Making Exchange Email addresses available over Internet

Posted on 2006-10-20
Last Modified: 2010-03-06
Have no experience with Exchange - Just started new job - Email can be picked up by our employees via Outlook from within the interior of our network.

We have a website (IIS on our own servers - all Win2003 servers) and I know the IP address for the website.

How can I make the email server available so that Outlook can download message from mailboxes over the internet?

Question by:tometh
LVL 14

Expert Comment

ID: 17774359
Dear tometh,
I belive that you are using Exchange 2003. If yes then you can enable RPC over https with which users can download the mails from Internet directly without VPN.

refer thse articles to know more about RPC over https and how to implement them

Good luck


Expert Comment

ID: 17774797
alternativels, you can use outlook web access thru a web browser at

Author Comment

ID: 17774922
Ok - Just spent some time reading some stuff on this Outlook Web Access - couldn't find anything about instantiating, configuring,  setting it up etc.  Is this something that is a wholesale change to the Server or something that is enabled on a per mailbox basis?
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

LVL 104

Accepted Solution

Sembee earned 500 total points
ID: 17775084
OWA is installed by default. Nothing has to be done to enable it.
Internally, if you browse to http://exchangeserver/exchange (where exchangeserver is the name of your Exchange server) then you will get OWA.

To expose it to the internet open port 80 on your firewall.

However, for a secure deployment you should look at getting an SSL certificate. These are relatively cheap - US$20 from GoDaddy if you have a .com/.net/.org domain.
Once you have an SSL certificate you can turn off port 80 (which is a security risk) and open port 443.


Author Comment

ID: 17775576
Thanks very much!!

Author Comment

ID: 17777565
OK - question about SSL Certs - I bought one from verisign 18 months ago for a former employer- It was my impression that the thrust of the reason for buying a certificate was so that customers could verify that a third party had checked out the records and listed information on the company and was basically assuring the customer that they were valid, and that encryption was in force.  I was told that all of the encryption was being handled by SSL on the webserver and that verisign was only validating the use of the encryption and the veracity of the registrant information.

In fact I was told that I could issue my own certificate on the server!

If this is correct then it would seem unnecessary to have a certificate involved at all since I am only interested in my own employees accessing their email.

Please advise if my understanding is incorrect
LVL 39

Expert Comment

ID: 17778076
Hi tometh,

SSL certificates are more than just proof that you are who you are.

That is part of it, but the real use is that it is used for encryption - you can make you own SSL cert if it is just for employees, but it will pop up with errors in internet explorer (it will still work though)

Alternatively, you can buy a good cheap ssl certificate from

Hope that helps,

LVL 104

Expert Comment

ID: 17780838
SSL Certificates have two main roles.

Their primary role is trust - the server you are connecting to is who it claims to be.
The secondary role is encryption - stops information going across in the clear.

If I was doing an ecommerce web site then I would use one of the expensive Verisign certificates.
For OWA, the cheapest certificates I can get hold of will be fine, to simply encrypt the username and password information. Plus it means I don't have to have port 80 open to the production network - which is a bad idea.

While you can issue your own certificates, this can cause problems. If every machine that will be accessing the server is under your control, then you can issue your own certificates, as you can get round the trust issue.
However for something like OWA where you cannot control every machine, it is a good idea to use a cheap commercial certificate that is trusted by most mainstream web browsers.

I have outlined my main arguments for not using a home grown (self issued) certificate on my blog here:


Author Comment

ID: 17795293
Thanks to all for the information so far!  Great help!

I read the information on Sembee's posted link - My question is relative to the paragraph

"If the root certificate isn't in the majority of web browsers then you will have the same problem as when issuing your own certificates - prompts and imports."

I've checked the list of trusted certificate authorities in IE - Go daddy is not listed there - is there some method of adding this certificate easily throughout my network.  Or will each client that accesses email through the certificate have to add it to the trusted list individually?


LVL 104

Expert Comment

ID: 17797353
GoDaddy don't issue their own certificates. They issue through another company. The certificate root that GoDaddy use is trusted by Internet Explorer on both the PC and the Windows Mobile device.


Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question