RE: Content Scanning

Hi David,

You don't even need to create a Deny rule, just don't create any allow
rules. This enforces least priviledge. Just create allow rules for
outbound SMTP for hosts that require SMTP outbound access, such are your
Exchange Server.

Outbound filtering can be done with things like SurfControl, which IIRC,
will enable you to block access based on HTTP methods and headers. ISA
2004 makes this REALLY EASY, because you can block based on anything
contained in the HTTP communication. All you need to do is create a HTTP
policy and no more access. With ISA 2000, you can create Site and
Content Rules and block specific HTTP email sites.

HTH,
Tom 

-----Original Message-----
From: David Haam [mailto:DavidH@xxxxxxxxxxxx] 
Sent: Saturday, February 21, 2004 10:11 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Content Scanning

http://www.ISAserver.org

One key to make something work is to be able to scan also outbound
activity. If the users are using a standard SMTP client to send
outbound, you can set up the ISA rules to DENY outbound SMTP traffic,
and provide outbound only via your filter-enabled SMTP server
(filtering/monitoring by whatever product/solution you so choose).

If the users are using some web-based email client then, it gets
tougher. Anyone have an ISA extension tool that can do that kind of
content monitoring? Maybe even able to see inside SSL packets?



 

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, February 21, 2004 5:53 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Content Scanning

http://www.ISAserver.org

That's a tough one.
Maybe GFI Mail Security or something like that/ You'd need something
that the mail server can "talk to".

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Sat, 21 Feb 2004 12:37:47 +0530
 "Brajesh Ranjan Panda" <brajesh@xxxxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

Hi jim,

Ya that is good i am also doing that. But take a situation my client is
a software development organisation. So they want to scan their internal
mail content's,,,,, if there is any type of company proprietory codes/
may be some mangerial information going out-side then it will be droped
or forward to any other person for analysis like smtp screener. If there
is any worm/TH then it of course caught by the Antivirus. But I want a
customise scanning of the content's.

perhaps   now u get my question.

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, February 21, 2004 6:16 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Content Scanning


http://www.ISAserver.org

Yep; I use an antivirus scanner on my mail server.
Since your internal users send mail without ever touching the ISA,
you're missing a bet if you don't scan at the mail server itself.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Brajesh Ranjan Panda" <brajesh@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, February 19, 2004 20:27
Subject: [isalist] RE: Content Scanning


http://www.ISAserver.org


Hi jim

have u any solution with ur tools ???????
-----Original Message-----
From: Anthony Michaud [mailto:anthonym@xxxxxxxxxxxxxx]
Sent: Friday, February 20, 2004 9:45 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Content Scanning


http://www.ISAserver.org

For what?

Rude/obscene words? Known virii? Unknown virii? defined file types?  War
and Peace? Annoying signatures with 200 lines of disclaimer?  Dilbert
comics?

--
Anthony.

> -----Original Message-----
> From: Brajesh Ranjan Panda [mailto:brajesh@xxxxxxxxxxxxxxxxx]
> Sent: Friday, 20 February 2004 15:09
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Content Scanning
>
>
> http://www.ISAserver.org
>
> Hi,
>
> Is there any tool or configuration which can scan the contents of the 
> mails except "smtp screener".
>
> ____________________________________________
>
> Brajesh Ranjan Panda
> System Administrator
>
> Divas Offshore Software Technologies (P) Ltd.
> N-1/3, DLF Phase-II
> Gurgaon-122002, INDIA.
> Telephone: +91-124-501880-1 to 8
> Fax/Voice-mail: +91-124-5018044
>
> Web: www.divassoftware.com
> ____________________________________________
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows 
> Security Resource Site: http://www.windowsecurity.com/ Network 
> Security Library: http://www.secinf.net/ Windows 2000/NT Fax
> Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:

> anthonym@xxxxxxxxxxxxxx To unsubscribe send a blank email to 
> $subst('Email.Unsub')
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
brajesh@xxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
brajesh@xxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
davidh@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')




Other related posts: