Exchange & Outlook UPDATE, Exchange Edition, February 26, 2004

This Issue Sponsored By

Enforce Policies in Mailboxes, PST Files & Public Folders

Permeo Technologies – Secure, Full Outlook(R) Remote Access


Commentary - ActiveSync Architecture and You

Resources - Featured Thread: Partition Sizing - Outlook Tip: Enabling and Disabling Attachments New and Improved - Sync Your Palm with Outlook BCM


~~~~ Sponsor: Enforce Policies in Mailboxes, PST Files & Public Folders ~~~~ Are you experiencing email overload? Tired of installing multiple stand-alone products to manage both mailboxes and PST files? Mail Attender Enterprise gives you the power to manage Exchange mailboxes, PST files on desktops/servers and public folders from one central web interface. Implement policies, perform keyword searches to locate content, enforce retention/archiving rules, audit usage and view email statistics across your entire enterprise. Management is transparent to end-users and can be applied to certain users, groups or sublevels. With Mail Attender Enterprise, you will decrease administration time, reclaim storage space and reduce your liabilities. Download a FREE TRIAL today and instantly view statistics like total message/attachment count, size, and type on your entire mail information store!


==== Commentary: ActiveSync Architecture and You ==== by Paul Robichaux, News Editor, [email protected]

An increasing number of people that I know are toting Motorola's MPx200 Smartphone, which is powered by the Windows Mobile OS. This nifty phone can do some valuable things, chiefly synchronize your email, calendar, and contact data wirelessly through Exchange Server 2003's ActiveSync component. I've written about Exchange ActiveSync before (see the UPDATE commentary "Improving Mobile Access to Exchange 2003," )--and my editors will kill me if I try to turn this column into "Smartphone UPDATE"--but with ActiveSync's popularity on the upswing, I want to mention some interesting subtleties that you'll need to be aware of if you're considering using ActiveSync on your network. First (as always) is security. Exchange ActiveSync uses TCP port 443, period. There's no way to make it use Secure Sockets Layer (SSL) over an alternate port, so you need to make provisions to allow SSL traffic from the Internet to the Exchange server running ActiveSync. Having SSL accelerators or termination devices (such as Microsoft Internet Security and Acceleration--ISA--Server 2000 or later) in the path is fine, as long as you've properly configured those devices. If you like, you can use a self-issued certificate for SSL, but doing so will require you to install the root Certificate Authority (CA) certificate on your phones. Using a Thawte- or VeriSign-issued certificate (or one from another CA whose root certificate is preinstalled on the phones you're using) is well worth the additional expense from a life-cycle-cost standpoint. Loading certificates onto phones is a manual process and doesn't scale well. Second is segmentation. You can quickly enable or disable ActiveSync for individual users through Exchange System Manager (ESM) or by setting the value of the msExchOmaAdminWirelessEnable Active Directory (AD) attribute to 4. The latter approach works well for enabling ActiveSync access by group. Another suggestion: Set up a separate DNS name, such as, for your ActiveSync users. Doing so gives you the flexibility to change some aspects of your Exchange topology without breaking the users' wireless access. Fortunately, you don't have to completely move off earlier versions of Exchange to get ActiveSync for your users. Exchange 2003 is perfectly happy to use ActiveSync to serve mailboxes in a mixed-mode Exchange organization, although you will need to update the organization with Exchange 2003's schema changes. In conjunction with a separate DNS name space, using a separate server gives you an easy way to pilot ActiveSync: Add an Exchange 2003 server, publish its SSL port through your firewall, and set up a separate DNS name. The ability to get Exchange data wirelessly is becoming more and more popular, and I expect continued and widespread adoption of ActiveSync, especially as more manufacturers roll out devices that can use the feature. If you've got stories to tell--good or bad--about deploying ActiveSync in your organization, I'd love to hear them.


