#!/usr/bin/perl -w
#
# $Id: //websites/unixwiz/newroot/techtips/postfix-exchange/parse-exchange-users.txt#3 $
#
# written by :  Stephen J Friedl
#               Software Consultant
#               Tustin, California USA
#		steve@unixwiz.net / www.unxiwiz.net
#
#	================================================================
#	This program is part of a Tech Tip on setting up relay from a
#	Postfix system into MS Exchange. The entire Tech Tip can be
#	found at http://www.unixwiz.net/techtips/postfix-exchange-relay.html
#	================================================================
#
#
#	This program reads the exported file created by MS Exchange from
#	the standard input and creates the "relay_recipients" file as
#	used by Postfix. It strips off any email addresses that are not
#	SMTP (X.400 and CCMail, for instance), converts everything to lower
#	case, and writes the results in
#
#		steve@unixwiz.net	OK
#		postmaster@unixwiz.net	OK
#		...
#
#	format.
#
#	In the absent of any other command-line options, there is a one-for
#	one mapping of input address to those written to the output (though
#	duplicates are always suppressed). But this may not be the exact list
#	of recipients to allow relay for: we may need to actively exclude some
#	'sensitive' addresses, as well as add a few that we couldn't get
#	Exchange to export for whatever reason. These are both specified
#	with the --include=FILE and --exclude=FILE options.
#
#	Both take the names of files that contain lines of email addresses,
#	and they are added to the master list being created. Any users in
#	the "--exclude=FILE" list are guaranteed to be excluded even if
#	that same username appears in an --include list. This is a failsafe.
#
#	Adding --domain=D (perhaps multiple times) adds an extra check to
#	all the generated email addresses: addresses that don't have one of
#	these as their entire domain part are excluded.

use strict;

my %RESULT  = ();

my $excludefile = undef;
my $includefile = undef;
my %DOMAINS     = ();

foreach ( @ARGV )
{
	if ( m/^--help/i )
	{
		print STDERR <<EOF;
usage: $0 [options] --exclude=FILE 

  --help        show this brief help listing
  --exclude=F   read excludable addresses from file F
  --include=F   read included addresses from file F
  --domain=D    Add D to the list of valid local domains
EOF
		exit 1;
	}
	elsif ( m/^--domain=(.+)$/i )
	{
		$DOMAINS{lc $1} = 1;
	}
	elsif ( m/^--exclude=(.+)$/i )
	{
		$excludefile = $1;
	}
	elsif ( m/^--include=(.+)$/i )
	{
		$includefile = $1;
	}
	else
	{
		die "ERROR: {$_} is an unknown cmdline param (try --help)\n";
	}
}

process_namefile($excludefile, 'NO')		if $excludefile;
process_namefile($includefile, 'OK')		if $includefile;

while ( <STDIN> )
{
	s/\s+$//;

	my($objclass,
	   $emailaddresslist,
	   $secaddresslist) = split( m/\t/, lc $_);

	my @ADDRESSES = ();

	push @ADDRESSES, split( m/%/, $emailaddresslist )	if $emailaddresslist;
	push @ADDRESSES, split( m/%/, $secaddresslist   )	if $secaddresslist;

	foreach my $addr ( @ADDRESSES )
	{
		
		# --------------------------------------------------------
		# find and strip off leading SMTP token: this excludes the
		# X.400 crap.
		#
		next unless $addr =~ s/^smtp://;

		# --------------------------------------------------------
		# Have we defined any "valid domains"? If so, make sure we
		# have one.
		#
		if ( %DOMAINS )
		{
			( my $dom = $addr ) =~ s/.*\@//;

			next unless $DOMAINS{$dom};
		}

		# --------------------------------------------------------
		# CUSTOM PROCESSING
		#
		# Many times the "rules" for excluding an address are easier
		# put in code than they are in the list. Add yours here.
		#

#		next if $addr =~ m/\@ntserver\./;

		# --------------------------------------------------------
		# If this is already defined in the table, don't overwrite
		# it with the current OK. This way any "NO" entries are
		# not changed to "OK".
		#
	
		next if defined $RESULT{$addr};

		$RESULT{$addr} = 'OK';
	}
}

print <<EOF;
#
# DO NOT EDIT THIS FILE!
#
# It was created programmatically with the $0 command based on input
# from the Exchange user directory. Changes made here will be LOST.
#

EOF

#
# run through the list of all addresses alphabetically and write
# them to the output place. Note that even *excluded* addressed
# are written with a comment to let the reader know that the address
# was not forgotten.
#
foreach my $addr ( sort keys %RESULT )
{
	my $val = $RESULT{$addr};

	my $line = "";

	$line .= "# "	if $val ne 'OK';

	$line .= $addr;

	my $l = length $line;

	$line .= "\t"		if $l < 16;
	$line .= "\t"		if $l < 24;
	$line .= "\t"		if $l < 32;

	print "$line\t$val\n";
}

#
# process_namefile
#
#	This subroutine reads a list of email addresses and stores each one in
#	the global %RESULT hash. The value stored there is the second parameter:
#	either OK or NO
#

sub process_namefile {
	my $fn   = shift;
	my $resp = shift;

	open(F, $fn ) or die "ERROR: cannot read {$fn}\n";

	while ( <F> )
	{
		# ignore all comments and blank lines
		s/#.*$//;			# dump comments
		s/\s+$//;			# dump trailing white
		next if length == 0;

		my $addr = lc $_;

		$RESULT{$addr} = $resp;
	}
	close F;
}