Re: urlscan + OWA spell checker
- From: "Brian Edwards" <BrianEdwards@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 29 May 2005 15:20:02 -0700
"Andrew Sword [MVP]" wrote:
> urlscan can be reversed by running it again and selecting the relevant
> options.
>
> Try these articles
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;823175
>
This is the article I used to set up the .ini file intially.
> http://www.internetaccessmonitor.com/eng/products/articles/Using_IIS_Lockdown_Tool_to_Secure_Exchange_Installations/Using_IIS_Lockdown_Tool_to_Secure_Exchange_Installations.php
Judging by that article, I do not need to use urlscan so I will remove it.
It only ever caused problems anyway.
Thanks.
>
>
>
>
> "Brian Edwards" <BrianEdwards@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:7A2F9A11-E07D-4A66-832B-E5C1CEF9DC90@xxxxxxxxxxxxxxxx
> > After enabling urlscan on my Exchange 2003 server, my OWA users can no
> > longer
> > use the spell checker. I have modified the urlscan.ini file to support
> > .dll
> > extensions, as required by the spell checker, but can't seem to make it
> > work.
> > Also, I was wondering if I am missing any customization options in my
> > urlscan.ini file. Recommendations?
> >
> > TIA.
> >
> > Error from urlscan log file:
> > Client at 192.168.0.132: URL contains extension '.dll', which is
> > disallowed.
> > Request will be rejected. Site Instance='1', Raw
> > URL='/exchweb/bin/spell/owaspell.dll'
> >
> > urlscan.ini:
> > ; Exchange 2003 Urlscan configuration for OWA, Outlook Mobile Access,
> > Exchange ActiveSync,
> > ; remote procedure call over Hypertext Transfer Protocol, and Web Folders.
> > ; Version 1.1
> > [options]
> > ; NOTE: Customers with Exchange 2003 running on Windows Server 2003 with
> > URLScan installed may need to modify the "VerifyNormalization=1"
> > ; option in this template to be "VerifyNormalization=0" if they encounter
> > a
> > "404" error when attempting to open messages or items that contain
> > ; the "+" symbol in the subject or name.
> > UseAllowExtensions=0
> > NormalizeUrlBeforeScan=1
> > VerifyNormalization=0
> > AllowHighBitCharacters=1
> > AllowDotInPath=1
> > RemoveServerHeader=0
> > EnableLogging=1
> > PerProcessLogging=0
> > AllowLateScanning=0
> > PerDayLogging=1
> > RejectResponseUrl=
> > UseFastPathReject=1
> > ;LoggingDirectory=
> > LogLongUrls=0
> >
> > [AllowVerbs]
> > ; These are the only verbs that are permitted.
> > GET
> > POST
> > PROPFIND
> > PROPPATCH
> > BPROPPATCH
> > MKCOL
> > DELETE
> > BDELETE
> > BCOPY
> > MOVE
> > SUBSCRIBE
> > BMOVE
> > POLL
> > SEARCH
> > HEAD
> > PUT
> > OPTIONS
> > RPC_OUT_DATA
> > RPC_IN_DATA
> > X-MS-ENUMATTS
> > LOCK
> > UNLOCK
> >
> > [DenyVerbs]
> >
> > [DenyHeaders]
> > ;
> > ; Request headers that are listed in this section cause Urlscan to
> > ; reject any request where these request headers are present.
> > ;
> > ; List headers in the form
> > ; Header-Name:
> > transfer-encoding:
> >
> > [AllowExtensions]
> > ;.asp
> > .cer
> > .cdx
> > .asa
> > .htm
> > .html
> > .txt
> > .jpg
> > .jpeg
> > .gif
> > .dll
> >
> > [DenyExtensions]
> > ; Deny executable files that might run on the server.
> > ; DO NOT include .exe in this list if Exchange 2003 OWA is configured to
> > use
> > SMIME as that would disable OWA.
> > .exe
> > .bat
> > .cmd
> > .com
> >
> > ; Deny scripts that are used infrequently.
> > .htw ; Maps to webhits.dll, part of Index Server.
> > .ida ; Maps to idq.dll, part of Index Server.
> > .idq ; Maps to idq.dll, part of Index Server.
> > .htr ; Maps to ism.dll, a previous administrative tool.
> > .idc ; Maps to httpodbc.dll, a previous database access tool.
> > .shtm ; Maps to ssinc.dll for server-side includes.
> > .shtml ; Maps to ssinc.dll for server-side includes.
> > .stm ; Maps to ssinc.dll for server-side includes.
> > .printer ; Maps to msw3prt.dll for Internet printing services.
> >
> > ; Deny various static files.
> > .ini ; Configuration files
> > .log ; Log files
> > .pol ; Policy files
> > .dat ; Configuration files
> >
> > ; Deny extensions for Outlook Mobile Access.
> > .asax
> > .ascs
> > .config
> > .cs
> > .csproj
> > .licx
> > .pdb
> > .resx
> > .resources
> > .vb
> > .vbproj
> > .vsdisco
> > .webinfo
> > .xsd
> > .xsx
> > ;.dll ; Cannot do this for RPC over HTTP or for Exchange ActiveSync.
> >
> > [DenyUrlSequences]
> > .. ; Do not permit directory traversals.
> > ./ ; Do not permit trailing dot on a directory name.
> > \ ; Do not permit backslashes in URL.
> > % ; Do not permit escaping after normalization.
> > & ; Do not permit multiple Common Gateway Interface processes to run on
> > a
> > single request.
> >
> > [RequestLimits]
> > MaxAllowedContentLength=1073741824
> > MaxUrl=16384
> > MaxQueryString=4096
>
>
>
.
- References:
- urlscan + OWA spell checker
- From: Brian Edwards
- Re: urlscan + OWA spell checker
- From: Andrew Sword [MVP]
- urlscan + OWA spell checker
- Prev by Date: Re: SBS Exchange can't "talk" to Server 2003 Exchange
- Next by Date: Re: c1041724 restoring on different server
- Previous by thread: Re: urlscan + OWA spell checker
- Next by thread: Exchange 2003 Mailbox Manager
- Index(es):
Relevant Pages
|
