Yep; that ISA2K4. Bridging never leaves the Web Proxy in ISA2K... That's one of the reasons ISA2K4 is so much kewler... Unfortunately, I don't know if the HTTP-tunneled RPOC is encrypted or not... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Fri, 20 Feb 2004 19:01:37 -0600 "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx> wrote: http://www.ISAserver.org Hi Jim, If SSL to SSL bridging is used, then it is exposed to ISA's application layer filtering. However, if the RPC connection is encrypted, then that's another matter; however, since RPC isn't exposed to the RPC filter when moving through RPC/HTTP, I guess it doesn't matter :) ...Or, I'm I think of ISA Server 2004 here? ;) Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Friday, February 20, 2004 6:45 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Security with OWA and RPC over HTTP http://www.ISAserver.org Since this is encrypted HTTP, ISA can't "see" the data to scan it. Exchange is your best place to scan it, since it isn't "mail" until it gets there. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Raji Arulambalam" <rajia@xxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, February 19, 2004 21:31 Subject: [isalist] Security with OWA and RPC over HTTP http://www.ISAserver.org I have questions about security when publishing OWA and RPC over HTTP through ISA server using SSL with certificates. These procedures connect straight into the Exchange Server stores/mailboxes and these users are able to upload attachments into Exchange, bypassing normal gateway AV scanning. It is possible to introduce nasties into the systems. Is there anyway that you are able to either scan these attachments or are there other solutions apart from installing an AV product into Exchange. Using Exchange 2003 server with Windows 2003 server. Any pointers would be appreciated. ARaji Email disclaimer: This email and any attachments are confidential. If you are not the intended recipient, do not copy, disclose or use the contents in any way. If you receive this message in error, please let us know by return email and then destroy the message. Environment Bay of Plenty is not responsible for any changes made to this message and/or any attachments after sending. ****************************************************** This e-mail has been checked for viruses and no viruses were detected. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')