Blocking google mail
I am running squid on my linux firewall and we are having problems with people useing personnal email accounts. So we have blocked yahoo, hotmail etc. In order to block yahoo we had to block the whole site. We also need to block google, but we can not block every single search engine. I have blocked mail.google.com in the URL Filter but if you go to google.com you can still login.
Please help
Please help
Justin
Comments
-
Trailerisf Member Posts: 455Create a restricted internet zone in Group policy?On the road to Cisco. Will I hunt it, or will it hunt me?
-
kalebksp Member Posts: 1,033 ■■■■■□□□□□They may be able to sign-in, but I doubt they can access gmail. In any case, if it's possible to block ssl connections to google.com that may help, google uses ssl for it's sign-in.
-
sprkymrk Member Posts: 4,884 ■■■□□□□□□□Here is Google's mail servers:
C:\WINDOWS\SYSTEM32>nslookup
Default Server: xxxxxxx
Address: xxxxxxxx
> set type=mx
> google.com
Server: xxxxxx
Address: xxxxxxx
google.com MX preference = 10, mail exchanger = smtp2.google.com
google.com MX preference = 10, mail exchanger = smtp3.google.com
google.com MX preference = 10, mail exchanger = smtp4.google.com
google.com MX preference = 10, mail exchanger = smtp1.google.com
google.com nameserver = ns1.google.com
google.com nameserver = ns2.google.com
google.com nameserver = ns3.google.com
google.com nameserver = ns4.google.com
smtp2.google.com internet address = 64.233.167.25
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 66.102.9.25
smtp1.google.com internet address = 216.239.57.25
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10
So it would appear to me that you might try blocking:
smtp2.google.com internet address = 64.233.167.25
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 66.102.9.25
smtp1.google.com internet address = 216.239.57.25
and also:
gsmtp163.google.com internet address = 64.233.163.27
gsmtp183.google.com internet address = 64.233.183.27
and see if that does the trick. They should still be able to access the search engine, but not the mail servers.All things are possible, only believe. -
jtfranks Member Posts: 32 ■■□□□□□□□□Thank you guys. We blocked mail.google.com and they still can sign in but can not send email. I work for a school system and we have had problems with personal email but now we have been told we can block everything that needs to be, which is good.Justin
-
rossonieri#1 Member Posts: 799 ■■■□□□□□□□hello,
you cant block mail.google.com because you simply blocked the full url regex of mail.google.com in your http_access, try to block google.com instead - but it will also block users from entering the search site.
or you can put a urlpath regex like mail.google.com - so the search path also being watch by the proxy.
cheers...the More I know, that is more and More I dont know.