I recently ran into this problem, when users claimed that they could not open e-mails through OWA.
At first glance, there were nothing special about those e-mails, and the problem was with HTTP as with HTTPS. Only an error message saying that the file was not found.
On a second view, we suspected that there might be special characters in the subject line which caused this, but the test with special characters worked, so that couldn't be the cause.
The only step left was to use the Netmon to see what happens. This only works with HTTP of course. Not much to see there, except for the same message, "file not found".
At some point, URLSCAN came into play. One section called [tt][DenyUrlSequences][/tt] lists numerous characters which are prohibited:
[ul]
[li]..[/li]
[li]./[/li]
[li]\[/li]
[li]%[/li]
[li]&[/li]
[/ul]
At this point, it was clear that one of these characters had to be in the e-mail which could not be opened.
Since i was not able to see the complete subject line when using OWA, I had to open explorer and browse the M: drive and search for the object in question.
It turned out, that the sender of the e-mail had appended a ‘.’ at the end of the subject line. This causes the e-mail to be stored as "Some Long Subject Line which is not being displayed completely..eml".
Also, in other cases the subject line contained at least one '\' which too is illegal according to URLSCAN.INI.
Now, knowing this, you will run into problems sooner or later, if you publish more than OWA on your ISA Server. Normally, there's a reason why you would want to prohibit such characters in a URL. With OWA however, once you have authenticated, you must assume any action taken is allowed.
Or, would you want to start educating users, customers, etc. not to use a '.' at the end of a subject line, or any other of the listed characters above?
According to Microsoft, ISA Server 2004 will have better filter functions, which also would handle such a scenario.
Cheers
Knutern
At first glance, there were nothing special about those e-mails, and the problem was with HTTP as with HTTPS. Only an error message saying that the file was not found.
On a second view, we suspected that there might be special characters in the subject line which caused this, but the test with special characters worked, so that couldn't be the cause.
The only step left was to use the Netmon to see what happens. This only works with HTTP of course. Not much to see there, except for the same message, "file not found".
At some point, URLSCAN came into play. One section called [tt][DenyUrlSequences][/tt] lists numerous characters which are prohibited:
[ul]
[li]..[/li]
[li]./[/li]
[li]\[/li]
[li]%[/li]
[li]&[/li]
[/ul]
At this point, it was clear that one of these characters had to be in the e-mail which could not be opened.
Since i was not able to see the complete subject line when using OWA, I had to open explorer and browse the M: drive and search for the object in question.
It turned out, that the sender of the e-mail had appended a ‘.’ at the end of the subject line. This causes the e-mail to be stored as "Some Long Subject Line which is not being displayed completely..eml".
Also, in other cases the subject line contained at least one '\' which too is illegal according to URLSCAN.INI.
Now, knowing this, you will run into problems sooner or later, if you publish more than OWA on your ISA Server. Normally, there's a reason why you would want to prohibit such characters in a URL. With OWA however, once you have authenticated, you must assume any action taken is allowed.
Or, would you want to start educating users, customers, etc. not to use a '.' at the end of a subject line, or any other of the listed characters above?
According to Microsoft, ISA Server 2004 will have better filter functions, which also would handle such a scenario.
Cheers
Knutern