Hi. For all who have contacted me directly or for anyone who's interested. Here are the mime-type's we block in our environment:
^application/x-msn-messenger$ ^app/x-hotbar-xip20$ ^application/x-icq$ ^AIM/HTTP$ ^application/x-comet-log$ There are probably lots more similar mime-type's, but these ar ethe ones we've come across most. It doesn't prevent applications from getting installed, but it does render them useless. Gerben. >>> "Kirk Ty" <[EMAIL PROTECTED]> 03-03-03 16:43 >>> This will fix your issues. Will block IM but not yahoo mail or hotmail. squid.conf acl AOL-YAHOO-MESSENGER dstdomain login.oscar.aol.com acl AOL-YAHOO-MESSENGER dstdomain pager.yahoo.com acl AOL-YAHOO-MESSENGER dstdomain shttp.msg.yahoo.com acl AOL-YAHOO-MESSENGER dstdomain update.messenger.yahoo.com acl AOL-YAHOO-MESSENGER dstdomain update.pager.yahoo.com acl MSN-MESSENGER dst 64.4.13.0/255.255.255.0 acl MSN-MESSENGER dst 207.46.110.0/255.255.255.0 http_access deny AOL-YAHOO-MESSENGER http_access deny MSN-MESSENGER -hup it when finished. Will speed up your proxy tremendously....or at least that's what I saw once I did it. Doesn't make people too happy, but that's life. > -----Original Message----- > From: SSCR Internet Admin [mailto:[EMAIL PROTECTED] > Sent: Monday, March 03, 2003 2:12 PM > To: [EMAIL PROTECTED]; Squid-Users > Subject: RE: [squid-users] Blocking Yahoo! & MSN Messengers thru > Squid. > > have you tried blocking it on iptables? port 5101 is the one that msn msgr > is using... > > -----Original Message----- > From: Georges J. Jahchan, Eng. [mailto:[EMAIL PROTECTED] > Sent: Saturday, March 01, 2003 4:20 PM > To: Squid-Users > Subject: [squid-users] Blocking Yahoo! & MSN Messengers thru > Squid. > > Trying to block Yahoo! Messenger & MSN Messenger without disallowing > connections to TCP ports 443 & 563 or blocking Yahoo! Mail and HotMail in > squid v2.5 stable1. > Following is the interesting part in squid.conf: > acl SSL_ports port 443 563 > acl CONNECT method CONNECT > http_access deny CONNECT !SSL_ports > In the access log, I see the following: > 1046394571.141 9423 127.0.0.1 TCP_MISS/200 2755 CONNECT > loginnet.passport.com:443 - DIRECT/65.54.228.253 - > 1045515709.636 12619 127.0.0.1 TCP_MISS/200 15952 CONNECT > login.yahoo.com:443 - DIRECT/64.58.76.98 - > My guess is the Messengers would connect through any open port, but > I have not tested it. > Obviously, both are working. Blocking access to port 443 is out of > the question as this disables access to secure web sites through squid. > Blocking loginnet.passport.com and login.yahoo.com would mean login > becomes impossible to HotMail and Yahoo! Mail. > Any ideas on how to "surgically" block the Messengers without > blocking Yahoo! Mail and HotMail in squid? > TIA > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003 > > -- > This message has been scanned for viruses and > dangerous contents on SSCR Email Scanner Server, and is > believed to be clean. > >
