.*550.*Relaying denied$
    * $MATCH ?? ^^\/.*[^(.:)]+
    { MXHOSTNAME = $MATCH
    LOG = "Misused host is $MATCH .
" }

    # exctract the domainname misusing MXHOSTNAME and a backup MX host
    :0B
    * ^\.\.\. while talking to [a-zA-Z\.]+:$\>\>\> DATA$.*550.*@\/[^@].*Relaying denied$
    * $MATCH ?? ^^\/[^\>]+
    { DOMENA = $MATCH
    LOG = "The host is misused by $DOMENA domain.
" }

    # exctract the email address of the innocent user
    :0B
    * ^\.\.\. while talking to [a-zA-Z\.]+:$\>\>\> DATA$.*550.+<\/[^<].*Relaying denied$
    * $MATCH ?? ^^\/[^\>]+
    { ADRESA = $MATCH
    LOG = "The email should have been delivered to $ADRESA but $MXHOSTNAME prevents relaying for $DOMENA while being delegated as it's MX server.
" }

    :0
    * MXHOSTNAME ?? ^^be-exchange.yourdoctor.com^^
    /dev/null

    :0
    * DOMENA ?? ^^catcha.com.my^^
    /dev/null

    :0
    * MXHOSTNAME ?? ^^catcha.com.my^^
    /dev/null

    :0fbwi
# #   | ( cat $HOME/etc/procmail/relaying.txt; cat - )
    | ( /usr/bin/echo "Vas server $MXHOSTNAME je asi MX server pro domenu $DOMENA," ; \
      echo "ale asi nepovoluje relaying pro domeny, pro nez je MX zalohou - coz je asi chyba." ; \
      echo "Berte to prosim jako upozorneni na chybu v konfiguraci at jiz vaseho SMTP serveru nebo DNS pro domenu $DOMENA." ; \
      echo "Pripadne viz http://www.natur.cuni.cz/~mmokrejs/sendmail/ a " ; \
      echo "http://www.natur.cuni.cz/~mmokrejs/procmail/" ; \
      echo "S pozdravem. Martin Mokrejs" ; \
      echo "" ; \
      echo "" ; \
      echo "Your server $MXHOSTNAME is possibly an MX server for domain $DOMENA" ; \
      echo "It seems your server $MXHOSTNAME does NOT allow relaying for domain $DOMENA" ; \
      echo "although $MXHOSTNAME is an MX backup server for domain $DOMENA" ; \
      echo "Please use command \"dig -t mx $DOMENA\" to see the current status" ; \
      echo "and either fix your mailserver configuration at $MXHOSTNAME or talk" ; \
      echo "to the administratrors of a domain $DOMENA \"dig -t soa $DOMENA\"" ; \
      echo "This message was automatically generated. For more details see" ; \
      echo "http://www.natur.cuni.cz/~mmokrejs/procmail/relaying.rc" ; \
      echo "http://www.natur.cuni.cz/~mmokrejs/sendmail" ; \
      echo "Best regards, Martin Mokrejs" ; \
      cat - )

    # uncomment these lines for debugging
    #:0:
    #$HOME/relaying_reply.mbox

    :0 b
    | ( formail -I "Subject: Forbidden relaying for $DOMENA. The undelivered email was sent originally to $ADRESA" -I "To: postmaster@$MXHOSTNAME" -I "From: Martin Mokrejs <mmokrejs@natur.cuni.cz>" -I "X-Loop: mmokrejs+relaying error for $DOMENA at $MXHOSTNAME - mail was to user $ADRESA" | $SENDMAIL -oi -t )

  }

}