On 08/05/2010 10:47 AM, Matthew Kitchin (public/usenet) wrote:
Hello all. I have been a loyal users for years, but have never had to
do much more than make a few custom rules. I work for a healthcare
company, and I have been asked to implement a mechanism to search for
patient names in outgoing emails an bounce them back to the sender if
one is identified.
We would search for them in the format "John Smith" and "Smith, John".
We would like to bounce them back to the sender (that would be within
our company) with a custom notice indicating what they should do to
properly send the email.
My typical setups are Postfix ->amavisd->SA
In this case, the setup doesn't exist yet, because I'm just exploring
the feasibility of doing it. I would run the latest Versions of
CentOS 64 Bit, Postfix, Amavisd, and SA.
It would be great if it could search attachments too, but I could
probably get by with just looking at the body. Of course, the emails
will be HTML and RTF too. They originate in and Outlook/Exchange
environment.
Is this a realistic setup?
Spamassassin can't handle this - it has no capability to reject mail,
however you need to think - are you going to have a database of patients
names, or is your intention to block anything with a "Name"? Are you
really going to want to manage a databse of every name out there? If so,
what happens when someone e-mails "I watched a presentation from Bill
Gates on...." Well, that's a name, right?
So let's take the alternative - you have a database of just custom names
(of your patients). Whos job is it to maintain that? And what happens
if, again, in the above situation, a patient has the same name as say a
celebrity or even worse, say a doctor? Let's say there's a world famous
doctor James Bond. But James Bond (different person) is a patient. One
of your staf members e-mails "We need to go see the conference Dr. James
Bond is putting on". Bounced.
While it's a great idea in theory (IMHO), it's going to be a headache.
One company I worked at a while ago implemented a web filter. The IT guy
implemented it, then went to lunch. Unless a site was allowed, it was
blocked. We very quickly realized that while he added say
www.yahoo.com, http://mail.yahoo.com was blocked. So he added
*.yahoo.com . But then we found out that there were a dozen other
DOMAINS needed too - one by one. Say yahoomail.com yahoohosting.com ,
etc. His first few days were spent whitelisting site after site after site.
Eventuallly, they gave up on the idea.
