This Issue Sponsored By
Windows & .NET Magazine VIP Web Site/Super CD
http://www.winnetmag.com/rd.cfm?code=edep273lup
===============
1. Commentary
- OWA Attachment Security
2. Resources
- Security-Enhanced Settings in Exchange Server 2003
- Featured Thread: Autoarchival Solutions
- Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message
3. Event
- Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
4. New and Improved
- Turn OWA into the Default Desktop Client
- Tell Us About a Hot Product and Get a T-Shirt!
5. Contact Us
- See this section for a list of ways to contact us.
==========
~~~~ Sponsor: Windows & .NET Magazine VIP Web Site/Super CD ~~~~
The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All!
If you want to be sure you're getting everything the Windows & .NET Magazine Network has to offer, then you need a subscription to the VIP Web site/Super CD. You'll get online access to all of our publications, a print subscription to Windows & .NET Magazine, and a subscription to our VIP Web site, a banner-free resource loaded with articles you can't find anywhere else. Click here to find out how you can get it all at 25% off! http://www.winnetmag.com/rd.cfm?code=edep273lup
==========
\[Editor's Note: Because of the holidays this week and next week, Exchange & Outlook UPDATE will be appearing on Tuesday, December 23 and Tuesday, December 30 rather than on Thursday, December 25 and Thursday, January 1.\]
==== 1. Commentary: OWA Attachment Security ==== by Paul Robichaux, News Editor, [email protected]
Outlook Web Access (OWA) is a terrific tool for giving users remote access to their mailboxes. However, when users open attachments from computers that you don't control, they run the risk of accidentally disclosing sensitive information. You should teach OWA users not to open OWA attachments on public machines, but just in case users open attachments despite your warnings, OWA 2003 includes several security features to help mitigate the risk. First, be aware that if a user saves an attachment (by using either the Save Target As or Save option), OWA has no way to override or control the action, which is browser-based. But when a user simply opens an attachment, OWA emits an expiration header with the previous day's date. This header prevents the browser from permanently caching the document.
However, depending on the attachment's content type, the browser might need to write the attachment to disk so that a helper application can open it. To help counteract this problem, Microsoft has added some OWA features that provide server-side blocking of attachments. For example, the DisableAttachments REG_DWORD value in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb\OWA registry subkey lets you control attachment access in three ways:
- When you set the value to 0 (which is the default), all users can access all attachments.
- When you set the value to 1, OWA blocks all access to all attachments.
- When you set the value to 2, OWA blocks attachment access for sessions that originate on a front-end server but permits access for users who connect directly to the mailbox server. This option lets you give attachment access to users on your network while blocking access for Internet users.
If you want to permit access from some, but not all, front-end servers, set DisableAttachments to 2, then create a new REG_SZ value (under the same subkey) named AcceptedAttachmentFrontEnds. Specify a comma-delimited list of front-end server host names. Users who connect to those servers will be able to access attachments through OWA. Of course, OWA 2003 also implements the same kind of attachment-blocking code that's in Outlook 2000 Service Release 1a (SR1a) and later to block the same list of Level 1 and Level 2 file attachments that the desktop version of Outlook blocks. OWA blocks these attachments before applying the DisableAttachments value, so an attachment of a blocked file type won't be available under any circumstances.
==========
~~~~ Hot Release: MailFrontier ~~~~
How To Test an Anti-Spam Solution, And Get Results You Can Trust – by MailFrontier
Learn how to mitigate the risk of misleading effectiveness rates and administration overhead while evaluating an anti-spam solution – Download Whitepaper Now!
http://rd.mailfrontier.com/redirect.cgi?t=testguide&loc=Win.Net_Newsletter_122303
==========
==== 2. Resources ====
Security-Enhanced Settings in Exchange Server 2003
The Microsoft article "Overview of Security-Enhanced Settings in the Default Configuration of Exchange Server 2003" discusses Exchange Server 2003's improvements to Exchange 2000 Server security features.
http://support.microsoft.com/?kbid=818474
Featured Thread: Autoarchival Solutions
A forum reader is looking for a solution that can autoarchive user mailboxes with minimal administration. To offer your advice or join the discussion, go to the following URL:
http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=66225
Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message by Sue Mosher, [email protected]
Q: After I read and close a new email message, Outlook automatically opens the next new message. How do I make Outlook return to the Inbox instead of automatically opening the next new email message?
