Skip to main content

Using Microsoft Exchange to Block Social Security Numbers from Being Sent Out

By April 30, 2014August 5th, 2022Best Practices, Blog, Exchange, Hot Technology Topics

A client of PEI’s asked if Microsoft Exchange could block outbound emails that included Social Security numbers. We built a transport rule for emails sent to users ‘Outside the Organization’ where the Subject field or message body matches a text pattern of ‘ddd-dd-dddd(s|$)’. If the rule is triggered, then the message is rejected with notification to the sender.

The text pattern will look for a string of numbers in the format xxx-xx-xxxx. If the string of numbers deviates from this pattern then the rule will not be triggered – even if there are additional numbers at the end.

The rule can also be created from the Exchange Management Shell with the following command: New-TransportRule SSN –SentToScope NotInOrganization –SubjectOrBodyMatchesPatterns “ddd-dd-dddd(s|$)” –RejectMessageEnhancedStatusCode 5.7.1 –RejectMessageReasonText “Enter Rejection Message”

Putting this type of transport rule in place will require Exchange 2007 SP1 with Rollup 10 or newer.

Jacob Eker, PEI


Leave a Reply