TABLE OF CONTENTS Now that we have Outlook Web Access (OWA) 2003 correctly configured and secured on the server side, it s time to focus on the security features contained in the new OWA 2003 client. OWA has come a long way since its predecessors. The Web mail client introduces several new or enhanced security features such as:
S/MIME support
Junk e-mail filter
Web beacon blocking
Enhanced attachment blocking
Forms-based authentication (also known as cookie-based authentication)
The OWA client has finally reached a reasonable security level, which will allow even more organizations to offer Web-based mailbox access to their users.
By the time you reach the end of this chapter, you will have a basic understanding of each new or enhanced security feature included in the OWA client. It will then be up to you to decide which of these features you want to take advantage of in your organization s Exchange environment.
OWA now supports Secure/Multipurpose Internet Mail Extensions (S/MIME), which secures Internet e-mail by digitally signing the messages as well as encrypting them. S/MIME for OWA 2003 uses ActiveX controls, which make it possible for clients running Microsoft Internet Explorer 6 with Service Pack 1 (SP1) or later to send and receive S/MIME messages.
In order for OWA users to use S/MIME, you would either need to use an Enterprise Public Key Infrastructure (PKI) or get a third-party certificate. We will not go into detail on how to install and configure a PKI but will...
