This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Monitoring and Blocking eMail

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Monitoring and Blocking eMail

Angel
Not applicable

‎04-03-2013 09:22 AM

Hello,

I want to know how I can do the following questions:

1.- How can I block in gmail application the access to all the mails like this xxxx@gmail.com, but allow the access to emalis like this xxxx@domain.ec that also are associated with Gmail.

2.- How to monitor the users who access to public mails and know what are the access account and the destination account of a specific email.

Thanks.

Regards.

0 Likes Likes
1 REPLY 1

mikand
L6 Presenter

‎04-03-2013 05:02 PM

When (currently) logging in to Gmail a POST is made towards https://accounts.google.com/ServiceLoginAuth :

POST /ServiceLoginAuth HTTP/1.1

Host: accounts.google.com

which in the payload contains (among other things):

&Email=username%40gmail.com&

So I guess that part should be doable.

That is create a custom app that depends on the gmail-base (or whatever) but triggers on http-method=POST and payload contains &Email=(.*)%40domain.ec&

Put this custom appid as action=allow (along with url=accounts.google.com). While another security rule acting on url=accounts.google.com (and appid=any) is put directly after the previous allowing security rule as action=deny. This way you should be able to login with xxx@domain.ec but not with any other domain (or username without domain).

In order for the above to work you need to have ssl-termination (ssl-decrypt) active.

The risks is that the user might have already been authenticated elsewhere in the google stratosphere and by that perhaps doesnt need to go the route through accounts.google.com. But also if the authentication can be done through GET instead of POST (because then you need expand your custom appid to cover that aswell). I have also no idea how IMAP (that is gmail app in android and such) can be blocked if you wish to block that aswell (the above was verified with firefox running live http header to look into the ssl session).

And as for your second question Im sorry but dont fully understand what you are asking for?

0 Likes Likes
  • 1751 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks