Solved

Adding a webmail link to a corporate site

Posted on 2004-09-23
4
277 Views
Last Modified: 2006-11-17
using Server 2003 and Exchange.  Please advise on the security issues that would arise from installing a link (however small) on a 'business' website (not heavily traveled by any means) to allow employees Outlook Web Access?  Do larger business still practice this?  Is their a 'better' way; maybe having http://webmail.business.com point to the Exchange Outlook Web Access page?   what is safe and secure?
0
Comment
Question by:72chevy4x4
  • 2
  • 2
4 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 12132810
I wouldn't advertise the link anywhere - I would expect employees to remember it. However I don't see any reason why you cannot use OWA.
The only thing I would say is to an SSL certificate from somewhere like freessl.com and force the users to use HTTPS.

Simon.
0
 
LVL 2

Author Comment

by:72chevy4x4
ID: 12133621
What about letting SBS2003 create its own certificate?  I've tried the website in question and it automatically requires https (will not accept the http request).  
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12135539
The only problem with using the built in certificate is that it isn't trusted. It will generate errors each time it is used, unless the certificate is installed. It probably isn't a good idea to install the certificates everywhere as this will leave information about your configuration everywhere. Furthermore that certificate has probably been issued in the name of server.domain.com and you might want it to be webmail.domain.com

With FreeSSL doing certificates for some ridiculous sum like US$20/year I just think it looks more professional to have a real certificate that doesn't generate errors and allows the users to verify that it is legimate.

Simon.
0
 
LVL 2

Author Comment

by:72chevy4x4
ID: 12532689
regarding the certificates: that is one error I've run across, when the remote office logs on using https:server.business.com, an error stating the certificate holder's name is server.business.local pops up.  guess the original cert was incorrectly named.  The public has no knowledge of or use for the cert (no e-business or the likes going on), so I may not pursue the FreeSSL option, but thank you for the information.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question