final_virus_destiny D_REJECT
Rob McKennon
rmckennon at monetra.com
Fri Apr 1 20:35:06 CEST 2016
Hello,
We are setting up Amavis and Clamav to detect credit cards coming into
our email, and it's working. However, it's returning the original email
to the sender, which also contains the credit card numbers. Receiving
the credit card numbers is bad enough, sending them back out again
violates PCI. Is there a way to reject the email without returning the
original email content? Below is a returned email with test numbers as
an example.
Thank you,
Rob McKennon
The mail system
<xxxxxxxxxx <mailto:rob at payscience.com>>: host 127.0.0.1[127.0.0.1]
said: 554 5.7.0 Reject, id=06026-19 - INFECTED:
Heuristics.Structured.CreditCardNumber (in reply to end of DATA command)
Final-Recipient: rfc822;xxxxxxxxxxxxx<mailto:rob at payscience.com>
Original-Recipient: xxxxxxxxxxxxxx <mailto:rfc822%3Brob at payscience.com>
Action: failed
Status: 5.7.0
Remote-MTA: dns; 127.0.0.1
Diagnostic-Code: smtp; 554 5.7.0 Reject, id=06026-19 - INFECTED:
Heuristics.Structured.CreditCardNumber
---------- Forwarded message ----------
From: xxxxxxxxxxxxxxxxxxxx
To: xxxxxxxxxxxxxxxxxxxxxx
Cc:
Date: Fri, 1 Apr 2016 10:12:42 -0400
Subject: test cc
4111 1111 1111 1111 Exp: 04/17
4012 8888 8888 1881 Exp: 04/17
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20160401/a4cf621e/attachment.html>
More information about the amavis-users
mailing list