I currently only have OWA available through VPN access because I'm afraid that if I open up the port we are going to be attacked. How safe is OWA? Is it only safe when you have front and back end servers? It would be a lot easier for me to just allow users to access their e-mail without the use of a VPN, because most of the user's don't like the VPN and have trouble using it. Thank your for any information you have on the subject.