We currently have openfire deployed in our company.
As part of PCI certification, we had the need to filter CC#'s out of all IM messages.
I wrote a quick plugin to do this (based very closely on the content filter plugin).
If there is any interest, I could post the plugin for all to enjoy.
Does anyone else have a need for this type of plug in?
Here are the basic differences between this and the content filter (or reasons why I didn’t just use the content filter).
- The CC #'s are more than just a reg-exp. There is an additional checksum calculation to ensure it’s a CC #.
- Masking. I made the masking a more like what you would get on a receipt (leave the last 4 #'s)
- Different audience. The notification’s are identical to the content filter, but in our environment, who should get notified of PCI violations is different than who should get notified of “content violations”
- Pre-defined reg-exp/Card types. By hard coding the reg-exp there is no chance for a mess up. Also The filter allows you to select which card type (Visa, MC, AmEx) you want to filter on.
There are probably some other differences, but that’s all I can think of for now.