This problem is easy to solve. If you are an enterprise network administrator. You can set it in the router. But you must know the TCP/IP port number of each application. For example, the problem you mentioned. You can send an email. You just need to open port 25 and port 1 10. Close port 80. So I can only send emails. And I can't open the webpage. But routers are limited to packet filtering. It should be implemented to the application layer. Then you need a stateful firewall. Then you can control it at will.