A: Select Tools, Options, then select the Preference tab and click E-mail Options. At the top of the E-mail Options dialog box, under Message Handling, you'll see a drop-down menu with choices for "After moving or deleting an open item." Select "return to the Inbox."
See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips from Sue Mosher.
http://www.winnetmag.com/microsoftexchangeoutlook
==== 3. Event ==== (brought to you by Windows & .NET Magazine)
Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
Do you need an affordable, strong (two-factor) security solution to monitor incoming and outgoing Web users? In this free Web seminar, learn how Authenex and Microsoft have combined forces to integrate a strong authentication system with Internet security to put affordable and flexible Authenex A-Key USB token in the hands of end-users. Attendees will have the opportunity to receive a Free A-Key USB token from Authenex. Register now!
http://www.winnetmag.com/seminars/authentication/
==== 4. New and Improved ==== by Carolyn Mader, [email protected]
Turn OWA into the Default Desktop Client
Messageware released OWA Mail for Microsoft Office, software that turns Outlook Web Access (OWA) into the default mail client on a user's desktop, giving users Outlook-type integration with Office and other simple Messaging API (MAPI) applications. With OWA as the default mail client, users can use the Send To function in Office and other applications and use the Mailto hyperlink from within any email, Web site, or document. The software can enhance users' productivity and maximize the power of Web-based messaging through OWA. You can purchase OWA Mail for Microsoft Office for one user for $25 or for your organization according to the number of users, with prices starting at $75 for five users.
http://www.messageware.com
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].
==== Sponsored Links ====
NetSupport
Free Trial - Fast and Easy Network Management. - NetSupport DNA
http://ad.doubleclick.net/clk;6823752;8214395;q?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm
==========
==== 5. Contact Us ====
About the newsletter -- [email protected]
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
==========
This email newsletter is brought to you by Exchange & Outlook Administrator, the print newsletter with practical advice, tips, and techniques covering migration, backup and restoration, security, and much more. Subscribe today. http://www.exchangeadmin.com/sub.cfm?code=neei23xxup
Copyright 2003, Penton Media, Inc.
==== This Issue Sponsored By ====
Windows & .NET Magazine VIP Web Site/Super CD
http://www.winnetmag.com/rd.cfm?code=edep273lup
==========
1. Commentary
- OWA Attachment Security
2. Resources
- Security-Enhanced Settings in Exchange Server 2003
- Featured Thread: Autoarchival Solutions
- Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message
3. Event
- Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
4. New and Improved
- Turn OWA into the Default Desktop Client
- Tell Us About a Hot Product and Get a T-Shirt!
5. Contact Us
- See this section for a list of ways to contact us.
==========
~~~~ Sponsor: Windows & .NET Magazine VIP Web Site/Super CD ~~~~
The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All!
If you want to be sure you're getting everything the Windows & .NET Magazine Network has to offer, then you need a subscription to the VIP Web site/Super CD. You'll get online access to all of our publications, a print subscription to Windows & .NET Magazine, and a subscription to our VIP Web site, a banner-free resource loaded with articles you can't find anywhere else. Click here to find out how you can get it all at 25% off! http://www.winnetmag.com/rd.cfm?code=edep273lup
==========
\[Editor's Note: Because of the holidays this week and next week, Exchange & Outlook UPDATE will be appearing on Tuesday, December 23 and Tuesday, December 30 rather than on Thursday, December 25 and Thursday, January 1.\]
==== 1. Commentary: OWA Attachment Security ==== by Paul Robichaux, News Editor, [email protected]
Outlook Web Access (OWA) is a terrific tool for giving users remote access to their mailboxes. However, when users open attachments from computers that you don't control, they run the risk of accidentally disclosing sensitive information. You should teach OWA users not to open OWA attachments on public machines, but just in case users open attachments despite your warnings, OWA 2003 includes several security features to help mitigate the risk. First, be aware that if a user saves an attachment (by using either the Save Target As or Save option), OWA has no way to override or control the action, which is browser-based. But when a user simply opens an attachment, OWA emits an expiration header with the previous day's date. This header prevents the browser from permanently caching the document.
However, depending on the attachment's content type, the browser might need to write the attachment to disk so that a helper application can open it. To help counteract this problem, Microsoft has added some OWA features that provide server-side blocking of attachments. For example, the DisableAttachments REG_DWORD value in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb\OWA registry subkey lets you control attachment access in three ways:
- When you set the value to 0 (which is the default), all users can access all attachments.
- When you set the value to 1, OWA blocks all access to all attachments.
- When you set the value to 2, OWA blocks attachment access for sessions that originate on a front-end server but permits access for users who connect directly to the mailbox server. This option lets you give attachment access to users on your network while blocking access for Internet users.
If you want to permit access from some, but not all, front-end servers, set DisableAttachments to 2, then create a new REG_SZ value (under the same subkey) named AcceptedAttachmentFrontEnds. Specify a comma-delimited list of front-end server host names. Users who connect to those servers will be able to access attachments through OWA. Of course, OWA 2003 also implements the same kind of attachment-blocking code that's in Outlook 2000 Service Release 1a (SR1a) and later to block the same list of Level 1 and Level 2 file attachments that the desktop version of Outlook blocks. OWA blocks these attachments before applying the DisableAttachments value, so an attachment of a blocked file type won't be available under any circumstances.
==========
~~~~ Hot Release: MailFrontier ~~~~
How To Test an Anti-Spam Solution, And Get Results You Can Trust – by MailFrontier
Learn how to mitigate the risk of misleading effectiveness rates and administration overhead while evaluating an anti-spam solution – Download Whitepaper Now!
http://rd.mailfrontier.com/redirect.cgi?t=testguide&loc=Win.Net_Newsletter_122303
==========
==== 2. Resources ====
Security-Enhanced Settings in Exchange Server 2003
The Microsoft article "Overview of Security-Enhanced Settings in the Default Configuration of Exchange Server 2003" discusses Exchange Server 2003's improvements to Exchange 2000 Server security features.
http://support.microsoft.com/?kbid=818474
Featured Thread: Autoarchival Solutions
A forum reader is looking for a solution that can autoarchive user mailboxes with minimal administration. To offer your advice or join the discussion, go to the following URL:
http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=66225
Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message by Sue Mosher, [email protected]
Q: After I read and close a new email message, Outlook automatically opens the next new message. How do I make Outlook return to the Inbox instead of automatically opening the next new email message?
A: Select Tools, Options, then select the Preference tab and click E-mail Options. At the top of the E-mail Options dialog box, under Message Handling, you'll see a drop-down menu with choices for "After moving or deleting an open item." Select "return to the Inbox."
See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips from Sue Mosher.
http://www.winnetmag.com/microsoftexchangeoutlook
==== 3. Event ==== (brought to you by Windows & .NET Magazine)
Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
Do you need an affordable, strong (two-factor) security solution to monitor incoming and outgoing Web users? In this free Web seminar, learn how Authenex and Microsoft have combined forces to integrate a strong authentication system with Internet security to put affordable and flexible Authenex A-Key USB token in the hands of end-users. Attendees will have the opportunity to receive a Free A-Key USB token from Authenex. Register now!
http://www.winnetmag.com/seminars/authentication/
==== 4. New and Improved ==== by Carolyn Mader, [email protected]
Turn OWA into the Default Desktop Client
Messageware released OWA Mail for Microsoft Office, software that turns Outlook Web Access (OWA) into the default mail client on a user's desktop, giving users Outlook-type integration with Office and other simple Messaging API (MAPI) applications. With OWA as the default mail client, users can use the Send To function in Office and other applications and use the Mailto hyperlink from within any email, Web site, or document. The software can enhance users' productivity and maximize the power of Web-based messaging through OWA. You can purchase OWA Mail for Microsoft Office for one user for $25 or for your organization according to the number of users, with prices starting at $75 for five users.
http://www.messageware.com
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].
==== Sponsored Links ====
NetSupport
Free Trial - Fast and Easy Network Management. - NetSupport DNA
http://ad.doubleclick.net/clk;6823752;8214395;q?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm
==========
==== 5. Contact Us ====
About the newsletter -- [email protected]
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
==========
This email newsletter is brought to you by Exchange & Outlook Administrator, the print newsletter with practical advice, tips, and techniques covering migration, backup and restoration, security, and much more. Subscribe today. http://www.exchangeadmin.com/sub.cfm?code=neei23xxup
Copyright 2003, Penton Media, Inc.
==== This Issue Sponsored By ====
Windows & .NET Magazine VIP Web Site/Super CD
http://www.winnetmag.com/rd.cfm?code=edep273lup
==========
1. Commentary
- OWA Attachment Security
2. Resources
- Security-Enhanced Settings in Exchange Server 2003
- Featured Thread: Autoarchival Solutions
- Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message
3. Event
- Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
4. New and Improved
- Turn OWA into the Default Desktop Client
- Tell Us About a Hot Product and Get a T-Shirt!
5. Contact Us
- See this section for a list of ways to contact us.
==========
~~~~ Sponsor: Windows & .NET Magazine VIP Web Site/Super CD ~~~~
The Windows & .NET Magazine Network VIP Web Site/Super CD Has It All!
If you want to be sure you're getting everything the Windows & .NET Magazine Network has to offer, then you need a subscription to the VIP Web site/Super CD. You'll get online access to all of our publications, a print subscription to Windows & .NET Magazine, and a subscription to our VIP Web site, a banner-free resource loaded with articles you can't find anywhere else. Click here to find out how you can get it all at 25% off! http://www.winnetmag.com/rd.cfm?code=edep273lup
==========
\[Editor's Note: Because of the holidays this week and next week, Exchange & Outlook UPDATE will be appearing on Tuesday, December 23 and Tuesday, December 30 rather than on Thursday, December 25 and Thursday, January 1.\]
==== 1. Commentary: OWA Attachment Security ==== by Paul Robichaux, News Editor, [email protected]
Outlook Web Access (OWA) is a terrific tool for giving users remote access to their mailboxes. However, when users open attachments from computers that you don't control, they run the risk of accidentally disclosing sensitive information. You should teach OWA users not to open OWA attachments on public machines, but just in case users open attachments despite your warnings, OWA 2003 includes several security features to help mitigate the risk. First, be aware that if a user saves an attachment (by using either the Save Target As or Save option), OWA has no way to override or control the action, which is browser-based. But when a user simply opens an attachment, OWA emits an expiration header with the previous day's date. This header prevents the browser from permanently caching the document.
However, depending on the attachment's content type, the browser might need to write the attachment to disk so that a helper application can open it. To help counteract this problem, Microsoft has added some OWA features that provide server-side blocking of attachments. For example, the DisableAttachments REG_DWORD value in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb\OWA registry subkey lets you control attachment access in three ways:
- When you set the value to 0 (which is the default), all users can access all attachments.
- When you set the value to 1, OWA blocks all access to all attachments.
- When you set the value to 2, OWA blocks attachment access for sessions that originate on a front-end server but permits access for users who connect directly to the mailbox server. This option lets you give attachment access to users on your network while blocking access for Internet users.
