Solved

404 not found page for some mails in Outlook Web Access

Posted on 2004-09-08
10
619 Views
Last Modified: 2008-01-09
I run a SBS2000 server with exchange on it, and offer my users the OWA (outlook web access) to use their mailbox if they want to when they are on the go.
Once in a while there is a message that give a 404 error when trying to read it (either in the content pane or a new window) for no apparent reason.
For the same reason the message cant be forwarded or answered to.
If a message cause that error then the error is repeatable: the same message will stay unreadable in the web mail  interface with every attempt.
It doesn't (as far as I get it) depend on the sender (messages from the same sender can be readable for one and not for another), nor does it seem to be related to attachments or subject content...

Of course the messages are quite readable on the desktops in outlook proper...
I don't get it.

Thanks for any of this excellent help on can always expect here !
0
Comment
Question by:tarbault
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12008738
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12008751
0
 
LVL 3

Expert Comment

by:dheeruthakur
ID: 12013923
error - The page cannot be found. 404 - File not found.
To resolve this problem, obtain the September 2003 Exchange 2000 Server Post-Service Pack 3 (SP3) Rollup.
to obtain the latest Exchange 2000 Server service pack visit this site
http://support.microsoft.com/default.aspx?scid=kb;EN-US;301378
http://www.microsoft.com/exchange/downloads/2000/sp3/default.asp

dheerendra
(network engineer)
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 1

Author Comment

by:tarbault
ID: 12055721
At the first opportunity I will try the service pack and comme back with the result. Probably end of this week. Thanks !
0
 
LVL 1

Author Comment

by:tarbault
ID: 12102739
Ok, I reapplied SP3
then latest rollup (Exchange2000-KB836488-v2-x86-fra.exe).

No luck. Still 404 on that specific mail.
0
 
LVL 2

Accepted Solution

by:
etsolow earned 425 total points
ID: 12113596
I have seen this issue in messages that contain multiple periods in the subject.  Check the messages that are returning the 404 - if they all have multiple periods in the subject then this fix applies to you:

On your OWA server, find the file URLSCAN.INI (usually in \winnt\system32\inetsrv\urlscan)

Change this:

     [DenyUrlSequences]
     ..  ; Don't allow directory traversals

To this:

     [DenyUrlSequences]
     ;..  ; Don't allow directory traversals

Note that you will now be ALLOWING directory traversals.  Be aware of the security implications.
0
 
LVL 2

Expert Comment

by:etsolow
ID: 12113623
Sorry forgot:  you may have to restart your IIS services after making the above change.  Good luck!
0
 
LVL 1

Author Comment

by:tarbault
ID: 12120438
Well done etsolow !!
That was the cause (and the solution). I just confirmed it with my "test" message wich subject was:
"dabs.com - Numéro de commande xxxxxxx - Votre commande a été expédiée."

But as it is also lowering IIS security, I think I'll stick with the problem.

Could you please elaborate on the nature of the risks involved in "ALLOWING directory traversals" ?

Thanks anyway ! That was a good one.
0
 
LVL 2

Expert Comment

by:etsolow
ID: 12122167
Actually, maybe I wasn't clear.  By "multiple periods" I really meant "multiple subsequent periods".  I don't see any in that test message, unless those x's replace periods?

At any rate, here's a good fix that doesn't lower security:  http://support.microsoft.com/default.aspx?kbid=325965

Instead of

      ;..  ; Don't allow directory traversals

use

      ../  ; Don't allow directory traversals

That will disallow directory traversals, and still allow ellipsis in email subjects.

Eli
0
 
LVL 1

Author Comment

by:tarbault
ID: 12131768
Update on this question: after all it is a solution !

No, te xxxxx only replace numerals (the order's number, not really confidential, but anyway...)
The only periods are those you cans see in the text and they are not subsequent.

BUT it does seem to be the origin of the problem anyway as I determined it with the foolowing steps:
1 message not visible in OWA
2 edit urlscan.in to  : ";..  ; Don't allow directory traversals"
3 restart IIS
4 message is visible in OWA
5 move back to "..  ; Don't allow directory traversals"
6 restart IIS
7 message again is 404

Finally
I went into urlscan.ini again and moved to "../  ; Don't allow directory traversals"

Result: security unaltered and message visible...
I can't start guessing why, because periods are not contiguous, but it IS a working solution.

Your earned your points !
Thanks Eli !
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question