Exchange Messaging Outlook Volume 14, Number 19

Another iPhone bug?

We're seeing complaints that Outlook automatically sends meeting updates to the attendees several times a day. When users delete the responses from their inbox it triggers another update to attendees.

Read complete article...

Securing Outlook

A user would like to secure Outlook so others using his computer can't access his mail:

"When I open Outlook, my email is exposed for all the world to see. It doesn't ask for a password. I checked my security settings and there is nothing checked that would allow me to stay signed onto Outlook. Any suggestions"

Don't confuse e-mail passwords with security or being signed in to Outlook. They only keep others from accessing your mail server. Outlook will only ask for a password to log into your mail server. Outlook, unless used with Exchange server in classic mode, does not need a password to access your local message store. Even cached Exchange isn't as secure as some users expect - anyone can cancel the logon dialog and Outlook will allow access to the locally cached mail folders.

The PST can be password protected, although it’s somewhat pointless as it only keeps someone from opening it in Outlook. Once you enter the password, the contents are exposed to anyone with access to the computer. Besides that, it’s not hard to remove the password with free or low cost utilities.

To set a password on the PST, right click on the root folder of your PST (where Outlook Today is) and choose Properties, Advanced, Change Password.

Anyone who is serious about security will have a separate Windows user account for each user of the computer. They will always lock the computer (use Windows key + L) when they step away and require a password to unlock it when they return. This is the best way to protect data from prying eyes. For users who are really paranoid or use a laptop, the NTFS file system adds some additional security protections which offer much tighter security for your data.

Exchange 2010 RC Available

Earlier this week Microsoft released Exchange Server2010 Release Candidate to the general public.

Because of changes to the schema, there is not an upgrade path from beta to the RC, however there will be an upgrade path from the RC.

I'm impressed with the RC. It's polished and fast. The new OWA looks really sharp in both IE and Firefox and has a new name: OutlookWebApp.

Exchange Quick Tip: Exchange 2010 Calendaring Options

A few weeks ago a reader asked about turning off the ability to add new meeting requests to the calendar as tentative. Currently, the only way to do this is in Exchange 2007, using a cmdlet. Exchange 2010 exposes options for the Calendar Attendant in the Exchange Management Console. While it’s easier to apply the settings to a group of users using a cmdlet, the Calendar Settings tab on the user's property tab makes it easy to adjust the setting for individual users.

Use the set-mailboxcalendarsettings command in the Powershell for Exchange 2007 (and 2010).
set-mailboxcalendarsettings <mailbox> -AddNewRequestsTentatively:$False

Outlook 2010 and Exchange 2000

Users stuck on Exchange 2000 who want to upgrade to Outlook 2010 are out of luck until their company upgrades the Exchange server as Outlook 2010 won't work with Exchange 2000. Exchange 2000 is long out of support and to take full advantage of Outlook 2010's features you need to use it against Exchange 2010.

As a reminder, Exchange client extensions are also not supported in Outlook 2010.