Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Adding a webmail link to a corporate site

Posted on 2004-09-23
Medium Priority
Last Modified: 2006-11-17
using Server 2003 and Exchange.  Please advise on the security issues that would arise from installing a link (however small) on a 'business' website (not heavily traveled by any means) to allow employees Outlook Web Access?  Do larger business still practice this?  Is their a 'better' way; maybe having http://webmail.business.com point to the Exchange Outlook Web Access page?   what is safe and secure?
Question by:72chevy4x4
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 104

Accepted Solution

Sembee earned 1000 total points
ID: 12132810
I wouldn't advertise the link anywhere - I would expect employees to remember it. However I don't see any reason why you cannot use OWA.
The only thing I would say is to an SSL certificate from somewhere like freessl.com and force the users to use HTTPS.


Author Comment

ID: 12133621
What about letting SBS2003 create its own certificate?  I've tried the website in question and it automatically requires https (will not accept the http request).  
LVL 104

Expert Comment

ID: 12135539
The only problem with using the built in certificate is that it isn't trusted. It will generate errors each time it is used, unless the certificate is installed. It probably isn't a good idea to install the certificates everywhere as this will leave information about your configuration everywhere. Furthermore that certificate has probably been issued in the name of server.domain.com and you might want it to be webmail.domain.com

With FreeSSL doing certificates for some ridiculous sum like US$20/year I just think it looks more professional to have a real certificate that doesn't generate errors and allows the users to verify that it is legimate.


Author Comment

ID: 12532689
regarding the certificates: that is one error I've run across, when the remote office logs on using https:server.business.com, an error stating the certificate holder's name is server.business.local pops up.  guess the original cert was incorrectly named.  The public has no knowledge of or use for the cert (no e-business or the likes going on), so I may not pursue the FreeSSL option, but thank you for the information.

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question