OWA and PDF attachment problem

Published 15 April 8 11:37 PM | Vlada.Ilic

A few days after successful implementation of Microsoft Small Business Server 2003 in a very small company, the Owner called me complaining that he cannot open PDF documents with a single click in OWA, while some of his employees can do that without any problems.

Because I don't believe end users (especially owners and managers), I logged with his credentials and tried to open the PDF attachment. This message appeared:
"To open this attachment, you must save it to your disk. Right-click the link, and then click Save. With a single-button mouse, hold the button down over the link, and then click Save."

Logging into OWA with other user credentials (one of the employees) from the same computer opened pdf with no problem into Internet Explorer. They were both members of Domain Users and local Administrators groups.

Huh ?

I've been already somewhat familiar with attachment blocking in OWA explained in:
http://support.microsoft.com/?kbid=555001

They say that "Level2 attachments have file extensions that can be accessed, but only if saved to the client's file system first."
But there is no PDF extension defined in Level2FileTypes registry key that could explain this behavior ?!

Investigating further I found that Exchange server 2003 SP1 introduces two new registry values
level1mimetypes and level2mimetypes but I couldn't find application/pdf or anything similar.

Reason:
No idea...?


Solution:
In the normal situation I would suggest the owner to follow that procedure because there are different security policies for the owner than from employees...or something similar...;)..but not with this one.

So at the end, I found the solution ...after removing "application/octetstream" from "HKLM\SYSTEM\Current Control Set\Services\MSExchangeWEB\level2mimetypes" PDF files opened with a single click in OWA, everything worked fine, everybody was pleased and......I was paid for my job...;))


Advice:
Install OWAADMIN.EXE tool from Microsoft site if you want to simplify/avoid registry editing.

Filed under:

Comments

# Campbell Knudson said on September 16, 2008 3:41 PM:

This is to be done on the OWA server?  Mail server?

# Vlada.Ilic said on September 29, 2008 6:43 PM:

As I mentioned in the intro it was SBS....I am not sure, but I guess that this registry hack should be done on front-end server, if you have front-back end exchange scenario.

p.s sorry for delay, I have just returned from vacation...;)

# Jim said on March 11, 2009 5:02 PM:

This was it.  Great post.

# Ryan said on April 8, 2009 10:22 PM:

you the mannnnn

# DKS said on May 7, 2009 4:15 PM:

By removing "application/octetstream" from the Level2mime type might serve your requirement but its a bigger threat to your org as it will allow users to open any type of attachment in owa, it can be virus also...So think before doing that!!!!!!

# Vlada.Ilic said on May 8, 2009 10:44 AM:

Well, not exactly "any" type of attachment, there are still a lot of file types defined under Level1FileTypes and Level2FileTypes that will be blocked by default.

As far as I remember, "application/octet-stream" means a binary file of unknown type to the web server.

Anyway, one should always have some AV protection for Exchange (in this case it was "Sophos PureMessage for MS Exchange"), and not rely on users judgment.

# .PDF bestanden openen in OWA | hilpers said on June 23, 2009 10:02 PM:

Pingback from  .PDF bestanden openen in OWA | hilpers

Leave a Comment

Name:  
Website:
Are you a human?