Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Blocking webmail access?
- Thread starter inetd
- Start date
ericbrunson
Technical User
In order for squid to block the site, all web traffic must be funnelled through squid and blocked otherwise. If not, you can just list hotmail in the list of servers not to use a proxy for.
A port filter to the offending machine on your router would probably be more effective if you're not already using squid.
- Thread starter
- #5
I need to block all the webmail access not the IMAP. So I can't just use iptables to complete my task since I can't get the all the webmail ip from the internet.
I need to block webmail not IMAP. Although most of the webmail use IMAP to connect to their server, they use IMAP locally and just dump the result page to us.
Are there any content filtering firewall?
Thanks.
I need to block webmail not IMAP. Although most of the webmail use IMAP to connect to their server, they use IMAP locally and just dump the result page to us.
Are there any content filtering firewall?
Thanks.
Ok sorry I was thinking inside-out there, so your clients (inside your) office Intranet are accessing port 80 to an external webmail service? so "same tact different port" .....
If your gateway server is a Linux server then a simple iptables firewall will be a solution, blocking port 80 & 443 (maybe) "to the domain" somewhere.com from inside IP's, otherwise take a look at something like this was just one of the results from Google but worth a look.
Good Luck
Laurie.
If your gateway server is a Linux server then a simple iptables firewall will be a solution, blocking port 80 & 443 (maybe) "to the domain" somewhere.com from inside IP's, otherwise take a look at something like this was just one of the results from Google but worth a look.
Good Luck
Laurie.
the iptables rule would be in (pseudocode, not literally)
if proto=tcp port=80 source=0.0.0.0 dest=webmail.ip.address -J DROP
if proto=tcp port=80 source=0.0.0.0 dest=webmail.ip.address -J DROP
- Thread starter
- #8
Well, thanks first.
I know that I can block the address of an webmail by using iptables if I know the webmail address. However my main problem is that there are lots of webmail in the internet. It is impossible to get all of the ip addresses and block them by iptables. Also, if the webmail ip address is the same as its main web ipaddress, blocking the webmail ip will also block the user to access the web on that site.
Using the iptables, that means if an new webmail website is up, I must know it's ip so that I can add a rule. However how can I know the webmail web is up. It is impossible to monitor the internet. Right?
I would like to know that how the internet firewall do that automatically.
Thanks.
I know that I can block the address of an webmail by using iptables if I know the webmail address. However my main problem is that there are lots of webmail in the internet. It is impossible to get all of the ip addresses and block them by iptables. Also, if the webmail ip address is the same as its main web ipaddress, blocking the webmail ip will also block the user to access the web on that site.
Using the iptables, that means if an new webmail website is up, I must know it's ip so that I can add a rule. However how can I know the webmail web is up. It is impossible to monitor the internet. Right?
I would like to know that how the internet firewall do that automatically.
Thanks.
Let me understand, you want to block access to EXTERNAL webmail hosts? Those are on HTTP/TCP port 80. So are Yahoo.com, Amazon.com, CNN.com,etc.
To my knowledge, without specifying site names or IP addresses you cannot magically block traffic to "webmail" sites. After all, they're just websites.
Have I missed something in your objectives?
To my knowledge, without specifying site names or IP addresses you cannot magically block traffic to "webmail" sites. After all, they're just websites.
Have I missed something in your objectives?
I think some of the subscription services, like Websense and N2H2, have a category for webmail. That's going to be your best option.
Your second-best one might be squid and regex's. Block things like:
.*mail\.com
/.*mail/
https?://mail
etc. Not perfect, but you get the idea. The first one blocks for example.
Your second-best one might be squid and regex's. Block things like:
.*mail\.com
/.*mail/
https?://mail
etc. Not perfect, but you get the idea. The first one blocks for example.
- Status
Similar threads
- Locked
- Question