Solved: a Snow Leopard bug that blocks Gmail, Yahoo Mail and Hotmail when activating Parental Controls

Posted on Updated on

Snow Leopard is great… Maybe not. It has a few weird and annoying bugs and drawbacks that really hurt its functionality. There are graphic glitches on my macbook (2007) when running Plex and XBMC, the creepy data loss bug,and no parallels 2.5 free upgrade support, just to mention some. So good to be the most advanced operating system in the planet, huh?

Anyway, despite the minor bugs, I am very happy with my mac, so happy as to make my family have a Mac Mini for Xmas (bye bye windows troubleshooting!). Here is the scenario:

  • Equipment: Mac Mini (2009) with Mac OS X 10.6.2 (Snow Leopard)
  • Users: A 68 year old woman and two little brats (both boys ages 12 and 10)
  • Objectives:
  1. Prevent the brats from installing or running undesired applications and intelligently block rated R websites.
  2. Simplify usage for the senior user (system logs in automatically after turning on the computer.

Configuring the System

  1. Create a new account without administrative privileges and activate parental controls. A detailed procedure for doing this can be found here. We will call the login of this account “NameOfTheAccountWithRestrictions“.
  2. Eliminate the startup login window bay making the newly created account the one that logs onto the computer automatically by default. You can do this by going:

‘System Preferences>Accounts>Login Options>Automatic Login’

Then select the account created with parental controls from the drop box next to “Automatic Login”. For this example we would select the login “NameOfTheAccountWithRestrictions

Parental Control Settings:

  1. Go to System Preferences>Parental Controls
  2. Then Select the account that automatically logs onto the computer (in our case “NameOfTheAccountWithRestrictions”).
  3. To restrict the applications to only the ones approved by the administrator do: ‘System Preferences > Parental Controls > “NameOfTheAccountWithRestrictions” > System’ and check on “Selected Applications” the ones that you would like to allow. If new applications are installed or run, the user will be prompted to introduce a login with administrator privileges and you can set wether you would like it to run once, or forever for the user with restrictions.
  4. To restrict access to websites with adult content go to: ‘System Preferences > Parental Controls > “NameOfTheAccountWithRestrictions” > Content’ and click on “Try to limit access to adult websites automatically”.

Theoretically this should do the job… But you actually thought the story would have a happy ending? Under this configuration, whenever I tried to check my gmail, yahoo or hotmail I would get a message from the browser saying: “Safari can’t find the server. Safari can’t open the page “https://… Safari can’t find the server https://…”.

The Snow Leopard Issue

Apparently when you try to do the “Try to limit access to adult websites automatically” option, Parental Controls not only blocks websites with inappropiate content, but it also blocks sites that it cannot read, i.e. the ones under a secure connection (addresses that start with https://). So none of the conventional web based emails would work under this setup.

Solving the Gmail, Yahoo mail and Hotmail Issue with the Mac OS X Parental Controls

After much reading and frustration, I came accross this link. There it is suggested that one has to allow explicitly some sites under ‘System Preferences > Parental Controls > “AccountWithRestrictions” > Content > Try to limit access to adult websites automatically > Customize’.

  • To allow hotmail add:

http://*.*.live.com

https://*.*.live.com

http://messenger.live.com

  • To allow yahoo mail add:

https://*.*.yahoo.com

  • And finally, to allow Gmail, add:

https://*.*.gmail.*.*

Notice that for the gmail account, the .com at the end of the url is replaced by a .*.*, this is done because google redirects tend to add suffixes to the address of the secure site.

So far online email is not blocked, and everyone is happy, except for the kids, who can’t see Adult content on the web anymore=)

Cheers!

Advertisements

24 thoughts on “Solved: a Snow Leopard bug that blocks Gmail, Yahoo Mail and Hotmail when activating Parental Controls

    Tess said:
    2010.01.31 at 07:24

    Thanks for posting this! Just bought my first mac a week ago and immediately ran into problems with accessing yahoo mail and gmail on the kids’ accounts. The yahoo fix worked, but the gmail fix did not. I copied and pasted your fix into the parental controls, but still am not able to access gmail on their accounts. Any ideas? Thanks!

    Mr. Drive responded:
    2010.01.31 at 11:53

    I have heard that the domain name for gmail changes according to different regions.

    When you type in http://www.gmail.com could you tell me what the redirected address looks like? (i.e. the address that is blocked by parental controls, it should be a very long address)

    In the meanwhile, you may try adding to the list of allowed sites something like

    https://*.*.google.*.* or maybe https://*.*.googlemail.*.*

    Tess said:
    2010.02.01 at 18:39

    Thanks for your quick reply. I just found this thread that uses Google’s IP address and this fix is currently working for me:

    http://www.google.as/support/forum/p/gmail/thread?tid=5ab9beee7c05e905&hl=en

    ZAREMA said:
    2010.03.21 at 07:36

    arthur@fenrislyrlenon.ddns.me.uk Thanks the author for article. The main thing do not forget about users, and continue in the same spirit.http://animelife.org.ua/

    Craig said:
    2010.04.18 at 22:16

    Hi – none of this worked for me, so I went into the Parental Control menu > log > sites blocked to see what it was stopping. Saw 1E100 – what is that? googled it,and it is some hidden google domain. I added 1E100.NET to the Parental Control > content > Customize > allow sites and voila, problem solved.