If you want to permit access from some, but not all, front-end servers, set DisableAttachments to 2, then create a new REG_SZ value (under the same subkey) named AcceptedAttachmentFrontEnds. Specify a comma-delimited list of front-end server host names. Users who connect to those servers will be able to access attachments through OWA. Of course, OWA 2003 also implements the same kind of attachment-blocking code that's in Outlook 2000 Service Release 1a (SR1a) and later to block the same list of Level 1 and Level 2 file attachments that the desktop version of Outlook blocks. OWA blocks these attachments before applying the DisableAttachments value, so an attachment of a blocked file type won't be available under any circumstances.
==========
~~~~ Hot Release: MailFrontier ~~~~
How To Test an Anti-Spam Solution, And Get Results You Can Trust – by MailFrontier
Learn how to mitigate the risk of misleading effectiveness rates and administration overhead while evaluating an anti-spam solution – Download Whitepaper Now!
http://rd.mailfrontier.com/redirect.cgi?t=testguide&loc=Win.Net_Newsletter_122303
==========
==== 2. Resources ====
Security-Enhanced Settings in Exchange Server 2003
The Microsoft article "Overview of Security-Enhanced Settings in the Default Configuration of Exchange Server 2003" discusses Exchange Server 2003's improvements to Exchange 2000 Server security features.
http://support.microsoft.com/?kbid=818474
Featured Thread: Autoarchival Solutions
A forum reader is looking for a solution that can autoarchive user mailboxes with minimal administration. To offer your advice or join the discussion, go to the following URL:
http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=66225
Outlook Tip: Preventing Outlook from Automatically Opening the Next New Email Message by Sue Mosher, [email protected]
Q: After I read and close a new email message, Outlook automatically opens the next new message. How do I make Outlook return to the Inbox instead of automatically opening the next new email message?
A: Select Tools, Options, then select the Preference tab and click E-mail Options. At the top of the E-mail Options dialog box, under Message Handling, you'll see a drop-down menu with choices for "After moving or deleting an open item." Select "return to the Inbox."
See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips from Sue Mosher.
http://www.winnetmag.com/microsoftexchangeoutlook
==== 3. Event ==== (brought to you by Windows & .NET Magazine)
Affordable, Strong (Two-Factor) Access Control for the Web – Granular Control of Inbound and Outbound Traffic
Do you need an affordable, strong (two-factor) security solution to monitor incoming and outgoing Web users? In this free Web seminar, learn how Authenex and Microsoft have combined forces to integrate a strong authentication system with Internet security to put affordable and flexible Authenex A-Key USB token in the hands of end-users. Attendees will have the opportunity to receive a Free A-Key USB token from Authenex. Register now!
http://www.winnetmag.com/seminars/authentication/
==== 4. New and Improved ==== by Carolyn Mader, [email protected]
Turn OWA into the Default Desktop Client
Messageware released OWA Mail for Microsoft Office, software that turns Outlook Web Access (OWA) into the default mail client on a user's desktop, giving users Outlook-type integration with Office and other simple Messaging API (MAPI) applications. With OWA as the default mail client, users can use the Send To function in Office and other applications and use the Mailto hyperlink from within any email, Web site, or document. The software can enhance users' productivity and maximize the power of Web-based messaging through OWA. You can purchase OWA Mail for Microsoft Office for one user for $25 or for your organization according to the number of users, with prices starting at $75 for five users.
http://www.messageware.com
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].
==== Sponsored Links ====
NetSupport
Free Trial - Fast and Easy Network Management. - NetSupport DNA
http://ad.doubleclick.net/clk;6823752;8214395;q?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm
==========
==== 5. Contact Us ====
About the newsletter -- [email protected]
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
===============
This email newsletter is brought to you by Exchange & Outlook Administrator, the print newsletter with practical advice, tips, and techniques covering migration, backup and restoration, security, and much more. Subscribe today. http://www.exchangeadmin.com/sub.cfm?code=neei23xxup
Copyright 2003, Penton Media, Inc.
