Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Making Exchange Email addresses available over Internet

Posted on 2006-10-20
Medium Priority
Last Modified: 2010-03-06
Have no experience with Exchange - Just started new job - Email can be picked up by our employees via Outlook from within the interior of our network.

We have a website (IIS on our own servers - all Win2003 servers) and I know the IP address for the website.

How can I make the email server available so that Outlook can download message from mailboxes over the internet?

Question by:tometh
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 14

Expert Comment

ID: 17774359
Dear tometh,
I belive that you are using Exchange 2003. If yes then you can enable RPC over https with which users can download the mails from Internet directly without VPN.

refer thse articles to know more about RPC over https and how to implement them

Good luck


Expert Comment

ID: 17774797
alternativels, you can use outlook web access thru a web browser at

Author Comment

ID: 17774922
Ok - Just spent some time reading some stuff on this Outlook Web Access - couldn't find anything about instantiating, configuring,  setting it up etc.  Is this something that is a wholesale change to the Server or something that is enabled on a per mailbox basis?
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 104

Accepted Solution

Sembee earned 2000 total points
ID: 17775084
OWA is installed by default. Nothing has to be done to enable it.
Internally, if you browse to http://exchangeserver/exchange (where exchangeserver is the name of your Exchange server) then you will get OWA.

To expose it to the internet open port 80 on your firewall.

However, for a secure deployment you should look at getting an SSL certificate. These are relatively cheap - US$20 from GoDaddy if you have a .com/.net/.org domain.
Once you have an SSL certificate you can turn off port 80 (which is a security risk) and open port 443.


Author Comment

ID: 17775576
Thanks very much!!

Author Comment

ID: 17777565
OK - question about SSL Certs - I bought one from verisign 18 months ago for a former employer- It was my impression that the thrust of the reason for buying a certificate was so that customers could verify that a third party had checked out the records and listed information on the company and was basically assuring the customer that they were valid, and that encryption was in force.  I was told that all of the encryption was being handled by SSL on the webserver and that verisign was only validating the use of the encryption and the veracity of the registrant information.

In fact I was told that I could issue my own certificate on the server!

If this is correct then it would seem unnecessary to have a certificate involved at all since I am only interested in my own employees accessing their email.

Please advise if my understanding is incorrect
LVL 39

Expert Comment

ID: 17778076
Hi tometh,

SSL certificates are more than just proof that you are who you are.

That is part of it, but the real use is that it is used for encryption - you can make you own SSL cert if it is just for employees, but it will pop up with errors in internet explorer (it will still work though)

Alternatively, you can buy a good cheap ssl certificate from

Hope that helps,

LVL 104

Expert Comment

ID: 17780838
SSL Certificates have two main roles.

Their primary role is trust - the server you are connecting to is who it claims to be.
The secondary role is encryption - stops information going across in the clear.

If I was doing an ecommerce web site then I would use one of the expensive Verisign certificates.
For OWA, the cheapest certificates I can get hold of will be fine, to simply encrypt the username and password information. Plus it means I don't have to have port 80 open to the production network - which is a bad idea.

While you can issue your own certificates, this can cause problems. If every machine that will be accessing the server is under your control, then you can issue your own certificates, as you can get round the trust issue.
However for something like OWA where you cannot control every machine, it is a good idea to use a cheap commercial certificate that is trusted by most mainstream web browsers.

I have outlined my main arguments for not using a home grown (self issued) certificate on my blog here:


Author Comment

ID: 17795293
Thanks to all for the information so far!  Great help!

I read the information on Sembee's posted link - My question is relative to the paragraph

"If the root certificate isn't in the majority of web browsers then you will have the same problem as when issuing your own certificates - prompts and imports."

I've checked the list of trusted certificate authorities in IE - Go daddy is not listed there - is there some method of adding this certificate easily throughout my network.  Or will each client that accesses email through the certificate have to add it to the trusted list individually?


LVL 104

Expert Comment

ID: 17797353
GoDaddy don't issue their own certificates. They issue through another company. The certificate root that GoDaddy use is trusted by Internet Explorer on both the PC and the Windows Mobile device.


Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question