Block Attachment with free Webmail sites

Dear All
I have in my network ISA server 2004 & Websense server, what I need to know. Is there any way to allow users access to free webmail servers (like hotmail.com or yahoo.com) and in the same time prevent them to send any attachments using those servers? So they can only send Email without any attachments?
Thanks in advance for your sincere cooperation.
melnahasAsked:
Who is Participating?
 
bbaoConnect With a Mentor IT ConsultantCommented:
it is possible, if an attachment related activity can be determined by filtering its URL.

actually, it depends on how the free webmail providers deal with attachments. for example, you may prevent hotmail users adding an attachment by filtering the following URL.

*.mail.live.com/mail/AddAttachmentLight.aspx?* (where * is wildcard)

FYI - HTTP Filtering in ISA Server 2004
http://www.microsoft.com/technet/isa/2004/plan/httpfiltering.mspx

hope it helps,
bbao
0
 
mcse2007Commented:
I don't ISA can filter the packet of hotmail and block any attachment to outgoing email. ISA is not that clever yet to do this kind of task.
0
 
melnahasAuthor Commented:
i can't block certain URL for delivering mail attachments, as there are a lot of free webmail servers. but if there are any addons for ISA 2004 that make this process, it will be a great help to inform me about it
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Keith AlabasterEnterprise ArchitectCommented:
You can certainly do it - either with add-ons or without. Doing it without is harder though.

Right-click your outbound http rule and select configure http
In here you will see the options for signatures, headers and the like.

YOU will need to identify the headers and signatures you want to block though.
Assumning you have ISA2004 sp3 installed, using the monitoring-logging section of the ISA gui you can drill down and see the http headers and user-agents that are used when posts are made for attachements etc.
Because the configure http option is set for that specirfic rule onl;y (not globally) you can define and refine your rules to allow what you want at a good level of granularity - but it takes time and effort to get it right.

Some of the add-ons from Websense, GFI Web Monitor etc can also do this - most of these have a 30 day eval that you can downlaod and install and test with.

Keith
0
 
bbaoIT ConsultantCommented:
a lot of vendors do development for ISA servers since ISA 2000. unfortunately, AFAIK, there is no such as an add-on that only black web email's attachment.

however, you may search MS partner's solution catalog for a possible solution.

Solutions directory
https://solutionfinder.microsoft.com/SDK/Solutions/SolutionsDirectory.aspx

hope it helps,
bbao
0
 
Keith AlabasterEnterprise ArchitectCommented:
It would have to be done with combinations  ie www.blockme.webmail.com/mail_attach.asp & Header:post etc
0
 
bbaoIT ConsultantCommented:
the link is not workable. :(
0
 
Keith AlabasterEnterprise ArchitectCommented:
lol - it was an example :)

The url of the web site plus the post http headers.
0
 
bbaoIT ConsultantCommented:
lol - it looks like what i mentioned in my first comment. :)
0
 
Keith AlabasterEnterprise ArchitectCommented:
Agreed :)
0
 
melnahasAuthor Commented:
so we are back to the first solution, which will require to know all the URLs of attaching pages, and there are noway to know all webmail servers attaching pages URLs.
concerning websense there are a solution but for IM attaching, but not for webmail attaching.
0
 
bbaoIT ConsultantCommented:
> there are noway to know all webmail servers attaching pages

it is possible, as i showed in the first post. however, there is no a regular way to determine the attaching URLs. it depends on the particular vendors.

sometimes a right answer does not mean a right solution...

hope it helps,
bbao
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.