OWA Blocking Attachments
- From: "Tim Bolton" <ltb@xxxxxxxxxxxxxxxxxx>
- To: <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 15 Dec 2005 10:40:44 -0600
I have an issue allowing my users access to OWA from their home PCs.
If I turn on the attachment option in OWA, they can attach any type of
file they wish, again from their home PC.
When it comes through our Watchguard firewall, via port 443 - SSL, they
are not filtered since we cannot filter on that port as you can with the
SMTP Service.
If a users opens OWA, inside the office, to read the incoming email.
Only the attachments allowed in Level 2 can be accessed.
However, if they open the email using Outlook 2003, they can access all
of the attachments sent.
Meaning, they can send in any type of documents they wish which may
carry a virus. Since it is coming in on port 443, it is not scanned or
filtered in any way.
Normally, all attachments are stripped at the firewall. The only ones
we allow via email are PDF files. If a users tries to download a ZIP,
or any other file, it is stripped at the firewall.
But OWA seems to open the door wide open.
It has been suggested buying a 3rd party product such as
www.messageware.com but you would think that you would be able to
control this in Exchange. We only have a single Exchange 2003 Server,
no front or back end.
I only have 5 users that need this access so cost is an issue. I am
currently turning off ALL attachments for OWA...
If I change the Level 1 settings for Outlook, it will prevent my users
from sending attachments internally as well, correct?
I have been researching Watchguards site but have yet to find a solution
there.
Any thoughts or suggestions?
Tim Bolton
Network Administrator
Information Technology Dept.
Arkansas State Medical Board
www.armedicalboard.org
Phone: 501-296-1953
Cell: 501-350-4291
Fax: 501-296-1805
Other related posts:
