46 lines
1.8 KiB
CFEngine3
46 lines
1.8 KiB
CFEngine3
# 2006-11-09 <pille@struction.de>
|
|
# these rules check for headers placed by exim
|
|
|
|
header EXIM_SENDER_VERIFY_FAILED X-Sender-Verify =~ /FAILED/
|
|
describe EXIM_SENDER_VERIFY_FAILED Sender Address does not accept mail
|
|
score EXIM_SENDER_VERIFY_FAILED 2.0
|
|
|
|
header EXIM_SENDER_VERIFY_SUCCEEDED X-Sender-Verify =~ /SUCCEEDED/
|
|
describe EXIM_SENDER_VERIFY_SUCCEEDED Sender Address accepts mail
|
|
score EXIM_SENDER_VERIFY_SUCCEEDED -0.1
|
|
|
|
#header EXIM_SENDER_VERIFY_HEADER exists:X-Sender-Verify
|
|
#describe EXIM_SENDER_VERIFY_HEADER header Sender Verify exists
|
|
#score EXIM_SENDER_VERIFY_HEADER 0.1
|
|
|
|
|
|
header __EXIM_AUTH1 exists:X-Authenticated-User
|
|
header __EXIM_AUTH2 exists:X-Authenticator
|
|
meta EXIM_AUTH __EXIM_AUTH1 && __EXIM_AUTH2
|
|
describe EXIM_AUTH Sender is authenticated
|
|
score EXIM_AUTH -4.0
|
|
|
|
|
|
header __EXIM_HELO_MISSING X-Invalid-HELO =~ /no HELO/
|
|
header __EXIM_HELO_NO_FQDN X-Invalid-HELO =~ /HELO is no FQDN/
|
|
meta EXIM_HELO_MISSING __EXIM_HELO_MISSING
|
|
describe EXIM_HELO_MISSING (E)HELO is missing
|
|
score EXIM_HELO_MISSING 0.1
|
|
|
|
# as exim identifies no FQDN by using "negative hits", we have to ensure, a helo was issued
|
|
meta EXIM_HELO_NO_FQDN __EXIM_HELO_NO_FQDN && !__EXIM_HELO_MISSING
|
|
describe EXIM_HELO_NO_FQDN (E)HELO is no Fully Qualified Domain Name
|
|
score EXIM_HELO_NO_FQDN 1.5
|
|
|
|
header EXIM_HELO_IP X-Invalid-HELO =~ /HELO is IP only/
|
|
describe EXIM_HELO_IP (E)HELO is IP only (not in brackets)
|
|
score EXIM_HELO_IP 1.0
|
|
|
|
header EXIM_HELO_IMPERSONTING X-Invalid-HELO =~ /Host impersonating /
|
|
describe EXIM_HELO_IMPERSONTING (E)HELO is impersonating our mailserver
|
|
score EXIM_HELO_IMPERSONTING 4.0
|
|
|
|
header EXIM_HELO_MY_ADDRESS X-Invalid-HELO =~ /is _my_ address/
|
|
describe EXIM_HELO_MY_ADDRESS (E)HELO using mailserver's address
|
|
score EXIM_HELO_MY_ADDRESS 4.0
|