Here are the ISA Server/Forefront TMG HTTP Policy settings I use for ECP, OAB and Autodiscover. These settings were tested with Outlook 2007/2010 and Exchange 2007.
Setting and rule
*RPC over http (Outlook 2003/2007)
Maximum headers length
Maximum payload length
10485760 (10 MB)
Maximum URL length
Maximum query length
Block high bit characters
Block responses containing Windows executable content
Allow only specified methods
(see WEBDAV Methods http://msdn.microsoft.com/en-us/library/aa142917(EXCHG.65).aspx)
Action taken for file extensions
Allow only specified extensions
.asmx (Exchange Web Service)
.xml (for Auto discovery)
.lzx (for OAB)
.wsdl (Exchange Web Service)
Block requests containing ambiguous extensions
Blocked signatures:Request URL
Author: Jan Tiedemann, Senior Premier Field Engineer
Thank's for the guide, really usefull! We want to see more like this ;-)
Just one question. When I use the Blocked signatures in ActiveSync HTTP-Filter, Nokia Phones can't download attachments anymore. When I look at the log on TMG it shows that they request the file with a "%" in the path. I guess that's the problem.
Can you explain shortly, WHY you block certain signatures? I have a few customers, that have issues with their Nokia phones.
Good part ist, that ActiveSync is not officially supported in our environment so I am very flexible ;-)
"Allow only specified methods" is not working for iPhone users
Could someone also publish these settings for:Exchange 2010Exchange 2013for OWA, Outlook Anywhere, ActiveSync and AutoDiscoveryI've searched for hours but cannot find anything new regarding these Exchange versions.