final_virus_destiny D_REJECT

lists at lists at
Fri Apr 1 21:51:06 CEST 2016

On 2016-04-01 1:35 pm, Rob McKennon wrote:
> Hello,
> We are setting up Amavis and Clamav to detect credit cards coming into
> our email, and it's working.  However, it's returning the original
> email to the sender, which also contains the credit card numbers.
> Receiving the credit card numbers is bad enough, sending them back out
> again violates PCI. Is there a way to reject the email without
> returning the original email content?  Below is a returned email with
> test numbers as an example.
> Thank you,
> Rob McKennon
>                   The mail system
> <xxxxxxxxxx>: host[] said: 554 5.7.0 Reject,
> id=06026-19 - INFECTED: Heuristics.Structured.CreditCardNumber (in
> reply to end of DATA command)
> Final-Recipient: rfc822;xxxxxxxxxxxxx
> Original-Recipient: xxxxxxxxxxxxxx
> Action: failed
> Status: 5.7.0
> Remote-MTA: dns;
> Diagnostic-Code: smtp; 554 5.7.0 Reject, id=06026-19 - INFECTED:
> Heuristics.Structured.CreditCardNumber

I removed your test numbers since anyone with DLP turned on might not 
get the email.

I'm using the following which just discards the message: 
$final_virus_destiny      = D_DISCARD;

But it would be nice to be able to strip out the CC or SSN numbers and 
send the message on to the recipient.

More information about the amavis-users mailing list