[Esa-l][OT] Attachment blocking

Eric Andreychek eja at rwcwarranty.com
Tue Jul 24 13:12:41 PDT 2001


On Tue, 24 Jul 2001, John D. Hardin wrote:
> I've just done the same for hotmail, though I'm reluctant to blackhole
> all of yahoo or MSN. Can anybody who actually uses these services give
> us some idea of a less global ACL that would block just their webmail
> services?

If you do happen to be using Squid, there are definitely more options open to
you then just blocking the entire site.  If your major concern is your users
downloading attachments from the site, you can use squid ACL's to block
particular file extensions.

The danger with that is some sites really do use exe files to provide HTML
content.  Ugh.  But for *.vbs or whatever, you can say something like:

  acl POISONED urlpath_regex \.vbs$ \.com$ \.lnk$
  http_access deny POISONED

in your squid.conf.  More information at:

Beware, this particular setup _IS_ case sensitive.. I don't know how to do
a case insensitive setup off the top of my head, but I'm sure it's at their
site somewhere :-)

Good luck,

Eric Andreychek
Residential Warranty Corporation
(717) 561-4480 x2245

More information about the esd-l mailing list