# 2006-11-09 <pille@struction.de>
# these rules check for headers placed by exim

header		EXIM_SENDER_VERIFY_FAILED	X-Sender-Verify =~ /FAILED/
describe 	EXIM_SENDER_VERIFY_FAILED	Sender Address does not accept mail
score		EXIM_SENDER_VERIFY_FAILED	2.0

header		EXIM_SENDER_VERIFY_SUCCEEDED	X-Sender-Verify =~ /SUCCEEDED/
describe 	EXIM_SENDER_VERIFY_SUCCEEDED	Sender Address accepts mail
score		EXIM_SENDER_VERIFY_SUCCEEDED	-0.1

#header		EXIM_SENDER_VERIFY_HEADER	exists:X-Sender-Verify
#describe 	EXIM_SENDER_VERIFY_HEADER	header Sender Verify exists
#score		EXIM_SENDER_VERIFY_HEADER	0.1


header		__EXIM_AUTH1			exists:X-Authenticated-User
header		__EXIM_AUTH2			exists:X-Authenticator
meta		EXIM_AUTH			__EXIM_AUTH1 && __EXIM_AUTH2
describe 	EXIM_AUTH			Sender is authenticated
score		EXIM_AUTH			-4.0


header		__EXIM_HELO_MISSING		X-Invalid-HELO =~ /no HELO/
header		__EXIM_HELO_NO_FQDN		X-Invalid-HELO =~ /HELO is no FQDN/
meta		EXIM_HELO_MISSING		__EXIM_HELO_MISSING
describe 	EXIM_HELO_MISSING		(E)HELO is missing
score		EXIM_HELO_MISSING		0.1

# as exim identifies no FQDN by using "negative hits", we have to ensure, a helo was issued
meta		EXIM_HELO_NO_FQDN		__EXIM_HELO_NO_FQDN && !__EXIM_HELO_MISSING
describe 	EXIM_HELO_NO_FQDN		(E)HELO is no Fully Qualified Domain Name
score		EXIM_HELO_NO_FQDN		1.5

header		EXIM_HELO_IP			X-Invalid-HELO =~ /HELO is IP only/
describe 	EXIM_HELO_IP			(E)HELO is IP only (not in brackets)
score		EXIM_HELO_IP			1.0

header		EXIM_HELO_IMPERSONTING		X-Invalid-HELO =~ /Host impersonating /
describe 	EXIM_HELO_IMPERSONTING		(E)HELO is impersonating our mailserver
score		EXIM_HELO_IMPERSONTING		4.0

header		EXIM_HELO_MY_ADDRESS		X-Invalid-HELO =~ /is _my_ address/
describe 	EXIM_HELO_MY_ADDRESS		(E)HELO using mailserver's address
score		EXIM_HELO_MY_ADDRESS		4.0