Hello Jim, This is a sample of logs when I hit yahoo.com. I have enabled http filter in my rule. The check box that says "block response containing windows executable files is on" and also the one that says "block request containing ambiguous windows extensions" If I disable the second check box, every thing works fine and I also did a test trying to download an exe file and (obviously) first check box blocked it. English is not my first language and Tom's book does not cover much about second option. So I take a guess "ambiguous" means Doubtful or uncertain! And general rule is better to block it. This happens on most of well known domains including but not limited to yahoo.com, ebay.com, aa.com, homedepot.com, expedia.com, paypal.com and so on. Thank you some much for input -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Saturday, July 30, 2005 9:14 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Blocked by the HTTP Security filter: URL contains '.' in the path http://www.ISAserver.org There's a reason I asked for the "exact URL" - the domain part of the URL is irrelevant. In order to evaluate why the HTTP Filter is triggering, we need the *entire*, *exact* URL that triggered the filter. You can find this URL in the logs where the HTTP Filter triggered on the URL sent by the client to the ISA server that holds the HTTP Filter that triggered on the whole URL sent by the client to the ISA that recorded this request and resulting HTTP Trigger status message in the web proxy log on the ISA that recorded the exact, entire URL that caused the HTTP Filter to trigger. ________________________________ Service Destination Host Name Transport Filter Information Result Code HTTP Status Code Cache Information Error Information Log Record Type Log Time Destination IP Destination Port Protocol Action HTTP Method URL