A client of PEI’s asked if Microsoft Exchange could block outbound emails that included Social Security numbers. We built a transport rule for emails sent to users ‘Outside the Organization’ where the Subject field or message body matches a text pattern of ‘ddd-dd-dddd(s|$)’. If the rule is triggered, then the message is rejected with notification to the sender.
The text pattern will look for a string of numbers in the format xxx-xx-xxxx. If the string of numbers deviates from this pattern then the rule will not be triggered – even if there are additional numbers at the end.
The rule can also be created from the Exchange Management Shell with the following command: New-TransportRule SSN –SentToScope NotInOrganization –SubjectOrBodyMatchesPatterns “ddd-dd-dddd(s|$)” –RejectMessageEnhancedStatusCode 5.7.1 –RejectMessageReasonText “Enter Rejection Message”
Putting this type of transport rule in place will require Exchange 2007 SP1 with Rollup 10 or newer.
Jacob Eker, PEI