This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Block Web Links in Web based Email Portals

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Block Web Links in Web based Email Portals

CRHC
L4 Transporter

‎09-13-2010 08:51 AM

Hello,

Is it possible to create a policy that would block a user from clicking on an embedded URL link in an email from a web based email portal such as Yahoo or Gmail?

I am aware how to limit uploading and downloading of attachements through File Blocking.  But still need to block the clicking of links.  Could I create a Custom Signature for Vulnerability that looks for a URL redirect similiar to the Facebook article https://live.paloaltonetworks.com/docs/DOC-1540.

Due to the email worm outbreak of last week - I currently have a policy(s) that utilizes a block on all "Web Mail" as an application and the Bright Cloud URL catagory of "Web Mail".  We are looking to lift that restriction to allow access back to web mail - with the exception of not being able to click on any links within the email if that is possible.

Thanks so much!

Cheers,

Mike

0 Likes Likes
3 REPLIES 3

mharding
L4 Transporter

‎09-13-2010 09:19 AM

The closest way I've seen to block this is by using RegEx. Most of the emails look the same, so you could use something like this:


.*(This\ is\ The\ Document\ I\ told\ you\ about\)
.*(This\ is\ The\ Free\ Dowload\ Sex\ Movies\)
0 Likes Likes

radpointsupport
L1 Bithead

‎09-13-2010 09:52 AM

Hi!

Why not do an custom apps for the mail system you want to block where the Referer is the email system and host header is not equals the email system.

Best regards Staffan

0 Likes Likes

CRHC
L4 Transporter
In response to radpointsupport

‎09-13-2010 10:43 AM

Thank you for the quick replies.  I could see doing the regex entries if I know the actual web link text.  And/or doing a custom app for a particular mail service.  In my case I want to block (or at least not allow it to load in a browser if clicked on)  any URL link that is within an email (not caring on the subject matter) - and need to do this for all the mail services.  I'm taking advantage of the application group "webmail" and the Brightcloud "webmail" group - so that I don't have to manage all the hundreds of webmail portals.  Thanks.

Mike

0 Likes Likes
  • 2555 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks