Why is the URL Filtering Policy Applied to non-HTTP or non-HTTPS Connections?
24529
Created On 09/26/18 13:55 PM - Last Modified 06/06/23 19:46 PM
Resolution
Some connections that are not HTTP or HTTPS can be evaluated against the URL Filtering policy.
The screenshot below shows an SMTP connection which happened on port 25 (as it should) but a URL Category has been applied.
This will happen when the protocol switches from clear text to encrypted via a mechanism called StartTLS
StartTLS can be used by IMAP and POP3 (RFC 2595), SMTP (RFC 3207), XMPP (RFC 6120), LDAP (RFC 2830) and NNTP (RFC4642).
Once encrypted, the communication will become SSL, which in turns causes the firewall to evaluate the connection against the URL filtering policy.
owner: kkondo