### acl/40_exim4-config_check_data
#################################

acl_check_data:
  deny
    message = Message headers fail syntax check
    !acl = acl_whitelist_local_deny
    !verify = header_syntax


  # require that there is a verifiable sender address in at least
  # one of the "Sender:", "Reply-To:", or "From:" header lines.
  .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
  deny
    message = No verifiable sender address in message headers
    !acl = acl_whitelist_local_deny
    !verify = header_sender
  .endif


  # This hook allows you to hook in your own ACLs without having to
  # modify this file. If you do it like we suggest, you'll end up with
  # a small performance penalty since there is an additional file being
  # accessed. This doesn't happen if you leave the macro unset.
  .ifdef CHECK_DATA_LOCAL_ACL_FILE
  .include CHECK_DATA_LOCAL_ACL_FILE
  .endif

   # Reject messages that have serious MIME errors.
   # This calls the demime condition again, but it
   # will return cached results.
   deny message = Serious MIME defect detected ($demime_reason)
   demime = *
   condition = ${if >{$demime_errorlevel}{2}{1}{0}}
   
   #
   # Reject file extensions used by worms.
   #
   deny message = This domain has a policy of not accepting certain types \
                  of attachments in mail as they may contain a virus.  \
		  \
		  This mail has a file with a .$found_extension attachment and \
		  is not accepted. \
		  \
		  If you have a legitimate need to send this attachment, send it \
		  in a compressed archive, and it will then be forwarded to the \
		  recipient.
   demime = vbs:bat:pif:scr
   .ifdef TEERGRUBE
      delay = TEERGRUBE
   .endif
   
   # Reject messages containing malware.
   deny message = This message contains a virus ($malware_name) and has been rejected
   malware = *

  # accept otherwise
  accept