On 2016-04-01 1:35 pm, Rob McKennon wrote:
Hello,We are setting up Amavis and Clamav to detect credit cards coming into our email, and it's working. However, it's returning the original email to the sender, which also contains the credit card numbers. Receiving the credit card numbers is bad enough, sending them back out again violates PCI. Is there a way to reject the email without returning the original email content? Below is a returned email with test numbers as an example. Thank you, Rob McKennon The mail system <xxxxxxxxxx>: host 127.0.0.1[127.0.0.1] said: 554 5.7.0 Reject, id=06026-19 - INFECTED: Heuristics.Structured.CreditCardNumber (in reply to end of DATA command) Final-Recipient: rfc822;xxxxxxxxxxxxx Original-Recipient: xxxxxxxxxxxxxx Action: failed Status: 5.7.0 Remote-MTA: dns; 127.0.0.1 Diagnostic-Code: smtp; 554 5.7.0 Reject, id=06026-19 - INFECTED: Heuristics.Structured.CreditCardNumber
I removed your test numbers since anyone with DLP turned on might not get the email.
I'm using the following which just discards the message: $final_virus_destiny = D_DISCARD;
But it would be nice to be able to strip out the CC or SSN numbers and send the message on to the recipient.
