Outlook and ssquid proxy server

samfp · July 2013

Hi,

I use squid as proxy server in my network but have a problem with outlook in clients hosts.

my network is composed by :

- 1 router having address 192.168.1.1, it is the gateway to Internet

- 1 switcher (16 ports) that all network hosts are linked to it

- 1 host having 2 network cards

- eth0 : adress 192.168.1.2

mask 255.255.255.0

gateway 192.168.1.1

DNS 192.168.1.1

- eth1 : adress 169.254.1.1

mask 255.255.0.0

gateway 0.0.0.0

- network hosts use the network 169.254.1.0/16

My squid configuration is this :

############################################################

########### local config ############

############################################################

acl manager proto cache_object

acl localhost src 127.0.0.1/32 ::1

acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

http_access allow manager localhost

http_access deny manager

http_access allow localhost

#############################################################

########### Denied request rules #############

#############################################################

acl d_porn url_regex porn

deny_info deny_page_porn d_porn

http_access deny d_porn

#############################################################

########### Exceptions #############

#############################################################

acl sam-admin src 169.254.1.6

http_access allow sam-admin

#############################################################

########### ACL #############

#############################################################

# Network definition

acl my_network src 169.254.0.0/16

# Domain to block

acl video_share dstdomain .youtube.com .dailymotion.com

acl faceb dstdomain .facebook.com

# Ports acl

acl SSL_ports port 443

acl Safe_ports port 443

acl Safe_ports port 80 # http

acl Safe_ports port 22

acl Safe_ports port 1158

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 6881-6999 # Torrents

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl Safe_ports port 25 # pop

acl Safe_ports port 110 # SMTP

acl Safe_ports port 109 # SMTP

acl Safe_ports port 995

acl CONNECT method CONNECT

# Media streaming acl

acl media rep_mime_type video/flv video/x-flv

acl media rep_mime_type -i ^video/

acl media rep_mime_type -i ^video\/

acl media rep_mime_type ^application/x-shockwave-flash

acl media rep_mime_type ^application/vnd.ms.wms-hdr.asfv1

acl media rep_mime_type ^application/x-fcs

acl media rep_mime_type ^application/x-mms-framed

acl media rep_mime_type ^video/x-ms-asf

acl media rep_mime_type ^audio/mpeg

acl media rep_mime_type ^audio/x-scpls

acl media rep_mime_type ^video/x-flv

acl media rep_mime_type ^video/mpeg4

acl media rep_mime_type ms-hdr

acl media rep_mime_type x-fcs

acl mediapr urlpath_regex \.flv(\?.*)?$

acl mediapr urlpath_regex -i \.(avi|mp4|mov|m4v|mkv|flv)(\?.*)?$

acl mediapr urlpath_regex -i \.(mpg|mpeg|avi|mov|flv|wmv|mkv|rmvb)(\?.*)?$

#############################################################

########### Return ACL page #############

#############################################################

deny_info deny_page video_share

deny_info deny_page faceb

deny_info deny_page Safe_ports

deny_info deny_page SSL_ports

deny_info deny_page media

deny_info deny_page mediapr

#############################################################

########### Access permission #############

#############################################################

#http_access deny video_share

#http_access deny faceb

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

#http_access deny mediapr

#http_reply_access deny media

http_access allow my_network

#http_access deny all

http_access allow all

##############################################################

########### Global config ##############

##############################################################

http_port 3128 transparent

coredump_dir /var/spool/squid3

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880

refresh_pattern . 0 20% 4320

cache_effective_user proxy

cache_effective_group proxy

###############################################################

The ufw service is disabled and iptables rules are as default (no rules)

Everything about HTTP access work correctly and the filtration work well but outlook, i can't receive or sent mails from any hosts in the LAN network using the proxy

Someone can help me to resolve this problem please ?

Thanks

Outlook and ssquid proxy server

Categories

Upcoming Training

Kubernetes Administration (LFS458)

Linux System Administration (LFS301)

Open Source Virtualization (LFS462)

Linux Kernel Debugging and Security (LFD440)