On 4/1/2016 11:16 AM, Rob McKennon wrote:
On 04/01/2016 11:01 AM, Vladislav Kurz wrote:
On Friday 01 of April 2016 Rob McKennon <rmcken...@monetra.com> wrote:
Hello,
One of the reasons we use clamav is to not accept emails with
credit
card numbers. And it works great to bounce the message back to the
sender. However, according to PCI, sending the original message back
with the same credit card numbers they sent us, is just as bad as them
sending it to us in the first place.
Is there a way to tell clamav to send the bounce message with the
"INFECTED: Heuristics.Structured.CreditCardNumber" data, but NOT
include
the original email?
Hi,
this is not setting of clamav itself. It should be configurable in
SMTP server
or its antivirus interface like Amavis. Clamav just decides if the
file is
infected or not. It is the SMTP server that decides what is sent back.
Ah, ok.
Thank you for pointing me in the right direction!
On the other hand, you shouldn't be sending bounce messages at all
(assuming you are using the correct terminology). It is much better to
reject unwanted emails.
Bounce - Your MTA accepts the message, determines that it's not wanted,
and sends a message back to the sender.
Reject - Your MTA determines that the message is not wanted before
accepting it from the sending server and returns an error to the sending
server. It is then up to the sending server to determine what to do
with the message.
Once your MTA accepts the message, you have no reliable information
about the sender of the message. Any bounce message you send is not
guaranteed to go back to the real sender of the message. This can turn
your server into a source of bounceback spam. It is much better to
simply reject the message and let the sender deal with it. Legitimate
messages will still have a bounce message sent from the sending server
and you don't have to worry about your server sending a pile of bounce
messages to an innocent third party whose email address is being used by
a spambot.
--
Bowie
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml