Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 5 subscribers
  • Views 11139 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

blocking webmail: How to block webmail that have the url for email section of site in the path.

wutevatse

Hi All,

We're trying to block personal email sites like Ymail, Gmail, iCloud.., etc.

We have created a category under web protection > filtering options > categories and created a web filter profile. 

With such configuration, the UTM is blocking most of the personal webmail sites, but for some sites like iCloud, Comcast, Verizon..more, Sophos is categorising these site as Portal sites, Cloud Storage.., etc.  

As we looked into those websites that are not being blocked, it seems like these sites have their email page in the "path" of the URL; for example, the url of the email page of iCloud is icloud.com/#mail.  Am I right that the UTM looks at the domain only.

What is the solution for us to block these email pages?

Thanks,
MT



This thread was automatically locked due to age.
  • 0

    UTM does not only look at the URL, it categorizes sites using different mechanisms.

    What you can do if sites are categorized wrongly, is to add the site to Web Protection - Filtering Options - Websites and there give it a category you want your UTM to act for this specific site. Basically you can use this to override to another category.

  • +1

    Hi MT,

    Configure such URLs in the "block these website" option inside the Filter action> Website TAB.

    Thanks

  • 0 in reply to apijnappels

    Hi apijnappels,

    Thanks for the reply. 

    Your solution would work if I were to block the whole site. But I just want to block a subset of a site, the just email portion. 

  • 0 in reply to sachingurung

    Hi sachingurung,

    I will give this a try. Thanks for the suggestion.

  • +1 in reply to wutevatse

    You can also be more specific and include /mail (or whatever is needed for the site).

    If you only have 1 policy then Sachingurung's suggestion will also work, but if you have more policies you would have to maintain this in all policies whereas the websites option will work over all policies with just 1 entry.

  • 0 in reply to apijnappels

    Hey guys,

    Thanks for the Input!

    First I configured rule at the Block these websites for the website I mentioned in the earlier post. That does not work. 

     

    Today, I tried again but this time, I want to allow a website that's being blocked by a category.

    I have configured rule at "Allow these websites" section under filtering policies. The rule matches a regular expression for specific domain only. I tested the rule with the Policy HelpDesk. Policy HelpDesk shows the rule is working. 

    I testing on my user PC, the request is hitting the correct profile and policy. But the user is still getting the block message from the UTM.

    The log also shows the action as Pass 

    Is there a bug? I'm running on Firmware Version 9.408-4.

    Thanks!