[squid-users] yahoo mail, squid, ie, firefox and ntlm

From: nairb rotsak <[email protected]>
Date: Fri, 10 Mar 2006 07:08:29 -0800 (PST)

Finally figured this one out and wanted to share...

We block all outbound 80 traffic not coming from squid
(and the server vlan.. ok, and the admin vlan ;-)
when you type in mail.yahoo.com, you actually get
redirected to login.yahoo.akadns.net. Going through
squid w/ntlm, this works just fine on firefox. With
IE, it doesn't work. We have to allow port 80 traffic
to akadns.net subnets on our pix. I have ethereal
traces and they are actually different from firefox to
IE.

We even have all yahoo.com and akadns.net as
dstdomains.. and before the http_access for the
NTLM... still doesn't work with IE. The minute we
take the port 80 outbound block off our pix, it works
just fine.

acl yahoo_mail dstdomain .yahoo.com

acl akadns_net dstdomain .akadns.net

acl NTLMUsers proxy_auth REQUIRED

acl our_networks src 192.168.0.0/16

http_access allow yahoo_mail

http_access allow akadns_net

http_access allow all NTLMUsers

http_access allow our_networks

http_access allow localhost

Just thought I would share our frustrations...

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam
protection around
http://mail.yahoo.com

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Fri Mar 10 2006 - 08:08:37 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:03 MST