Webmail Control via URL

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Webmail Control via URL

L0 Member

Can paloalto control the sending of web mail?

 

i want to make it impossible to send out from the webmail.

There is a service called Naver that provides web mail like Google.

for example,

 

The URL for sending is as follows.

mail.naver.com/n=111113333&v=f#%7B"fClass"%3A"write"%2C"oParameter"%3A%7B"orderType"%3A"new"%2C"sMailList"%3A""%7D%7D

 

I created a policy using the URL category.
mail.naver.com/^=f#%7B"fClass"%3A"write"%2C"oParameter"%3A%7B"orderType"%3A"new"%2C"sMailList"%3A""%7D%7D

mail.naver.com/*=f#%7B"fClass"%3A"write"%2C"oParameter"%3A%7B"orderType"%3A"new"%2C"sMailList"%3A""%7D%7D

 

I would like to set a policy that is impossible to send through the URL.

 

 

The results of the URL test were not blocked.

Using the http protocol and using 80 ports. Is it possible to implement it?

If there's anything I missed, give me some advice

 

I also wonder if the gmail can also be controlled.

It was not long after I started the Palo Alto firewall. I hope you understand.

1 REPLY 1

L2 Linker

Hi mojunhwan,

 

The best way of blocking naver is by application, but there are other ways as well.

 

1. Create a security rule that blocks/denies the app naver-mail. But this rule will maybe require you to have an outgoing decrypt rule to actually see this app over ssl/443. Port 80 would be fine.

 

Two other ways of blocking naver:

2. Create a FQDN address object called mail.naver.com with FQDN=mail.naver.com and put this in a security rule on destination server with action equal reset-client or reset.both.

 

3. Create a custom URL-category called "Denied URLs" and but the url *.naver.com in this URL-category. On the outgoing allowed rule for the clients add this URL-category to the URL filtering profil (in the security profile) with a Site Access set to "Block".

 

- Kim

  • 4692 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!