add rule for rogue "strongmail" MTA

1 files changed, 9 insertions, 1 deletions

diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index 5658608fb..a7300e2b8 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -589,11 +589,19 @@ reconf['YANDEX_RU_MAILER'] = {
 -- Detect 1C v8.2 and v8.3 mailers
 reconf['MAILER_1C_8'] = {
     re = 'X-Mailer=/^1C:Enterprise 8\\.[23]$/H',
-    score = 0,
+    score = 0.0,
     description = 'Sent with 1C:Enterprise 8',
     group = 'header'
 }
 
+-- Detect rogue 'strongmail' MTA with IPv4 and '(-)' in Received line
+reconf['STRONGMAIL'] = {
+    re = [[Received=/^from\s+strongmail\s+\(\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\]\) by \S+ \(-\); /mH]],
+    score = 6.0,
+    description = 'Sent via rogue "strongmail" MTA',
+    group = 'header'
+}
+
 -- Two received headers with ip addresses
 local double_ip_spam_1 = 'Received=/from \\[\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\] by \\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3} with/H'
 local double_ip_spam_2 = 'Received=/from\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\s+by\\s+\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3};/H'