You could only allow certain people to access the web server (IIS/NTFS
permissions based on group membership.) If you were fronting this with
an ISA box or the like I'd have thought that could be granular in the
access it grants to the published server. That's my initial thoughts but
no doubt there's a more streamlined and secure approach out there!
Kind regards
Drew
-----Original Message-----
From: sanjiv [mailto:ska262001@yahoo.co.in]
Sent: 18 December 2005 10:07
To: focus-ms@securityfocus.com
Subject: MS exchange server 2003 - rpc over https access
Hi ,
I have a query. If my users are accessing my MS exchange server 2003
remotely :
- Outlook Web access (OWA) externally accessed
- RPC over HTTPS
Is there a way that I can control on per user basis.
The risk I want to control is users can access their mailbox by these
methods and I want to restrict this specific users based on business
approval. The risk i see is that users can send confidential files to
their mailbox and also download already existing mails in their mailbox
siting at their home or net-cafe.
Remember I don't want to prevent this access completely for all users.
Best regards,
Sanjiv
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
