Blocking google mail

I am running squid on my linux firewall and we are having problems with people useing personnal email accounts. So we have blocked yahoo, hotmail etc. In order to block yahoo we had to block the whole site. We also need to block google, but we can not block every single search engine. I have blocked mail.google.com in the URL Filter but if you go to google.com you can still login.

Please help

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

Trailerisf

Create a restricted internet zone in Group policy?

kalebksp

They may be able to sign-in, but I doubt they can access gmail. In any case, if it's possible to block ssl connections to google.com that may help, google uses ssl for it's sign-in.

sprkymrk

Here is Google's mail servers:

C:\WINDOWS\SYSTEM32>nslookup
Default Server: xxxxxxx
Address: xxxxxxxx

> set type=mx
> google.com
Server: xxxxxx
Address: xxxxxxx

google.com MX preference = 10, mail exchanger = smtp2.google.com
google.com MX preference = 10, mail exchanger = smtp3.google.com
google.com MX preference = 10, mail exchanger = smtp4.google.com
google.com MX preference = 10, mail exchanger = smtp1.google.com
google.com nameserver = ns1.google.com
google.com nameserver = ns2.google.com
google.com nameserver = ns3.google.com
google.com nameserver = ns4.google.com
smtp2.google.com internet address = 64.233.167.25
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 66.102.9.25
smtp1.google.com internet address = 216.239.57.25
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10

So it would appear to me that you might try blocking:

smtp2.google.com internet address = 64.233.167.25
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 66.102.9.25
smtp1.google.com internet address = 216.239.57.25

and also:

gsmtp163.google.com internet address = 64.233.163.27
gsmtp183.google.com internet address = 64.233.183.27

and see if that does the trick. They should still be able to access the search engine, but not the mail servers.

jtfranks

Thank you guys. We blocked mail.google.com and they still can sign in but can not send email. I work for a school system and we have had problems with personal email but now we have been told we can block everything that needs to be, which is good.

rossonieri#1

hello,

you cant block mail.google.com because you simply blocked the full url regex of mail.google.com in your http_access, try to block google.com instead - but it will also block users from entering the search site.

or you can put a urlpath regex like mail.google.com - so the search path also being watch by the proxy.

cheers...