Re: monitoring web-based email

To: debian-user@lists.debian.org
Subject: Re: monitoring web-based email
From: Adam Aube <aaube01@baker.edu>
Date: Mon, 25 Jul 2005 17:27:04 -0400
Message-id: <[🔎] dc3lf8$2nq$1@sea.gmane.org>
References: <[🔎] D848BB77-1170-4B88-8E67-C39DC5B2694D@npc-usa.com>

Curtis Vaughan wrote:

> We have an issue where management wants to monitor possible leaks
> through the use of Hotmail, etc. web-based email accounts. They do
> not want to just prohibit usage of such accounts. So, the question
> is, using SQUID, is it possible to cache what information employees
> are passing through such accounts, even if they are https?

Enabling log_mime_headers in squid.conf will log the POST data (along with
ALL the other HTTP headers), which is probably how messages are composed
and sent, but even that won't help with HTTPS. For HTTPS, you will need
some sort of monitoring app on the workstations themselves.

And, as has already been pointed out, management needs to make sure it is on
sound legal ground in whatever monitoring actions it takes.

Adam

Reply to:

References:
- monitoring web-based email
  - From: Curtis Vaughan <curtis@npc-usa.com>

Prev by Date: Re: Why not a Desktop on a GNU/Linux Server
Next by Date: Re: monitoring web-based email
Previous by thread: Re: monitoring web-based email
Next by thread: Three OS on one HD
Index(es):
- Date
- Thread