Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 388
  • Last Modified:

Blocking attachments on Exchange Server

Before I used Exchange Server and Outlook directly checked for email on my ISP, I always browsed to Level1Remove in the registry to add extensions that I didn't want blocked.

Now that Exchange Server is checking and downloading email from my ISP, is it Exchange that stops the "malicious attachments" (according to Redmond) or is it still the individual Email client; i.e. Outlook 2007?
0
Bert2005
Asked:
Bert2005
  • 5
  • 4
2 Solutions
 
FSchafferCommented:
In my experience, Exchange does not block anything that it is not setup to block (IP address, domain etc). It does not block attachments either.

This can all be done at the client...
0
 
bkellyboulderitCommented:
He's right. But it can be both. Outlook can block attachments, as you pointed out. The server can block attachments in OWA, but it may not be relevant for your question:

http://support.microsoft.com/default.aspx?scid=kb;en-us;555001
http://searchexchange.techtarget.com/general/0,295582,sid43_gci1256505,00.html

0
 
Bert2005Author Commented:
Great articles bkelly. I understood completely, but I am a bit confused on one thing. I always thought that everything in OWA would be the same as in Outlook 2007, the desktop client.. Then again, if I delete something in Outlook 2007 on my computer maybe it isn't deleted in OWA and vice versa.

When you add or remove extensions using Level1Remove and Level1Add, I have read a lot of things as to how to do them. The articles said there should be a comma with no space. Some other place said semicolons with a space. Some places say with a "dot" and others no. Does it even matter?

Finally, I realize that some of these extensions can be malicious, but do I really need to change the registry to allow me to receive urls. And, the frustrating thing is, even if I do change Level1Remove, how do I even know my recipient will be able to receive it?
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Bert2005Author Commented:
I apologize if I am off the subject. Please let me know.

I am curious if you have both Level1Remove and Level1Add and the same extension is on both, which would take precedent?
0
 
bkellyboulderitCommented:
They are the same in the sense that the data that you see is the same, meaning the messages stored on the server. However, Outlook and OWA are different applications entirely, as one is a browser application (using http/https protocols). The other is a program (however they write Outlook), that uses RPC protocols.

The web pages you see in IIS just mimick the look and feel of Outlook.

As for your . question per Microsoft, attachments listed should be separated by a comma with no space. I also verified that on my SBS 2003.

You should be able to get URL's if pasted in to the body like http://www.xyz.com
However, not URL attachments (like .url)

You won't know unless they know they didn't get it.
0
 
bkellyboulderitCommented:
I don't know myself on that piece of add and remove.
0
 
Bert2005Author Commented:
Obviously, www.xyz.com was just an example, but I just spent ten minutes browing through it. The owner did say that the pages were best viewed by a computer, lol. And, apparently he is very adamant that it is not for sale.
0
 
bkellyboulderitCommented:
Yes, it was just an example url. Sorry for the confusion!
0
 
Bert2005Author Commented:
That's OK. I wasn't confused. I just figured it would actually be a real site, and it was, although the owner seems a bit bizarre, but then I guess we all are.

I am headed home. Pretty tired. I will check back in the AM and award points then. I'm sure you won't be able to sleep waiting. <G>
0
 
Bert2005Author Commented:
Well, certainly to be fair FSchaffer answered the question concisely and correctly, so I award him the Accepted Solution.

Maybe I am not a very good point giver, but I have a hard time not recognizing other experts who give very helpful infomation, hence the 50 points for BKelly.

I appreciate both of your help.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now