ISA Server 2004 - Access Rule for Yahoo Mail.

I have to allow particular user to acces only yahoo mail through ISA Server.

I created a firewall policy with following parameters:
Action - Allow
Protocols - HTTP, HTTPS
From - Email Only (Computer Set)
To - Allow Yahoo Mail (URL Set)
Content Types - All Contents Types

Following is the contents of 'Allow Yahoo Mail' URL Set:
https://login.yahoo.com/config/*
*mail.yahoo.com/*

Its all working fine, except composing new mail.
When u composing new mail, no text box appear for typing the message.
Also can not attach files.

How can I do that?




peterdevadossAsked:
Who is Participating?
 
Keith AlabasterEnterprise ArchitectCommented:
open the gui
click on monitoring - logging. Click on start query

try the yahoo connection from the work station; what do you see in the log?
0
 
peterdevadossAuthor Commented:
Opps! Dont know what happend now.   I might have screwed somewhere.
Even the login page in denied now.

Action - Deined Connection
Rule -Default Rule
URL - http://mail.yahoo.com/
Protocol - http
0
 
Keith AlabasterEnterprise ArchitectCommented:
OK. If the deny is from the default rule, it tells you that (as far as ISA is concerned) you have not created a suitable allow rule to cover the traffic it is seeing.

What hae you actually put in your url set?
You cannot have a * at the front & the back. Only one * can be used in a URL entry
0
Live Q & A: Securing Your Wi-Fi for Summer Travel

Traveling this summer? Join us on June 18, 2018 for a live stream to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
peterdevadossAuthor Commented:
I am sorry. I was away from work. Thats why the delayed response.

Until now I did not know that its possible to monitor the connections in this way.
I created the new allow rule according to the logging.

following is the new allow rule:
https://login.yahoo.com/config/login?
login.yahoo.com:443
http://mail.yahoo.com/*
http://us.bc.yimg.com/*
http://us.i1.yimg.com/*
http://us.bc.yahoo.com/*
http://us.f326.mail.yahoo.com/*
http://us.a1.yimg.com/us.yimg.com/*
http://us.ard.yahoo.com/*
http://attach.mud.mail.yahoo.com/*
http://address.mail.yahoo.com/*

Pingo.. it works.

Anyhow I am gonna award you. Coz only by your comments, i come to know how to see logging.
Before I award you... any comments from you for this procedure?
0
 
Keith AlabasterEnterprise ArchitectCommented:
Its interesting, normally you do not have to put the http/https in front of the domain.
You can also do
*.yahoo.com
*.co.uk

but the process is fine. What you cannot do is
*.microsoft.*     This would trap EVERY web site

Regards
keith
0
 
peterdevadossAuthor Commented:

As I can use only one wild card, i used this way.  I need a wild card at the end like this
http://us.bc.yahoo.com/*

Because it may be anything after this.

Do you think this will work ?
us.bc.yahoo.com/*

I just wanna know to make the things more clear.


0
 
Keith AlabasterEnterprise ArchitectCommented:
That looks fine but the set would not stop www.yahoo.com though and this is the difficulty.

0
 
peterdevadossAuthor Commented:

As I tested this set is not allowing

www.mail.yahoo.com
and
www.yahoo.com
0
 
Keith AlabasterEnterprise ArchitectCommented:
Okey, you have the http patch installed. You are one of the few; well done lol

Thanks for the points also.

regards
keith
0
 
peterdevadossAuthor Commented:
For someone searching for this info, let me post the complete url set here, to allow only yahoo mail.

https://login.yahoo.com/config/login?
login.yahoo.com:443
http://mail.yahoo.com/*
http://us.bc.yimg.com*
http://us.a1.yimg.com/*
http://us.i1.yimg.com/*
http://us.js1.yimg.com/*
http://us.js2.yimg.com/*
http://us.bc.yahoo.com/*
http://us.rd.yahoo.com/*
http://us.ard.yahoo.com/*
http://us.f326.mail.yahoo.com/*
http://attach.mud.mail.yahoo.com/*
http://address.mail.yahoo.com/*
http://calendar.mail.yahoo.com/*

As I heard, yahoo is keep changing its servers.  
This URL Set must be keep updated according to the logging in monitoring.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.