I think that blocking the Webmail sites works if the users are going directly to them. You still need to look at blocking sites like SafeWeb and all of the 'Triangle Boy' Servers that they offer as well.
Maybe the ideal solution is to handle it with policy and recourse. Best of Luck Tim.... > Hi Chris, > > You should be able to find some information from www.phoneboy.com The steps > are for CheckPoint but it should be relevant to your question. > > Cheers, > Jimmy > > -----Original Message----- > From: Chris Wilkes [mailto:[EMAIL PROTECTED]] > Sent: Saturday, October 13, 2001 1:59 AM > To: [EMAIL PROTECTED] > Subject: Re: How to block webmail sites ? > > > On Thu, 11 Oct 2001 [EMAIL PROTECTED] wrote: > > > Please , I have a problem here , and maybe you could help me . > > I have a client that is asking me if he can block webmail sites , like > yahoo > > , hotmail , etc ... maybe in squid I could block this , I think , because > we > > are using squid there ... > > It is not just to block the yahoo and the hotmail , but ALL the webmail > > sites ... > > This went round and round on the netfilter (that's a linux based firewall) > mailing list. I didn't really see a good way to do it at the firewall > level. > > Looking at the Squid FAQ you can easily block certain sites with something > like this > acl Webmail dstdomain hotmail.com mail.yahoo.com > http_access deny Webmail > http_access allow all > Granted this doesn't block sites you don't know about but hey. You could > get a dump of all your DNS lookups and search for ones that say "mail" in > it and then ban those. There is a "url_regex" listed in the FAQ, maybe > there is a dstdomain_regex that you could use. > > -- Darkwater Consulting, LLC Tim Walraven http://www.darkwater.net Office: (703) 392-7452 [EMAIL PROTECTED]