Claim rule to block outlook client access for external users

I am looking to create a claim rule in ADFS 2.0 to prevent full-client access for MS Outlook from anyone outside our network. I have one written that successfully blocks it, but it also blocks full client Lync, which we want to allow. This is what I've come up with so far. Any ideas? Thanks.
 

exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"(\bxxx\.xxx\.([0-9]|[0-9][0-9]|[0-9][0-9][0-9])\.([0-9]|[0-9][0-9]|[0-9][0-9][0-9])\b)|\b192\.168\.26\.10\b"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/ls/"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.Autodiscover"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.ActiveSync"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");