My customer decided that they needed to block OWA externally but leave it open internally. Why? OWA does pose a security risk having e-mail open to the internet. Yes, passwords, firewalls, etc all provide levels of protection, but it is still an opening...