Squid Proxy & Yahoo! Mail Problem
I work for a small school district and we've been using Squid + SquidGuard as our internet filter since we were required to filter our Internet connection. It's worked very well for us over the years and through various hardware and software upgrades.
Recently, Yahoo! Mail has stopped working. The problem(s) are random and sporadic, and sometimes you don't have any problem accessing it at all.
Sometimes you can't log in (no error, just a blank web page)
Sometimes you can't send an e-mail (you get the "Oops! We're having a problem sending your message"). Sometimes clicking "Try sending again" works, sometimes it doesn't.
Sometimes folder contents won't load. If you click on a folder, like your Sent folder, no messages appear.
Sometimes, messages won't load. If you click on a message to read it, you'll get stuck on "Loading message...".
Sometimes when deleting messages they don't actually delete. The user doesn't discover this until logging in at home.
I've confirmed that the issue is with our Squid box as Yahoo! Mail seems to be just fine when the client isn't being proxied. I've confirmed that it's not the SquidGuard component as disabling it (by removing the url_rewrite directive in the Squid config) does not help.
We have a very basic Squid configuration and it's something that's worked for us for years! I'm very confused as to why we're having problems.
Our existing server is running Debian Etch with Squid 2.6.STABLE5. In part of the troubleshooting process I built a new server running Debian Squeeze with Squid 2.7.STABLE9 with no luck.
Here is our current configuration (minus all the comments):
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow localnet
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 80 transparent http11
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
always_direct allow all
If anybody has any ideas on what I can do to resolve this I'd immensely appreciate it!