email sites using 443

wagnerbm

Does anyone know how to block email sites using 443?

thx

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

/usr

Block port 443 in your firewall?

wagnerbm

We don't want to block all of 443 just the email sites using 443.

maumercado

Just wondering... why would you want to secure https email sites?

"Block port 443 in your firewall" ... theres your answer..

maumercado

wagnerbm wrote: »

We don't want to block all of 443 just the email sites using 443.

if you know the email sites names using 443 you want to block, maybe a proxy with a net filter like dansguardian, then add them to a blacklist...

/usr

So you're saying you want to block inside access to all websites which offer secured email services?

For example, Gmail has an option to use SSL, but by default it does not.

You can either block access to the entire site, thus blocking access to unsecured email as well, or you can block that port on the firewall.

If you have clients accessing legitimate sites using SSL, just place a rule in your firewall ABOVE the deny all SSL rule. The sites you want to allow over port 443 will be granted access, but all other sites using SSL would be blocked. Would this work?

Just out of curiousity, why would you want to block email sites using SSL?

blargoe

Good luck with that

Ahriakin

What hardware do you already have in place?

shednik

Depending on your current proxy solution you may be able to do some type of classification where if in "webmail" catagory and is using https then block. I am also curious why you would want to block secured webmail versus unsecured, it doesn't make much sense to me.

Ahriakin

If they already have a network sensor of some sort in place (Snort, hardware IDS/IPS etc.) then encrypted email represents more of a risk as it cannot be inspected.....It's not that much safer but it's the only reason I can think why you'd block secure email only.

JDMurray

Do you want to monitor the information in all outbound network communications and disallow SSL connections whose content can't be recorded? Would include other sort of encrypted communications, such as IM services using OTR? You're looking at an expensive application (Web) proxy solution to do that. And you'll need to filter a lot more ports than just 443 and 80.