Have you actually tested this policy, by going logging into an iCloud account and clicking the mail tab.? The rule you have (same one I have) will block a mail client (outlook/thunderbird etc) from communicating through the standard ports,(25/110/143/587/993) but will it a block a web browser tab opening email?
Jean-Paul Natola ________________________________ From: [email protected] <[email protected]> on behalf of Kurt Buff <[email protected]> Sent: Thursday, May 18, 2017 7:18 PM To: ntsysadm Subject: Re: [NTSysADM] Blocking iCloud email On Palo Alto firewalls, there's an application definition that you can use to block it - but it would probably also require MITM (aka web inspection) with your own certs to configure. [Inline image 1] Perhaps other brands of firewall can do that too. Kurt On Wed, May 17, 2017 at 5:35 PM, J- P <[email protected]<mailto:[email protected]>> wrote: Hi all, I already have ticket with the vendor , but thought maybe someone here may have already encountered this; Objective, block access to ALL non corporate email (we use exchange ) the filtering has blocked access to all WEB email (Hotmail, msn, aol, yahoo, gmail, etc) however, if a user logs into their iCloud account they can still access their apple/imail account , and they want to retain the ability to use all other i-crap services, iCalendar, etc.. So blocking the www.icloud.com<http://www.icloud.com> url is not an option, anyone have any pointers? TIA
