Not even remotely close to being Zed related but I know there are a few IT geeks like me on here who probably know the answer to this off the top of thier heads...

 

Putting in a secure web proxy solution for a customer at the moment, all going fine, got a bit of a problem with MSN messenger though, need to know exactly what servers (or just the root domain of the servers) it connects to so we can add them into a set of sites allowed without authentication...

 

I dont know crap about messenger but Im assuming the clients all connect to a bunch of servers centrally which maintain all the free/busy data and buddy lists etc.... if im barking up the wrong tree and its a p2p type system then im fooked.. :mac1:

 

Cheers

No its not p2p, AFAIK.

 

Last I heard there are 3 messenger servers each with a different IP address.

 

I will have a look see if I can find anything

 

But doesnt Messenger have options for going through a proxy?

Just the domain name(s) for the server(s) will do, thanks for the help..

 

Prob is the proxy is using NTLM authentication sent transparently from the browser (so abuse i.e looking at boobs can be monitored by the powers that be and the users dont have to enter username password every time they go on the web) the MSN proxy settings dont forward the credentials so it automatically gets knocked back. need to set an exception to the authentication rule so the MSN stuff goes straight through the proxy....

 

god its too late to be working.. :(

Speaking as an IT Security person, just block it and allow them to use a web interface if they need to use it, it's far less risky.

umm, MSN Beta V7 seems to work through our proxy and firewall at work. It was the only one that seems to support proxy passthrough.

Speaking as an IT Security person, just block it and allow them to use a web interface if they need to use it, it's far less risky.

 

Thats the plan, the exception is just for the IT department! :D they cant live without thier MSN!!

 

I think I sussed it last night I think its *.passport.net and *.messenger.hotmail.com are the domains it will talk to..... just got to test it monday!

 

Cheers for the help...

Thats the plan, the exception is just for the IT department! :D they cant live without thier MSN!!

 

I think I sussed it last night I think its *.passport.net and *.messenger.hotmail.com are the domains it will talk to..... just got to test it monday!

 

Cheers for the help...

 

That's no way to enforce a policy. No exceptions, expecially not for yourselves !

 

There are several web interfaces, use those.

Thats the plan, the exception is just for the IT department! :D they cant live without thier MSN!!

 

I think I sussed it last night I think its *.passport.net and *.messenger.hotmail.com are the domains it will talk to..... just got to test it monday!

 

Cheers for the help...

 

If you don't require the chat facility to go beyond the bounds of your company, uou could always install the corporate version of MSN. (You'll require exchange server 2000 for it to work). This way, all people within the company can chat with one another, and you can make sure their screen-names are within the bounds of decency, since they only show up as their exchange server / active directory user ids.

 

BT made it their preferred internal messenger about 2 years ago now. Although I can't help feeling it was a shame to end all the endless but highly amusing conversations that i'd find myself in with duffer, chrisC etc.

 

2p

Simon.

Unless you've sussed it, messenger.hotmail.com port 1863 should be all you need :)