can we via TMG's http inspection or https inspection block emails which contain specific words in their body or title?

hi fiends

i am new to TMG.

in my internal network i have TMG server.some of my Clients are both webproxy client & some others are firewall client.

we have no mail server in our networks.

clients use mail services webbase (i.e. via IE connect to https://www.gmail.com)

now i want to know, can i via http or https inspection & with http filtering tools, efine that emails in which in their messege body or title there is a "company1" phrase be blocked via TMG?

for this do i need to configure TMG's email policy tools? or it is not related to this scenario.

thank you very much 


  • Edited by john.s2011 Wednesday, September 18, 2013 6:52 AM
September 18th, 2013 9:51am

Hi john,

HTTP or HTTPS Inspection cannot filtering email content traffic

For E-Mail Content filtering, TMG has a functional from "E-Mail Policy"

Free Windows Admin Tool Kit Click here and download it now
September 19th, 2013 10:58am

Hi john,

HTTP or HTTPS Inspection cannot filtering email content traffic

For E-Mail Content filtering, TMG has a functional from "E-Mail Policy"

thanks, but i think that as my clients connect to gmail via browsers(web base manner)(not by outlook), their email content is transfered as http content so we can have https inspection to inspect email content.

do i mistake?

  • Edited by john.s2011 Thursday, September 19, 2013 1:11 PM
September 19th, 2013 3:53pm

Hi,

Based on my experience, HTTPS inspection is based on certificates. HTTP filtering can only block specific HTTP methods, extensions and headers, requests with URLs containing specific characters or specific signatures. I am afraid that you cannot achieve it via HTTP/HTTPS inspection or HTTP filtering.

In addition, maybe a Content Filter agent would achieve that.

For more detailed information, please refer to the links below.

Configuring HTTP filtering

http://technet.microsoft.com/en-us/library/cc995081.aspx

Troubleshooting HTTPS inspection

http://technet.microsoft.com/en-us/library/ee796230.aspx

Content Filtering

http://technet.microsoft.com/en-us/library/bb124739(v=exchg.150).aspx

Best regards,

Susie

Free Windows Admin Tool Kit Click here and download it now
September 20th, 2013 12:49pm

Hi,

Based on my experience, HTTPS inspection is based on certificates. HTTP filtering can only block specific HTTP methods, extensions and headers, requests with URLs containing specific characters or specific signatures. I am afraid that you cannot achieve it via HTTP/HTTPS inspection or HTTP filtering.

In addition, maybe a Content Filter agent would achieve that.

For more detailed information, please refer to the links below.

Configuring HTTP filtering

http://technet.microsoft.com/en-us/library/cc995081.aspx

Troubleshooting HTTPS inspection

http://technet.microsoft.com/en-us/library/ee796230.aspx

Content Filtering

http://technet.microsoft.com/en-us/library/bb124739(v=exchg.150).aspx

Best regards,

Susie

thank you very much for you answers & useful links you introduced me. so it seems that TMG's https inspection feature in not as useful as it seems at first.

maybe organizations need to block emails which contains specific words.

so what would be some examples about what would be popular usages of this feature?

what content company wants to inspect? ( as we cannot inspect body entirelly)

September 22nd, 2013 7:46pm

Hi,

Thanks for reply.

Do you mean the examples of blocking emails which contains specific words?

Based on my experience, you can use outlook rules to filter emails which contains specific words in the body or subject.

Best regard,

Susie

Free Windows Admin Tool Kit Click here and download it now
September 24th, 2013 8:08am

Hi,

Thanks for reply.

Do you mean the examples of blocking emails which contains specific words?

Based on my experience, you can use outlook rules to filter emails which contains specific words in the body or subject.

Best regard,

Susie

hi susie

i am vary happy. i tested my solution and it worked. (without having any via outlook or exchange server or any filter agent)

i blocked Gmail emails which contained a specific word via HTTPS inspection & http filtering. all weneed is configure http filtering signature tab & select byte range larger than 100. i selected 1000 & it works.  :-)

but now my question is if manager asked us block email in which there is one of "word1" or "word2". now what should we write in signature section ?

September 25th, 2013 12:52pm

Hi,

Good to hear that.

Maybe you can set two blocked signatures to block emails which contain "word1" or word2.

In addition, when you specify a signature search on a request body or a response body, Forefront TMG only inspects the first 100 bytes of the request and response body by default. Increasing this default value may affect system performance.

Best regards,

Susie

  • Marked as answer by john.s2011 7 hours 29 minutes ago
Free Windows Admin Tool Kit Click here and download it now
September 25th, 2013 10:13pm

Hi,

Good to hear that.

Maybe you can set two blocked signatures to block emails which contain "word1" or word2.

In addition, when you specify a signature search on a request body or a response body, Forefront TMG only inspects the first 100 bytes of the request and response body by default. Increasing this default value may affect system performance.

Best regards,

Susie

yes nice solution, thank you very much. i really helps me Learning TMG. i don't know how to thank you. i wish best things for you in the life

best regards

September 25th, 2013 11:22pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics