[Esd-l] Re: [Esa-l] Anyone have a comprehensive webmail URI list?

Karl.Dunn at vmic.com Karl.Dunn at vmic.com
Tue Aug 28 06:16:01 PDT 2001


SafeWeb is just an example.  There are lots of others.  The >basic<
problem is that content filters cannot examine encrypted traffic.  Not so
basic, but just as hard, is the fact that we see at least two orders of
magnitude more http (port 80) traffic than https and email put together,
which makes it pretty difficult to defang or otherwise protect against bad
stuff that comes in via browsers.  If you have a really fast host or hosts
to do http scanning, by running squid with a filter for example, it might
be feasible, but you still can't examine https traffic.  That's why it
would be a good idea to block https except for those sites for which your
business really needs it and which you can trust, like 401(k) managers for
example ;-)

Karl Dunn     (KLD13)
VMIC
12090 South Memorial Parkway
Huntsville AL USA 35803
VOICE: (256) 382-8211 or (800) 322-3616
FAX:   (256) 650-5472 or (256) 882-0859

On Fri, 24 Aug 2001, Howard Lowndes wrote:

> Could you just not block access to SafeWeb.  Does that not _start_ as a
> http site rather than a https site.
>
> --
> Howard.
> LANNet Computing Associates
> Contact detail at http://www.lannetlinux.com
>
> On Thu, 23 Aug 2001 Karl.Dunn at vmic.com wrote:
>
> > You will probably have to block https too, at least for all sites except
> > for a chosen few with which you do e-business.  If you don't, lusers can
> > use redirectors like SafeWeb to download/upload stuff anyway.  Ours do,
> > and I have been directed not to block https at all.  So far, nothing has
> > got loose locally, but it's just a matter of time... :-(
> >
> > Karl Dunn     (KLD13)
> > VMIC
> > 12090 South Memorial Parkway
> > Huntsville AL USA 35803
> > VOICE: (256) 382-8211 or (800) 322-3616
> > FAX:   (256) 650-5472 or (256) 882-0859
> >
> > On Thu, 23 Aug 2001, Dave Horsfall wrote:
> >
> > > On Thu, 23 Aug 2001, Murray Crane wrote:
> > >
> > > [ In one wrapped line ]
> > >
> > > > However, what I need is a really comprehensive list of the URIs of webmail sites.  As I say, I've started with the list that John posted on 2001-07-25 and added the few others I know of (mail.com and
> > >
> > > Good luck; analogies of horses and stable doors spring to mind.
> > >
> > > --
> > > Dave Horsfall ATM-B VK2KFU  dave at esi.com.au  Ph: +61 2 9906 3377 Fx: 9906 3468
> > > (Unix Guru) Pacific ESI, Unit 22, 8 Campbell St, Artarmon, NSW 2065, Australia
> > > _______________________________________________
> > > E-mail Security Announce list mailing list
> > > E-mail Security Announce list at spconnect.com
> > > http://www.spconnect.com/mailman/listinfo/esa-l
> > _______________________________________________
> > E-mail Security Announce list mailing list
> > E-mail Security Announce list at spconnect.com
> > http://www.spconnect.com/mailman/listinfo/esa-l



More information about the esd-l mailing list