IIS urlscan

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I have users that only use OWA and the IIS urlscan flags items with .. in them
I mean if I send an email that states in the subject, to do tomorrow... it can not be read. Other than disabling, what is a workaround

http://support.microsoft.com/default.aspx?scid=kb;EN-US;309677

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

paulh wrote:
> I have users that only use OWA and the IIS urlscan flags items with
> .. in them I mean if I send an email that states in the subject, to
> do tomorrow... it can not be read. Other than disabling, what is a
> workaround
>
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;309677

What do you mean by "disabling"?

Your choices, as far as I know, are to not deploy urlscan (which is a bad
idea) - is this what you meant by disabling?

Or alternatively, you can edit the list of things that urlscan filters to
allow through these strings.