Security Basics mailing list archives

Re: Blocking Outlook External POP/SMTP

From: Francois Yang <francois.y () gmail com>
Date: Mon, 22 Mar 2010 12:39:16 -0500

I don't know if this was already mentioned, but why not manage outbound traffic.
ie: allow what you want or what your users need and block everything else.
I think it's easier to allow what you want and block everything else,
instead of allowing everything and blocking what you don't want.

Frank

On Mon, Mar 22, 2010 at 8:30 AM, Christian Campbell
<ccampbell () brueggers com> wrote:

Hello,

I'm looking for information on preventing/prohibiting users from
utilizing
Outlook (at work) to retrieve their personal email from Gmail, AOL,
Yahoo,
Comcast, Verizon, etc.

Looking for the following:

* Reasons why users should not be allowed to use Outlook on their work
computers to retrieve their personal email.

* Tools/techniques to block this type of traffic. It seems the most
common
ports are 110, 465, 587, 993, and 995. Are there others?


If you specifically want to keep users from configuring Outlook to add
accounts, use simply enforce group policy and/or create a customized
transform to lock down the configuration.

Christian


Christian Campbell
Systems Engineer

Bruegger's Enterprises, Inc.

Universal: 802-735-0541
Desk: 802-652-9270
Cell: 802-734-5023
Fax: 802-660-4034

Email: ccampbell at brueggers dot com

PGP Public Key available via PGP keyservers or
http://www2.brueggers.com/pgp/ccampbell.html

"Computer Science is no more about computers
than astronomy is about telescopes."
--E. Dijkstra




-- 
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked. — White House Cybersecurity
Advisor, Richard Clarke

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Blocking Outlook External POP/SMTP, (continued)
- - Re: Blocking Outlook External POP/SMTP Stephen Mullins (Mar 16)
- Re: Blocking Outlook External POP/SMTP Kurt Buff (Mar 16)
- RE: Blocking Outlook External POP/SMTP Jay Vlavianos (Mar 16)
- Re: Blocking Outlook External POP/SMTP phillip bailey (Mar 16)
- Re: Blocking Outlook External POP/SMTP Jon Janego (Mar 16)
- Re: Blocking Outlook External POP/SMTP gig (Mar 16)
- Re: Blocking Outlook External POP/SMTP Phillip Bailey (Mar 16)
- Re: Blocking Outlook External POP/SMTP Pierre Jaury (Mar 16)
- Re: Blocking Outlook External POP/SMTP Nikhil Wagholikar (Mar 16)
- RE: Blocking Outlook External POP/SMTP Christian Campbell (Mar 22)
  - Re: Blocking Outlook External POP/SMTP Francois Yang (Mar 22)
- Re: Blocking Outlook External POP/SMTP krymson (Mar 17)