Re: Denying attachments for web based email

Wed, 09 Aug 2000 03:44:06 -0700 


I think the confusion here is that this e-mail is not coming into yer
network in the questioners case, nor is it going out 'your' network.  It
is going out from the hotmail and yahoo sites.  The user allowed to go to
hotmail and yahoo to play with 'their' e-mail account is not subject to
the rules of your system once you allow them to go play on either or both
of those sites, yes?

Unless I totally misread the question originally asked...

Thanks,

Ron Dufresne

On Tue, 8 Aug 2000, Marko Vukovic' wrote:

> Looking at my squid proxy logs when I attempt to attach something to a mail
> using Yahoo, I see the following:
> 
> 965733836.623   5759 192.168.1.16 TCP_MISS/200 3980 GET  
>http://us.f1.mail.yahoo.com/ym/Attachments? - TIMEOUT_DIRECT/us.f1.mail.yahoo.com 
>text/html
> 
> here are some extracts from a firewall's logs:
> 
> Aug  8 13:23:56 citadel cdsgw[18327]: http: exit host=____.cequrux.com/xx.xx.xx.xx 
>dest=web121.yahoomail.com/205.180.60.129:80 user=unknown group=unknown in=3936 
>out=1016 time=3 cmd=GET 
>arg=/ym/Attachments?YY=44753&File0Data=&File1Data=&File2Data=: FIN ACK from client 
>host
> Aug  8 13:24:28 citadel cdsgw[18327]: http: exit host=____.cequrux.com/xx.xx.xx.xx 
>dest=web122.yahoomail.com/205.180.60.57:80 user=unknown group=unknown in=4702 
>out=16891 time=8 cmd=POST arg=/ym/Attachments?YY=47520: FIN ACK from client host
> 
> Similarly for Hotmail:
> ----------------------
> 965734443.557   8805 192.168.1.16 TCP_MISS/200 10299 POST 
>http://lw8fd.law8.hotmail.msn.com/cgi-bin/doattach - 
>DIRECT/lw8fd.law8.hotmail.msn.com text/html
> 
> Aug  8 13:34:03 citadel cdsgw[18327]: http: exit host=____.cequrux.com/xx.xx.xx.xx 
>dest=www.law8.hotmail.com/216.33.240.250:80 user=unknown group=unknown in=10236 
>out=16639 time=9 cmd=POST arg=/cgi-bin/doattach: FIN ACK from client host
> Aug  8 13:34:35 citadel cdsgw[18327]: http: exit host=____.cequrux.com/xx.xx.xx.xx 
>dest=www.law8.hotmail.com/216.33.240.250:80 user=unknown group=unknown in=14803 
>out=2477 time=7 cmd=POST arg=/cgi-bin/doattach: FIN ACK from client host
> 
> Does this help you out? It should be as simple as blocking those URLs.
> 
> -- 
> Marko Vukovic'                  E-mail: [EMAIL PROTECTED]
> Technical Support,              WWW:    http://www.cequrux.com
> CEQURUX Technologies            Phone:  +27(21)423-6065
> Firewalls/VPN Specialists       Fax:    +27(21)424-3656
> 
> mouss wrote:
> > 
> > why can't he?
> > how excatly web based mail works?
> > does it use "multipart" stuff?
> > anyway, there are proxies that filter content...
> > 
> > regards,
> > mouss
> > 
> > At 12:42 07/08/00 -0400, Chris Francosky wrote:
> > >You can't unless you restrict their access to the specific sites.  hotmail
> > >and yahoo both use http to communicate with the client.
> > >I thought you meant you had activated Web services for Exchange or
> > >Groupwise or something.
> > 
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> 
> 
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to