[Esa-l]Squid ACLs for webmail
clark shishido
clark at ruminary.org
Tue Jul 24 17:45:26 PDT 2001
On Tue, Jul 24, 2001 at 04:48:15PM -0700, John D. Hardin wrote:
>
> Here's an alternative using just Squid ACLs. Comments (as always)
> solicited...
>
simple overrules complexity and these ACL's would certainly work
without using an external redirector program. But it only works
as long as we assume that the requesting URLs end with the
poisoned filename extension. We'll need to update/maintain a list
of attachment fetching URLs.
I just checked YahooMail and their attachment fetch URL is in
the form:
http://[country].[servername].mail.yahoo.com/ym/ShowLetter/[filename]?box=...MsgId...
Also, do we need to worry about html entity substitution in the
URL or does squid take do a match on both?
--clark
This looks interesting, a virus scanner for squid, reading now...
http://viralator.loddington.com
written for linux in perl
it needs:
squid, apache, apache-suexec, squirm, an antivirus program (commercial)
More information about the esd-l
mailing list