Re: [squid-users] Squid and YahooMail

From: Rick Chisholm <rchisholm_at_parallel42.ca>
Date: Tue, 11 Aug 2009 22:11:52 -0400

we are using squid 2.7-Stable6 and SquidGuard 1.4

I think the URLs that are causing trouble are similar to this one:

https://us.bc.yahoo.com/b?P=gCsrUUWTcKCpTelyRrdJFADzGDkKtUqCE48AAiib&T=14uar0mrg%2fX%3d1250038671%2fE%3d150001456%2fR%3dregst%2fK%3d5%2fV%3d1.1%2fW%3dJ%2fY%3dYAHOO%2fF%3d3502946160%2fH%3dc2VjdXJlPXRydWUgc2VjdXJlPVwidFwi%2fS%3d1%2fJ%3d8AF18E44&Q=0&O=0.5384668989691079

Rick Chisholm wrote:
> it's just redirecting to login.yahoo.com again... but with a long URL, I
> will do some more digging and get you a more specific answer.
>
> I will also check, but I'm pretty sure we are at the latest available
> squid 2.7 BSD port. I will post back more accurate details.
>
> Amos Jeffries wrote:
>> On Mon, 10 Aug 2009 22:17:54 -0400, Rick Chisholm <rchisholm_at_parallel42.ca>
>> wrote:
>>> In this config - squid is using it's own dnsservers setting in
>>> squid.conf in order to avoid the local resolver setting on the OS. We
>>> are essentially using squid to avoid openDNS for a particular group at
>>> work who need access to things we usually block.
>>>
>>> The Yahoo login page immediately redirects to some other, much longer
>>> URL and that where Squid seems to run into trouble. Using dig to test
>>> the same resolvers that Squid is using does not return an error when
>>> querying for login.yahoo.com - squid also functions perfectly fine with
>>> other login pages like hotmail, gmail etc. It seems to be just Yahoo.
>> And the domain to which its redirecting?
>>
>> It may be a matter of the URL vs Squid release. Do try latest release of
>> the version you are currently using, there are both DNS and URL-length
>> fixes in the more current ones.
>>
>> Amos
>>
>>> Amos Jeffries wrote:
>>>> On Mon, 10 Aug 2009 22:01:40 -0400, Rick Chisholm
>>>> <rchisholm_at_parallel42.ca>
>>>> wrote:
>>>>> what's up with Squid and https://login.yahoo.com?
>>>>>
>>>>> Our marketing dept. at work needs access to Yahoo Analytics, but they
>>>>> have to login via Yahoo! regular login. Squid complains about a DNS
>>>>> resolution issue but names the link as
>>>>>
>>>>> http://443
>>>>>
>>>>> It's quite odd.
>>>> The strange link is due to some older Squid (3.x?) not generating the
>>>> error
>>>> page link correctly for HTTPS.
>>>>
>>>> The problem is still Squid being unable to perform DNS lookups or
>> getting
>>>> no results back for the domain.
>>>> Try a newer release if you can and figure out why its not getting any
>> DNS
>>>> results back from the resolver.
>>>>
>>>> Amos
>>>>
>
>

-- 
Rick Chisholm
sysadmin
Parallel42
e. rchisholm_at_parallel42.ca
m. 519-325-8630
w. www.parallel42.ca
Received on Wed Aug 12 2009 - 02:12:34 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 13 2009 - 12:00:03 MDT