topic Re: HTTPS Inspection and Outlook Preview in General Topics

HTTPS Inspection and Outlook Preview

Morten_O — Wed, 03 Jan 2024 12:22:52 GMT

Hi, I have a customer running HTTPS-inspection, and they have a strange problem.

When HTTPS-inspection is active, most of the pictures in the Outlook preview pane are not shown (some are, but maybe 75% are not). This means that in most newsletter, all pictures are just shown as a small red cross.

If I then copy that picture-link directly from the mail, and paste it into a browser, it shows just fine, even though HTTPS-inspection is still active.

If I completely disable HTTPS-inspection, all the pictures in the Outlook preview are show.

Nothing is red (drops/rejects) in the log.

Has anyone seen this before or have any idea what's going on?

As far as I can read, the Outlook Preview pane uses same settings as the Microsoft browser. And since some pictures are shown, I don't expect it to be a certificate-error - I would also expect it to use the same CA-store as the browsers.

Re: HTTPS Inspection and Outlook Preview

Chris_Atkinson — Wed, 03 Jan 2024 13:29:22 GMT

What does your HTTPS inspection policy look like?

Are you running R81.10 JHF T110 or something else here?

Re: HTTPS Inspection and Outlook Preview

Morten_O — Wed, 03 Jan 2024 14:02:45 GMT

Hi,

It's a pretty normal policy.

A lot of bypasses, mainly based on dst-ip, but also domains and updatable objects. Then ending with a rule to inspect everything else from the private ip-adresses.

SmartCenter is running R81.20 jumbo 38 and the cluster is running R81.10 Jumbo 66, I think.

Re: HTTPS Inspection and Outlook Preview

PhoneBoy — Wed, 03 Jan 2024 15:17:17 GMT

Most likely we'd need to run debug (and possibly a tcpdump) while the relevant page is loading to see what the issue is.
This will most likely require TAC assistance: https://help.checkpoint.com