Hello everyone I am sorry if this sounds stupid but since having an ISA server 2004 in front of exchange 2003 and following the article posted on http://isaserver.org/articles/2004securerpc.html is fairly easy to achieve and you don't necessarily have to have xp client with outlook 2003, why would some one invest time in rpc over http? Is the single rpc method less safe than the other way? Is it less feature rich compared to rpc over http? Thanks for clearing this