~~~~ Sponsor: Permeo Technologies – Secure, Full Outlook(R) Remote Access ~~~~ Permeo Technologies enables secure, full Outlook(R) to Exchange(R) connectivity for remote users. With AbsoluteAccess E-mail, remote users can access e-mail, calendaring, contacts and all groupware features launching their native Outlook client from a browser in full SSL encryption. No additional client installation. No configuration changes to Outlook or Exchange. Easy to use. Easy to deploy. Learn more, attend a free on-line seminar and register to win a free portable DVD player.


==== Announcements ==== (from Windows & .NET Magazine and its partners)

Event Central--a Comprehensive Resource for the Latest Events in Your Field Looking for one place to find the latest Web seminars, roadshows, and conferences? Event Central has every topic you're looking for. Stay current on the latest developments in your field. Visit Event Central and find answers now!

New eBook--"Building an Effective Reporting System" This free eBook will help you understand the various kinds of performance monitoring and reporting and shows you examples of how and when to implement them. You'll find practical examples that explain and illustrate the theory by using NetIQ tools as the basis of these examples.

==== Resources ====

Featured Thread: Partition Sizing A forum reader has some questions about partition sizing in preparation for an Exchange Server 2003 deployment. To offer your advice or join the discussion, go to the following URL:

Outlook Tip: Enabling and Disabling Attachments by Sue Mosher, [email protected]

Q: How can I control which attachments Outlook 2002's security feature blocks?

A: Outlook 2002 supports a Level1Remove string value in the HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security registry subkey. If you enter a semicolon-delimited list of file extensions (e.g., url;lnk) for the Level1Remove value, users can access and save file attachments that Outlook usually blocks. However, if the value DisallowAttachmentCustomization exists in the HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Outlook subkey, attempts to change to the Level1Remove value have no effect. Outlook also supports a Level1Add string value, which lets you enter a semicolon-delimited list of file extensions to add file types to the blocked list. This feature doesn't work in the release to manufacturing (RTM) version of Outlook 2002, but Microsoft Office XP Service Pack 1 (SP1) restores the functionality. For more information about these changes, see the Microsoft articles "OL2002: The 'Level1Add' Registry Key Is Missing from Outlook 2002" ( ) and "OL2002: You Cannot Open Attachments" ( ). Before you implement any registry changes, I recommend that you read any relevant Microsoft articles, back up the registry, and test thoroughly. You can also use administrative tools to control attachment blocking. The Outlook 2002 security form includes an option that lets you stop users from customizing attachment security settings. You can also use a policy to prevent users from customizing attachment blocking. For more information about these tools, see Outlook Tips & Techniques, September 2000, . See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips.

==== Events Central ==== (A complete Web and live events directory brought to you by Windows & .NET Magazine: )

New--Microsoft Security Strategies Roadshow! We've teamed with Microsoft, Avanade, and Network Associates to bring you a full day of training to help you get your organization secure and keep it secure. You'll learn how to implement a patch-management strategy; lock down servers, workstations, and network infrastructure; and implement security policy management. Register now for this free, 20-city tour.

==== New and Improved ==== by Carolyn Mader, [email protected]

Sync Your Palm with Outlook BCM Chapura released PocketMirror Professional 3.1.6, software that synchronizes Palm PDAs and Outlook with Business Contact Manager (BCM). The software lets users synchronize the Business Contacts folder in BCM with the built-in Palm OS Address Book. The multiple-folder synchronization capability lets users view and modify essential contact information while away from the office. PocketMirror Professional also lets users synchronize Outlook Calendar, Contacts, Tasks, and Notes information stored in public folders and subfolders between the PC and any Palm-powered PDA. Pricing is $49.95. Contact Chapura at 251-470-1963 or 800-242-7872.

Tell Us About a Hot Product and Get a T-Shirt! Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Link ====

NetSupport Free Trial - Fast and Easy Network Management. - NetSupport DNA;7276793;8214395;y?

Surf Control SurfControl Web Filter manages Internet risk. Try it FREE for 30 days.;7342764;8214395;q?

VERITAS Software Improving Application Performance on Storage Arrays Webcast from VERITAS Software.


==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

View the Windows & .NET Magazine Privacy policy at: Windows & .NET Magazine a division of Penton Media Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.