?
Solved

Block Attachment with free Webmail sites

Posted on 2007-12-02
14
Medium Priority
?
1,787 Views
Last Modified: 2008-11-17
Dear All
I have in my network ISA server 2004 & Websense server, what I need to know. Is there any way to allow users access to free webmail servers (like hotmail.com or yahoo.com) and in the same time prevent them to send any attachments using those servers? So they can only send Email without any attachments?
Thanks in advance for your sincere cooperation.
0
Comment
Question by:melnahas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +2
14 Comments
 
LVL 7

Expert Comment

by:mcse2007
ID: 20393787
I don't ISA can filter the packet of hotmail and block any attachment to outgoing email. ISA is not that clever yet to do this kind of task.
0
 
LVL 37

Accepted Solution

by:
bbao earned 500 total points
ID: 20393930
it is possible, if an attachment related activity can be determined by filtering its URL.

actually, it depends on how the free webmail providers deal with attachments. for example, you may prevent hotmail users adding an attachment by filtering the following URL.

*.mail.live.com/mail/AddAttachmentLight.aspx?* (where * is wildcard)

FYI - HTTP Filtering in ISA Server 2004
http://www.microsoft.com/technet/isa/2004/plan/httpfiltering.mspx

hope it helps,
bbao
0
 

Author Comment

by:melnahas
ID: 20395138
i can't block certain URL for delivering mail attachments, as there are a lot of free webmail servers. but if there are any addons for ISA 2004 that make this process, it will be a great help to inform me about it
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20395275
You can certainly do it - either with add-ons or without. Doing it without is harder though.

Right-click your outbound http rule and select configure http
In here you will see the options for signatures, headers and the like.

YOU will need to identify the headers and signatures you want to block though.
Assumning you have ISA2004 sp3 installed, using the monitoring-logging section of the ISA gui you can drill down and see the http headers and user-agents that are used when posts are made for attachements etc.
Because the configure http option is set for that specirfic rule onl;y (not globally) you can define and refine your rules to allow what you want at a good level of granularity - but it takes time and effort to get it right.

Some of the add-ons from Websense, GFI Web Monitor etc can also do this - most of these have a 30 day eval that you can downlaod and install and test with.

Keith
0
 
LVL 37

Expert Comment

by:bbao
ID: 20395295
a lot of vendors do development for ISA servers since ISA 2000. unfortunately, AFAIK, there is no such as an add-on that only black web email's attachment.

however, you may search MS partner's solution catalog for a possible solution.

Solutions directory
https://solutionfinder.microsoft.com/SDK/Solutions/SolutionsDirectory.aspx

hope it helps,
bbao
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20395314
It would have to be done with combinations  ie www.blockme.webmail.com/mail_attach.asp & Header:post etc
0
 
LVL 37

Expert Comment

by:bbao
ID: 20395415
the link is not workable. :(
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20395425
lol - it was an example :)

The url of the web site plus the post http headers.
0
 
LVL 37

Expert Comment

by:bbao
ID: 20395454
lol - it looks like what i mentioned in my first comment. :)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20395458
Agreed :)
0
 

Author Comment

by:melnahas
ID: 20405028
so we are back to the first solution, which will require to know all the URLs of attaching pages, and there are noway to know all webmail servers attaching pages URLs.
concerning websense there are a solution but for IM attaching, but not for webmail attaching.
0
 
LVL 37

Expert Comment

by:bbao
ID: 21156385
> there are noway to know all webmail servers attaching pages

it is possible, as i showed in the first post. however, there is no a regular way to determine the attaching URLs. it depends on the particular vendors.

sometimes a right answer does not mean a right solution...

hope it helps,
bbao
0
 
LVL 1

Expert Comment

by:Computer101
ID: 21186073
Forced accept.

Computer101
EE Admin
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question