Quote:
Originally Posted by Mr. C.
While he can block many common web-mail providers by domain name (gmail, hotmail, aol), he certainly won't be able to block all the others who's names are not known a priori.
|
Right, but using some clever URL regular expression matching will definitely help, though. And like I said, there's always the hideous option of issuing internal certs in order to analyse the content of all pages that would have been SSL protected (which of course would still be far from fool-proof). With a setup like that he could even go into overkill mode and break every input text box found on any non-approved page.