Jump to content

Editing DSN lookups


Recommended Posts

Hello,

I need help. I want to disable gmail chat in a network, under a DNS server. I found these directions on the gmail help center, but I'm clueless of DNS server editing. How/where do I block DNS lookups?

"I am a network administrator, and need to disable Gmail's chat features on my network.

We understand that it's sometimes necessary to disable instant messaging services on a network. If you need to prevent Gmail users on your network from chatting, we suggest blocking DNS lookups to chatenabled.mail.google.com, by returning 127.0.0.1."

Any replies are appreciated!

Edited by 1boredguy
Link to comment
Share on other sites


I think you need a 'static' entry on the Forward Lookup Zone so that the domain name ( chatenabled.mail.google.com ) gets resolved to 127.0.0.1.

I created a new Zone. Does it matter if it's primary or active directory-integrated?

I just left the zone blank. It seems to work just like that, the chat feature doesn't load.

Link to comment
Share on other sites

Well, if it worked, great. I suggest Active Directory Integrated Zone. If you have the DNS server also as a DC, do it.

Thanks, very cool! If I want to return 127.0.0.1, then where do I do that?

If I get the "properties" of the zone, I see the tabs: General, State of Authority, Name Servers, WINS, Zone Transfers.

Link to comment
Share on other sites

Hello,

I need help. I want to disable gmail chat in a network, under a DNS server. I found these directions on the gmail help center, but I'm clueless of DNS server editing. How/where do I block DNS lookups?

"I am a network administrator, and need to disable Gmail's chat features on my network.

We understand that it's sometimes necessary to disable instant messaging services on a network. If you need to prevent Gmail users on your network from chatting, we suggest blocking DNS lookups to chatenabled.mail.google.com, by returning 127.0.0.1."

Any replies are appreciated!

I dunno about that, because if people know the IP address, then they can get around that!!

Link to comment
Share on other sites

Ultimately, the only "sure-fire" way to block traffic anywhere is to use a proxy and funnel all traffic through it. DNS bloking will work for DNS names, but someone connecting to the IP address will bypass. However, if you don't have a proxy in place, the DNS blocking should work for most users, at least for a good while.

I'd still ultimately suggest a proxy to do things like this, but the DNS workaround will work.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...