Solved

Windows Live\Hotmail Attachments Web Address

Posted on 2010-09-21
2
623 Views
Last Modified: 2012-05-10
Hotmail\Windows Live Attachments ('download' rather than 'view online') are filtered by my proxy server because of a rule I have set. Can anyone tell me what address is actually trying to be accessed when users click on 'download' next to an attachment?

I have many hundred rules deny accessing to domain names, wildcard rules etc etc.

Thanks
0
Comment
Question by:Pete
2 Comments
 
LVL 8

Accepted Solution

by:
Nothing_Changed earned 250 total points
Comment Utility
very very very broad question, this could be totally off, but I'll take a swing.

I think the simplest solution would be to connect a system outside your proxy, or put in a temporary bypass rule for one host. Connect to the desired site, download the attachment, while at the same time running a command prompt command of (assuming windows here) "netstat -a | findstr ESTAB". you may need to run it a few times, keep in mind that many connections are very transient so you might miss it the first time.

you will see a list like this:
 TCP    cmt-d630:2333          216.66.8.203:http      ESTABLISHED
 TCP    cmt-d630:2338          LB140.ASHB.COTENDO.NET:http  ESTABLISHED
 TCP    cmt-d630:2339          LB140.ASHB.COTENDO.NET:http  ESTABLISHED
 TCP    cmt-d630:2341          slashdot.org:http      ESTABLISHED
 TCP    cmt-d630:2343          a96-16-83-172.deploy.akamaitechnologies.com:http  ESTABLISHED
 TCP    cmt-d630:2346          a96-16-83-172.deploy.akamaitechnologies.com:http  ESTABLISHED

(ignore all of the connections to localhost, those aren't likely to be part of your problem)

look thru the list of connections that your download session spawned (not just host names but ports too, maybe its a weird port or ftp or something), then compare this list to your log in your proxy. You should be logging everything getting blocked, so you should see something in your block list that matches your netstat output, and that will be your culprit.

If you don't see anything in your proxy log, then it's probably a firewall rule blocking something. Use the same log review process and you'll find your culprit.
0
 
LVL 1

Author Closing Comment

by:Pete
Comment Utility
closed
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now