All
of us must be aware of the warning message displayed at the top the
message notifying that some contents has been blocked to protect your
privacy. Generally such kind of messages has been sent as junk to
confirm that target address is a valid address. But this verification can increase the amount of junk emails.
By-default, OWA detects the contents used as web beacons and blocks those contents, but leave the option to the recipient to open that image which can cause a security risk.
To check the configuration of OWA when encountering with Web beacons, we can run Get-OwaVirtualDirectory cmdlet and examine the value of FilterWebBeaconsAndHtmlForm.
As you can see in the output, default value is UserFilterChoice, which blocks web beacons but allow the users to download any blocked contents.
To fully secure the OWA, so that users cannot download the web beacons contents, ForceFilter switch can be used.
DisableFilter option does not block any web beacons, which is not recommended.
No comments:
Post a Comment