I am trying unseccessfully to block email attachment downloads for a subnet of my network at my firewall. I've blocked ftp successfully. I've tried blocking passive-mode downloads, but have been unable to block email attachments. Does anyone know how to do this. What ports do I need to block? Or do these run over 80?

[ 09 March 2001: Message edited by: ndelo ]

an email attachment is part of the email itself, handled by the pop3 or imap ports

in other words, to stop email attachments by closing ports, you have to stop email itself

that isn't really what you want to do is it?

and if a user uses a web based email, like hot mail etc, etc, then you would have to block the http port 80 and then you basically have no access at all so what is your network doing?

:confused:

[ 09 March 2001: Message edited by: FoBoT ]

That was what I assumed and feared, but figured I would post first. Basically, I am trying to stop students from downloading attachments from, yes, hotmail etc., in our computer lab without blocking port 80. I've disabled downloads with IE itself, but the few smart ones usually get around this.

this sounds like a job for... an application-level firewall, a.k.a: proxy. this allows you, in this case, to filter packets according to their http headers and data.

Can squid handle this? Or are we talking something about like MS Proxy.

Originally posted by ndelo:
but the few smart ones usually get around this.

:D
well there's your real problem! ;)

ok, options

1- kick out the smart ones (no can't do that :rolleyes: )
2-use a proxy server, force all the browsers through it for port 80, then log/track activity to hotmail with squid (proxy server)
anybody you catch violating the rules of no hotmail, you punish severely :eek:

just my $0.99! :)

Originally posted by ndelo:
are we talking something about like MS Proxy.

:eek:

no need for M$ :D

squid is good!

Originally posted by ndelo:
Can squid handle this? Or are we talking something about like MS Proxy.

:eek: ^&%!$#* :eek:

"Can suid handle this?" :rolleyes:

Did someone say something about microsoft? :D

It's not really a problem of whether or not they use hotmail, its a problem of virus containment. We have a Notron CE server, and between students downloading attachements and bringing in floppies from home, the server shows the labs getting hit pretty hard. I know you can run Norton CE on a email gateway, Lotus Notes (NT or Solaris) or an NT firewall (MS Proxy), but I was hoping to be able to do this on an existing Linux routers or with Linux in general.

Guess it's time to hit the squid HOWTOS, man pages, etc.

oh, you want to eliminate the attachments with viruses, by

a- eliminating all attachments
b- using a program to check attachments for viruses


hmmm....

anybody???

:D exactly :D

Either will do, as long as it's Linux-based.
;)

[ 09 March 2001: Message edited by: ndelo ]

i have a good impression of trend micro, their ms exchange products are good, these might be too much $$$, ie not free but you might look at

InterScan VirusWall (http://www.antivirus.com/products/isvw/#minimum)

says it has a linux version

[ 09 March 2001: Message edited by: FoBoT ]

That's pretty much what I'm after. The price isn't that bad, but passing these things by our old president--whose never ever even used a word processor--is a little tough. E.G. he dosen't even know what a virus is, yet has the ultimate say in these kinds of purchasing decisions. This makes my job a little tough to say the least. Our pres dosen't know linux from a wart on his ***-- the only word he knows, and likes, is free.
:)

[ 09 March 2001: Message edited by: ndelo ]

Originally posted by ndelo:
a wart on his ***-- the only word he knows, and likes, is free.


i'm sorry to hear about his medical condition ;)

but there are probably some "regular" (non-commercial) linux solutions that i don't know about, there are some actual linux sys admins around here sometimes, perhaps one will drop into this thread

hey!!!! linux dudes!!!! where are you ? :D