We'd love to hear about it! Click here to go to the product suggestion community
we're trying to use Sophos Central for Enterprise Web Control feature but it seems did not work as intended
we tried to block Web Emails and tried typing the URL https://mail.yahoo.com directly and hit enter, then it seems it blocked.
however if we access https://www.yahoo.com with valid ID then click MAIL icon, it didn't block the URL.
from here, i can refresh the page without problem even when Sophos Endpoint Events shows "mail.yahoo.com" was blocked for my users
i tried to disable cache, but i can still refresh the page normally
anyone can provide advise how to fix this?
Hello Sophos User1929,
first of all, I don't have a solution.
I could reproduce this (not with Central but with SESC though this shouldn't make a difference). What seems to happen is the following: mail.yahoo.com resolves to the same addresses as s.yimg.com that serves the various images on the Yahoo pages. The browser leaves the connection open a reuses it for the request to mail.yahoo.com. As Web Control can't inspect the HTTPS stream it can't detect that the request goes to a blocked URL.I tested my assumption by idling on the www.yahoo.com page until netstat showed that the connection to s.yimg,com/mail.yahoo.com and subsequently I get the expected Secure connection failed (or your browser's equivalent) when clicking on the icon.
Might be a deliberate and clever move by Yahoo
In reply to QC:
Thank you for detailed information
at least i can tell that my Sophos Endpoint still working as "intended"
hopefully there's something Sophos can do here
currently trying the same thing with Gmail, at least it didn't behave like that