I would like to delete a Cc address if this address is the same that the
RT queue response mail address.
We are running RT 3.8.11 (update to RT 4.2.x is currently not an option)
I need that because the email domain given to a customer to create a
ticket is different from the one set in RT. We made a forward from this
email address to RT one but when a mail is sent and the ticket created,
RT add the email as Cc of the ticket.
We are running RT 3.8.11 (update to RT 4.2.x is currently not an option)
Your RT instance contains arbitrary remote execution of code, session
fixation and hijacking, XSS injection, SQL injection, and weak
password hashing that allows trivial reconstruction of passwords from
said SQL injection.
Whatever your reasons are for 4.2 being “not an option,” you should at very least upgrade to 3.8.17, which resolves the worst of those. It
will still, of course, be unsupported, and vulnerable to other
vulnerabilities (including CVE-2014-9472, a denial-of-service via RT’s
email gateway, as well as CVE-2015-1165 and CVE-2015-1464, which allow
for information disclosure and session hijacking via RT’s RSS feeds)
but will be slightly less exploitable.