Luis Miguel wrote: > El viernes, 16 julio del 2004 a las 12:06:07, Scott Phalen escribi�: >>> We need a way to filter based on the whole MIME replied header or on >>> select mime fields (filename) to cath this downloads.
>> I created an ACL to block by keyword, e.g. "dialerexe". This will block >> any URL that contains that word in the URL string. IF a user attempts to >> reach a legitimate site with that in the URL I add the site to a "safe >> url list" file and put that ahead of my keywords ACL. >> I used this site to get a list of the known dialers/spyware keywords: >> http://www.spywareguide.com/product_list_full.php > This is not a valid solution, you cant play Cat&Mouse all the time. You would have the same problem blocking by file name. You have the MIME type from the logs you showed us (application/octet-stream) - just block that using rep_mime_type and http_reply_access except for certain whitelisted sites. Adam
