Ask the Expert

Customizing Outlook Web Access

We just installed Exchange 2003 and I want to customize the attachment blocking features in Outlook Web Access. How can I do this?

    Requires Free Membership to View

By default, Exchange 2003 Outlook Web Access (OWA) automatically blocks attachments with certain extensions. OWA prevents the sending and opening of a superset of attachments and MIME types using a multi-level (two) blocking mechanism. Level 1 items are totally blocked and Level 2 items can be accessed, but only if first saved locally.

The list of blocked Level 1 and Level 2 file extensions and blocked MIME types are configured through four registry entries, which are listed below with their default values.

Value: Level1FileTypes
Type: REG_SZ
Value Data:

Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: Level1MIMETypes
Type: REG_SZ
Value Data: application/hta,x-internet-signup,application/javascript,application/x-javascript,text/javascript,application/msaccess,application/prg,text/scriptlet

Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: Level2FileTypes
Type: REG_SZ
Value Data:

Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: Level2MIMETypes
Type: REG_SZ
Value Data: text/xml,application/xml,application/hta,text/html,application/octet-stream,application/x-shockwave-flash,application/futuresplash,application/x-director

Many of the default Level 1 entries for file extensions and MIME types are also default Level 2 entries. When the same entry is present for both Levels, Level 1 takes precedence and the attachment is blocked. You can edit any of these entries to suit your specific needs, and if you reinstall or update Exchange your changes will remain.

OWA 2003 also enables you to selectively block attachments for users based on how they access OWA. For example, you can block attachments for users who access OWA via a front-end server while allowing full access to attachments for users accessing OWA via a back-end server. To do this, you need to add a new entry to the registry of your OWA server(s):

Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: DisableAttachments
Value Data: 0, 1 or 2 (dec)

If DisableAttachments is not present or set to 0, the standard Level 1/Level 2 attachment blocking is performed. When set to 1, all attachments are blocked. If you set DisableAttachments to 2, attachments not blocked by Level 1/Level 2 blocking are allowed on back-end servers, but not on front-end servers.

This was first published in February 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: