Even the most inexperienced Outlook users know that they need protection from email threats. However, many administrators...
forget that the protection achieved through third-party security add-ons can actually cause Outlook problems. Let’s examine two security add-on products that may actually be hurting Outlook more than they’re helping.
Outlook mail scanners
A popular email security feature that’s included with many PC protection suites is a mail scanner add-on that’s installed into Microsoft Outlook. The add-on scans email as it is sent and received by the Outlook mailbox for dangerous content like embedded images, attachments and banned text.
The problem is that mail scanners can prove too intrusive and may actually prevent mail from reaching your users’ mailboxes. The best strategy is to identify happy-mediums when configuring your server-side security settings for spam and suspected spam scores.
Similar to other Outlook add-ons, additional problems can occur. A bad mail scanner add-on can cause Outlook to freeze or even crash when your users click the send/receive button. Users are left without an error message or warning, leaving you to guess what caused the crash. It couldn’t possibly be the mail scanner; that’s supposed to be protecting Outlook, not breaking it, right?
If you suspect that your mail scanner might be the source of the problem, start Outlook in safe mode. This is accomplished by entering the /safe switch in a Run command window. It will open Outlook with only its most basic services -- and more importantly, add-ons are not enabled.
If everything looks good in safe mode, it’s safe to assume that the add-on the cause of the problem. To definitively establish the mail scanner add-on as the root cause, disable it in the registry of the PC.
Warning: Incorrectly using the Windows registry editor can prevent your operating system from functioning properly, so use caution when making changes. Also, be certain to make a complete backup of your registry and workstation prior to any registry changes.
- Open the registry editor on the local PC;
- Go to HKLM -> software -> Microsoft -> Office -> Outlook -> add-ons;
- Right-click the add-on that correlates to your scanner, then select Rename and add “-disabled”;
- Restart Outlook in normal mode.
If you no longer notice the problem, you’ve found its source.
Software firewalls for Outlook
Another feature built into PC protection suites is the software firewall. Although the firewall plays an important role in protecting your users’ workstations, you may find it a pain point if you don’t open the correct ports to allow mail traffic into the Outlook client.
In order for Outlook to function correctly, you must ensure that the following ports are open:
- SMTP TCP port 25
- POP3 TCP port 110
- IMAP4 TCP port 143
If you’re using secure connections back to your service provider, you must open the following ports:
- SMTP TCP port 465
- POP3 TCP port 995
- IMAP4 TCP port 993
If you’re using Outlook Anywhere and having issues authenticating yourself back to an Exchange server, you may also need to open UDP ports 6001-6004 for RPC communications to go through as required.
Software firewalls often allow traffic based on the application itself and the necessary ports are already opened for you. However, many firewall providers -- such as McAfee’s Host Intrusion Prevention Software (HIPS) and Check Point’s ZoneAlarm -- use unique hashing algorithms that are assigned to the applications when marked as allowed. If the application installs and is updated so that it no longer matches its unique hash, it will be blocked unless those changes are accepted.
ABOUT THE AUTHOR
Dave Leaver has worked in the IT industry for the last ten years as an IT support engineer. He currently works for an IT support company in Cheltenham, UK, supporting over one thousand users, spanning over forty companies. Leaver specializes in Microsoft system migrations and Exchange Server. Leaver has also been a network administrator for the NHS and several large construction companies throughout the UK.