final_virus_destiny D_REJECT

lists at mbchandler.net lists at mbchandler.net
Fri Apr 1 21:51:06 CEST 2016


On 2016-04-01 1:35 pm, Rob McKennon wrote:
> Hello,
> 
> We are setting up Amavis and Clamav to detect credit cards coming into
> our email, and it's working.  However, it's returning the original
> email to the sender, which also contains the credit card numbers.
> Receiving the credit card numbers is bad enough, sending them back out
> again violates PCI. Is there a way to reject the email without
> returning the original email content?  Below is a returned email with
> test numbers as an example.
> 
> Thank you,
> 
> Rob McKennon
> 
>                   The mail system
> 
> <xxxxxxxxxx>: host 127.0.0.1[127.0.0.1] said: 554 5.7.0 Reject,
> id=06026-19 - INFECTED: Heuristics.Structured.CreditCardNumber (in
> reply to end of DATA command)
> 
> Final-Recipient: rfc822;xxxxxxxxxxxxx
> Original-Recipient: xxxxxxxxxxxxxx
> Action: failed
> Status: 5.7.0
> Remote-MTA: dns; 127.0.0.1
> Diagnostic-Code: smtp; 554 5.7.0 Reject, id=06026-19 - INFECTED:
> Heuristics.Structured.CreditCardNumber

I removed your test numbers since anyone with DLP turned on might not 
get the email.



I'm using the following which just discards the message: 
$final_virus_destiny      = D_DISCARD;

But it would be nice to be able to strip out the CC or SSN numbers and 
send the message on to the recipient.


More information about the amavis-users mailing list