    Craig

      Mr. Drive responded:
      2010.04.18 at 23:31

      Hey Craig,

      I also noticed the 1E100 in the list of sites blocked. My guess is that that weird domain name is one of the many addresses that Google uses to make the connection to their secure servers. Because these, lets call them, “transition addresses” are dependent on the region you are using the web, solving the google/parental control issue becomes quite challenging.

      I have read people recommending to go ahead and try a brute force attempt and allow all the blocked addresses, one by one until you find the one that allows you to connect to gmail. Exhausting, isn’t it?!. Nonetheless, a more systematic approach is also possible if you use a tool such as the “Little Snitch” Firewall to monitor the addresses that communicate with your computer, while connecting to the gmail server.

      Certainly, what I wrote here does not appear to be the one-fits-all solution, but it sure can give you a good idea on how to approach the problem. Thanks for your reply and thank you for sharing the solution that worked for you!

    Jesse said:
    2010.05.19 at 20:37

    This has been really helpful. If you’re not sure why or how the website you are trying to access is being blocked, check the logs under System Prefs and check it out.

    In my case, I had to add “1E100.NET” to the customized/allowed websites list to unblock gmail.

    Mr. Drive responded:
    2010.05.24 at 12:24

    Has anybody tried to allow dropbox through the parental control filter?

    Mr. Drive responded:
    2010.07.04 at 11:57

    After doing some research on how to allow dropbox through Parental Controls in Mac, I came across this link:

    http://forums.dropbox.com/topic.php?id=11338

    There they recommend several things, but the comment by “Jan B.” was the most helpful:
    Simply add:

    https://*.dropbox.com and
    https://static.reverse.softlayer.com

    to the list of (explicitly-) allowed websites.

    Jan B. also mentioned that the same http:// domains should be enabled as well, but I tried just the “https://” domains as shown above, and it works ok so far through the mac parental controls with the “Try to limit access to adult websites automatically” option enabled…

    Ann Sgarzi said:
    2010.07.06 at 06:23

    Thank you, thank you so much!!!

    Mak the knife said:
    2010.08.07 at 05:12

    I got a new macbook (yes newbie/recovering mswin user). I have no need to use parental controls etc. but still have issues with the gmail/yahoo login. Should I be having this problem?
    In fact everything on google/yahoo works except those requiring login. I tried with admin / restricted user (without parental controls) login and safari/firefox browsers…. no luck. I am working through a proxy server and those settings should be ok since I can get to everywhere else.
    Any help/suggestions (in some detail please 😉 would help.

      Mr. Drive responded:
      2010.09.21 at 12:31

      Hey there, that seems to be a network access problem more than a system problem. Have you tried using this computer outside that network?

    felix said:
    2010.10.07 at 02:26

    Very helpful Thank you: Gmail and facebook i got working, but yahoomail is still not working… couldn’t find any other info on that subject. Any suggestions?

      David said:
      2011.07.06 at 16:18

      What do you need to get facebook working?

      Mr.Drive responded:
      2011.07.06 at 17:21

      I would clean the list of blocked sites and and check the list again to see what shows up after you try to access yahoo. Then allow those specific sites. Did you try allowing https://*.*.yahoo.com?

    Paul said:
    2011.01.03 at 13:41

    I had problems getting Hotmail to work even after entering all of the suggestions. I managed to get it to work by adding the following to the list of explicitly allowed websites:

    http://*.*.akamaitechnologies.com
    https://*.*.akamaitechnologies.com

    Akamai is a major Content Delivery Network, so it seems Microsoft must be using them to host their Hotmail service.

    Vicki Fishman said:
    2011.07.01 at 23:25

    I am unable to gmail all of the sudden. It says something about re-direct.
    Please help

      Mr.Drive responded:
      2011.07.06 at 17:19

      Did you allow 1E100.NET to the list of permitted sites?

    Craig said:
    2011.09.03 at 14:08

    Thank you very much! Nothing else worked.

    jakekovar said:
    2012.03.22 at 16:24

    A fix for some people who cannot (still) access gmail is to add Google’s IP address, which you can find by pinging google.com and looking at the IP it is pinging. If you add that (or the ip for mail.google.com) in Parental Controls like: https://*.*.(IP HERE).*/* where IP HERE is the IP for google.com or mail.google.com (not gmail.com because that is a redirect URL to mail.google.com), it should work again.

    Jen said:
    2012.07.25 at 09:49

    1E100.NET works for me (Indiana) and my daughter is now a happy camper. Thank you so much!

    […] Also, Check your parental controls in your System Preferences to see if anything there is blocking you. If it is, disable that too. Here is a link that might help with that: https://drivenet.wordpress.com/2010/01/16/solved-gmail-yahoo-mail-and-hotmail-blocked-when-activating… […]

    http://38points.info said:
    2013.05.05 at 03:34

    Not only do many of the games great players
    live in Los Angeles but it is a poker friendly town.
    If you want to try out Omaha or Stud instead of Texas
    Hold Em, then there many games to try out. This is the reason you might want to learn forex charts.

    pinterest said:
    2014.09.17 at 09:52

    It ranks up there with the likes of getting to meet Johnny Depp,
    the best dessert you ever ate, and your husband doing all laundry
    and cooking for an entire month. Google+ is a social networking site that has a range of different features that you can use
    to connect with patients and other healthcare
    professionals. For example, if your food business is dedicated to gourmet party appetizers your
    bio might be as simple as “Gourmet appetizers delivered right to your door.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s