Redacting details from ticket emails?

Hi all

I’ve noticed a feature we’ve come to rely on in Eventum, our old support
system, that I can’t seem to find in RT. It must’ve come up for people
here so I’m wondering how you handle it.

Sometimes customers send passwords and other details in by email. We
don’t want those floating around unencrypted in our database history, so
we usually redact them from the email or delete the whole email from the
ticket history via the web UI.

There doesn’t appear to be a facility for doing this in RT’s UI. Will I
need to write an extension for this? Seems like it going by:

http://www.gossamer-threads.com/lists/rt/users/99401
http://www.gossamer-threads.com/lists/rt/devel/79279

but the latter includes a hint on how to go about it. If I get the
chance to turn this into a nice extension with overlay I’ll publish it
and reply here.

BTW, is there an RT Essentials update coming for RT4?

Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

I’ve noticed a feature we’ve come to rely on in Eventum, our old support
system, that I can’t seem to find in RT. It must’ve come up for people
here so I’m wondering how you handle it.

Sometimes customers send passwords and other details in by email. We
don’t want those floating around unencrypted in our database history, so
we usually redact them from the email or delete the whole email from the
ticket history via the web UI.

There doesn’t appear to be a facility for doing this in RT’s UI. Will I
need to write an extension for this? Seems like it going by:

http://www.gossamer-threads.com/lists/rt/users/99401
http://www.gossamer-threads.com/lists/rt/devel/79279

but the latter includes a hint on how to go about it. If I get the
chance to turn this into a nice extension with overlay I’ll publish it
and reply here.

The shredder doesn’t quite fit your use case, but it’s a starting point;
in RT 4 there is a basic Web UI for it (it’s not integrated with the
normal part of the user interface, so there’s probably room for an
extension which doesn’t need you to manually type in the relevant transaction
IDs.

And the shredder will need superuser access too. I guess you’d want to
be pretty careful about who you let erase data from the database in this
way, so depending on your organisation this may or may not be an issue.

http://bestpractical.com/rt/docs/4.0/RT/Shredder.html
http://bestpractical.com/rt/docs/4.0/rt-shredder.html

Dominic Hargreaves, Systems Development and Support Section
IT Services, University of Oxford

signature.asc (198 Bytes)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1On 02/28/2013 06:20 PM, Dominic Hargreaves wrote:

And the shredder will need superuser access too. I guess you’d want to
be pretty careful about who you let erase data from the database in this
way, so depending on your organisation this may or may not be an issue.

Using the shredder makes sense, at least when total removal rather than
redaction is required. It’ll do until I find time to write an extension
that replaces the email content with [message ID [x] redacted for client
security] and possibly record a PGP-encrypted version.

Thanks for the tip. I hadn’t realised the shredder could operate on
individual transactions not just whole tickets.


Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRLzWqAAoJELBXNkqjr+S2QuUH+wQWY3XrCKHJJMUoGbiXCAP9
Nb4szaEYMgJnJvVdFZIEP/UdtaKx9nprY7UzLlXeVveOm7mYCqQiusqrxXOLfS2Q
Gm1ErpNC86f6deQRjMCQgq4xblm21WhIMxOjGwvCHfbWtGc+44X3GhAQMQ8tqvL1
XUWqWWgUlqPVjbWRHhUwprkv1Hz9lZqDNyOG+lKyG6FlTgjbDJ5TCqDmCjKIhxIm
2+XGazSOdVmLAYJurOGkGGZ2XL3ZaQEWtFeqh5+Jlk4cbzN/fKzyWp9j/g22tCy0
mfsN0RONEwG4jWRqAFSl1/WZwqAqJ3UYE2FlSEqNm8Cv9NsyXXpQVDndZgdG0wg=
=X1ry
-----END PGP SIGNATURE-----

Hi all

I’ve noticed a feature we’ve come to rely on in Eventum, our old support system, that I can’t seem to find in RT. It must’ve come up for people here so I’m wondering how you handle it.

Sometimes customers send passwords and other details in by email. We don’t want those floating around unencrypted in our database history, so we usually redact them from the email or delete the whole email from the ticket history via the web UI.

Admins can use the Shredder functionality to remove transactions which contain the offending password. There’s not facility to redact the message itself, as far as I know, but you can remove the message.

There doesn’t appear to be a facility for doing this in RT’s UI.

There is, but it’s only accessible to those with the RT SuperUser right; for fairly obvious reasons it’s not exposed to ordinary users (or even privileged users).

Shredder also has a command line interface.

Regards,

Tim

The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.

Dnia 2013-02-28, czw o godzinie 18:47 +0800, Craig Ringer pisze:> On 02/28/2013 06:20 PM, Dominic Hargreaves wrote:

And the shredder will need superuser access too. I guess you’d want to
be pretty careful about who you let erase data from the database in this
way, so depending on your organisation this may or may not be an issue.

Using the shredder makes sense, at least when total removal rather than
redaction is required. It’ll do until I find time to write an extension
that replaces the email content with [message ID [x] redacted for client
security] and possibly record a PGP-encrypted version.

Thanks for the tip. I hadn’t realised the shredder could operate on
individual transactions not just whole tickets.

We’re using a simple (postgresql) query like this:

[SQL] update attachments set content=(select regexp_replace((select
content from attachments where transactionid=TRANSACTIONID and
contenttype=‘text/plain’),‘PASSWORD’,‘REDACTED’,‘g’)) where
transactionid=TRANSACTIONID and contenttype=‘text/plain’;

Also you should check, if there isn’t a ‘text/html’ attachment alongside
’text/plain’ in the same transaction and redact it as well if it exists.

Regards,
Robert Wysocki
administrator systemów linuksowych, dba
Grupa Unity | ul. Przedmiejska 6-10, 54-201 Wrocław
ul. Conrada 55B, 31-357 Kraków | ul. Złota 59, 00-120 Warszawa

Any progress on this? This would be very useful and is found in other ticketing systems (like Zendesk).