Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 3737 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking external web mail attachments

Jan Sykora

HI ALL! :)

I would like to block sending emails via web mail.(gmail,yahoo,hotmail,etc) Is it possible to restrict users that would like to send email with any type of attachment?

(User can login to email but will  not be able to create new email. Basically will be able to just read the emails.

I am using SOPHOS UTM 9.600-5 

 

THANK YOU ALL !

   


This thread was automatically locked due to age.
  • +1

    This depends but more than likely no, are they using it through a client or the web browser?

    Or look at it this way,

    Between domains, the protocol is SMTP, which is essentially a relayed protocol. If SSL/TLS is not being used, a sniffer will detect anything. If SSL/TLS is being used, a packet sniffer will be able to know the from and to IP addresses, and any relay on the way would have to decrypt and then re-encrypt the email.

    If using POP/IMAP/SMTP from a thick client (e.g. Outlook) to any one of these services, the port numbers vary but there are well-known ones.

    If using the Web interface of these services, then the ports are 80 (HTTP) and/or 443 (HTTPS) from your user agent (browser) to the originating domain - (Google or Yahoo). There, the packets are de-crypted to clear-text and then optionally re-encrypted if the target domain or a relay supports SSL/TLS over SMTP. After that, the process reverses itself: If your target domain's user is also using a browser, then the reverse will happen and clear-text email stored on the target domain's mail server will be encrypted to HTTPS sent over client ports (random ports) to the end user.

    In short,

    • if not using SSL/TLS, everything is visible.
    • if using SSL/TLS, everything is visible to the relays but not in transit.
    • port numbers may vary.

    https://security.stackexchange.com/questions/33285/what-are-the-ports-used-by-online-email-accounts-such-as-yahoo-mail-gmail-etc

     

    Basically you could use different means to block the upload however this would prevent uploading a file to any site, if you have Sophos Central you could use DLP to prevent certain types of data from being attached and or at least get an acknowledgement of who approved what to be attached and sent.  But since you are allowing them access to read it you are allowing them access to access the site, therefore you cannot use the web interface one.  

    You may be able to block the webpage access, allow the client access and block the outgoing ports but allow the incoming ports, but I am not sure if that would work since I am not sure if authentication would occur.

    Respectfully, 

     

    Badrobot

     

  • 0 in reply to Badrobot

    badrobot thank you for your fast and very detailed answer.

    We are using web browser to access web free email.

Unfiltered HTML