404 not found page for some mails in Outlook Web Access

I run a SBS2000 server with exchange on it, and offer my users the OWA (outlook web access) to use their mailbox if they want to when they are on the go.
Once in a while there is a message that give a 404 error when trying to read it (either in the content pane or a new window) for no apparent reason.
For the same reason the message cant be forwarded or answered to.
If a message cause that error then the error is repeatable: the same message will stay unreadable in the web mail  interface with every attempt.
It doesn't (as far as I get it) depend on the sender (messages from the same sender can be readable for one and not for another), nor does it seem to be related to attachments or subject content...

Of course the messages are quite readable on the desktops in outlook proper...
I don't get it.

Thanks for any of this excellent help on can always expect here !
LVL 1
tarbaultAsked:
Who is Participating?
 
etsolowConnect With a Mentor Commented:
I have seen this issue in messages that contain multiple periods in the subject.  Check the messages that are returning the 404 - if they all have multiple periods in the subject then this fix applies to you:

On your OWA server, find the file URLSCAN.INI (usually in \winnt\system32\inetsrv\urlscan)

Change this:

     [DenyUrlSequences]
     ..  ; Don't allow directory traversals

To this:

     [DenyUrlSequences]
     ;..  ; Don't allow directory traversals

Note that you will now be ALLOWING directory traversals.  Be aware of the security implications.
0
 
Pete LongTechnical ConsultantCommented:
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
dheeruthakurCommented:
error - The page cannot be found. 404 - File not found.
To resolve this problem, obtain the September 2003 Exchange 2000 Server Post-Service Pack 3 (SP3) Rollup.
to obtain the latest Exchange 2000 Server service pack visit this site
http://support.microsoft.com/default.aspx?scid=kb;EN-US;301378
http://www.microsoft.com/exchange/downloads/2000/sp3/default.asp

dheerendra
(network engineer)
0
 
tarbaultAuthor Commented:
At the first opportunity I will try the service pack and comme back with the result. Probably end of this week. Thanks !
0
 
tarbaultAuthor Commented:
Ok, I reapplied SP3
then latest rollup (Exchange2000-KB836488-v2-x86-fra.exe).

No luck. Still 404 on that specific mail.
0
 
etsolowCommented:
Sorry forgot:  you may have to restart your IIS services after making the above change.  Good luck!
0
 
tarbaultAuthor Commented:
Well done etsolow !!
That was the cause (and the solution). I just confirmed it with my "test" message wich subject was:
"dabs.com - Numéro de commande xxxxxxx - Votre commande a été expédiée."

But as it is also lowering IIS security, I think I'll stick with the problem.

Could you please elaborate on the nature of the risks involved in "ALLOWING directory traversals" ?

Thanks anyway ! That was a good one.
0
 
etsolowCommented:
Actually, maybe I wasn't clear.  By "multiple periods" I really meant "multiple subsequent periods".  I don't see any in that test message, unless those x's replace periods?

At any rate, here's a good fix that doesn't lower security:  http://support.microsoft.com/default.aspx?kbid=325965

Instead of

      ;..  ; Don't allow directory traversals

use

      ../  ; Don't allow directory traversals

That will disallow directory traversals, and still allow ellipsis in email subjects.

Eli
0
 
tarbaultAuthor Commented:
Update on this question: after all it is a solution !

No, te xxxxx only replace numerals (the order's number, not really confidential, but anyway...)
The only periods are those you cans see in the text and they are not subsequent.

BUT it does seem to be the origin of the problem anyway as I determined it with the foolowing steps:
1 message not visible in OWA
2 edit urlscan.in to  : ";..  ; Don't allow directory traversals"
3 restart IIS
4 message is visible in OWA
5 move back to "..  ; Don't allow directory traversals"
6 restart IIS
7 message again is 404

Finally
I went into urlscan.ini again and moved to "../  ; Don't allow directory traversals"

Result: security unaltered and message visible...
I can't start guessing why, because periods are not contiguous, but it IS a working solution.

Your earned your points !
Thanks Eli !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.