Office 365 FOPE and Credit Card Rules

 

Whilst working with a customer here in the UK on their O365 project, they asked about using Forefront Online Protection for Exchange (FOPE) (the version that comes with O365) how to setup rules to block credit cards details. There are various rues you can configure, Basic or RegEx, more details can be found here.

We setup up the following rules also using this site:-

The credit card format is like this 1234-1234-1234-1234, so we set up rues to cover various scenarios, such as:-

Credit Card Format

FOPE Rule

1234-1234-1234-1234

\d\d\d\d\-\d\d\d\d\-\d\d\d\d\-\d\d\d\d

1234 1234 1234 1234

\d\d\d\d\s\d\d\d\d\s\d\d\d\d\s\d\d\d\d

1234123412341234

\d\d\d\d\d\d\d\d\d\d\d\d\d\d\d\d

The top 2 rules for example can be added into a single rule, as shown below and in the screenshot

\d\d\d\d\s\d\d\d\d\s\d\d\d\d\s\d\d\d\d|\d\d\d\d\-\d\d\d\d\-\d\d\d\d\-\d\d\d\d

To configure and create new rules, follow the steps below:-

1. Login to FOPE admin center - https://Admin.messaging.microsoft.com (also as a side note, this is the site to access quarantine messages - https://Admin.messaging.microsoft.com, but also note that global admins can’t manage quarantine by default - https://support.microsoft.com/kb/2587698)

clip_image001

2. Select Administration

3. Policy Rules

4. New Policy Rule, on the right hand side under Tasks

5. Then configure the rule accordingly, so in this example we using body to match the rule

clip_image002

Since we are in the UK we are not worried about social security numbers, but we did add in American Express (Amex) formats too, as show below:-

Credit Card Format

FOPE Rule

1234 123456 12345

\d\d\d\d\s\d\d\d\d\d\d\s\d\d\d\d\d

1234-123456-12345

\d\d\d\d\-\d\d\d\d\d\d\-\d\d\d\d\d

123412345612345

\d\d\d\d\d\d\d\d\d\d\d\d\d\d\d

Written by Daniel Kenyon-Smith