 |
|
Home > Customizing Microsoft Outlook email security settings for end users |
|
|
|
Customizing Microsoft Outlook email security settings for end users |
|
| 02 May 2007 | SearchExchange.com |
|
|
You might choose not to deploy the public folder that applies settings to your Outlook clients (although by not doing so you're skipping a valuable security feature). If you don't, then Outlook 2003 will still apply the Level 1 and Level 2 restrictions discussed earlier, but with a twist: each user can customize his or her own copy of Outlook to control the Level 1 and Level 2 lists. The trick is to add a new string value named Level1Remove to the HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security key. The extensions you add here (separated by semicolons if there's more than one) are removed from the list of blocked Level 1 attachments, so creating a value of exe; pl would allow executables and Perl scripts to be saved to disk instead of blocking them completely. Actually, the extensions you specified are demoted from Level 1 to Level 2; they're not unblocked completely. End users cannot demote file types from Level 2 to being unprotected; only administrators can do so.
If you want to add a new file type to the Level 1 list, you can do so by creating a new string value named Level1Add beneath the HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security key.
Tip: Sue Mosher maintains a page that includes links to tools that your users can use to customize their local attachment settings without directly editing the registry. Alternatively, you can always set a value for Level1Remove as part of a GPO or system policy; that way, users get the values you want without having to spend time fiddling with their local settings.
Note: To check whether a user has customized his or her Outlook security settings, use the Help | About Microsoft Outlook command. Above the license information, Outlook displays the security mode (mine says Security Mode: Default); a user-customized machine will say Security Mode: User Controlled.
Of course, it is more likely that you'll want to prevent users from customizing their own security settings. The easiest way to do this is to add a new REG_DWORD value named DisallowAttachmentCustomization to the Outlook key at HKCU\Software\Policies\Microsoft\Office\11.0\Outlook. When this value is present, Outlook will ignore the Level1Add and Level1Remove keys mentioned earlier.
8 tips in 8 minutes: A Microsoft Outlook email security tutorial
 Home: Introduction
Tip 1: An overview of Microsoft Outlook email security features
Tip 2: Customizing the Microsoft Outlook Security Update
Tip 3: Customizing Outlook email security settings for end users
Tip 4: Setting up RPC over HTTP for Microsoft Outlook
Tip 5: Using S/MIME in Microsoft Outlook
Tip 6: Using Information Rights Management in Microsoft Outlook
Tip 7: Reaching into Microsoft Outlook's email security toolbox
Tip 8: Related resources on Microsoft Outlook email security
|
|
|
|
|
|
| TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of . |
|
| |
All Rights Reserved, , TechTarget |
|
|
|
|
|
