When you allow your users access to your Exchange Server through Outlook Web Access (OWA), you may be opening several doors that you'd rather not open.
For one thing, users can open attachments that may wind up harming their own computer, or such attachments could get into the network and cause all sorts of problems. So handling attachments in OWA is an important consideration for your organization.
You can allow attachments, block attachments or allow only certain kinds of attachments to be opened with a Web client and OWA. Exchange 2003 by default will block the attachments of Levels 1 and 2 files, and Levels 1 and 2 MIME files. But you can do more. In fact, you can also prevent users from sending certain kinds of attachments in OWA.
You can do this by modifying some Registry settings on the Exchange Server computer, so of course the usual caveats apply: Make a backup of the Registry in case you mess up and the whole Exchange Server suddenly becomes unavailable, in which case you can restore the Registry to what it was, and at least get back on the air.
To make the modifications to attachment handling, you need the following Registry key:
You're going to add a decimal DWORD that you name Disable Attachments. Then, in the Value entry for this DWORD, you enter a 0 to block all attachments, or a 1 to allow all attachments. If your company wants some attachments to be allowed, then enter a 2. This will allow attachments only from back-end servers. You'll have to tell the Exchange Server the URL(s) of the back-end servers from which you want to allow attachments.
There are other settings that you can make either in the Registry or on the Server to further refine how you want to handle OWA for your clients.
For a more thorough discussion of the possibilities, you can download a Microsoft paper entitled Exchange 2003 Client Access Guide.
David Gabel has been testing and writing about computers for more than 25 years.