1. In the Forefront TMG Management console, in the tree, click the Firewall Policy node.

2. In the details pane, select the applicable Web publishing rule that uses HTML forms-based authentication for Outlook Web Access.

3. On the Tasks tab, click Edit Selected Rule.

4. On the Application Settings tab, in the Exchange Publishing Attachment Blocking section, select Public computers or Private computers (or select both options), and then click OK.

5. In the details pane, click the Apply button to save and update the configuration, and then click OK.

Note:

Because Outlook Web Access is often used from public computers, you may want to control the user's ability to view and save attachments, so that private corporate information is not cached or saved on a public computer. The settings described in this procedure prevent users from opening and saving attachments by clicking links in their Web browsers. The presence of attachments in e-mail messages will still be indicated, and the attachments will remain in the user's mailbox until the user deletes the e-mail message. If you are using Exchange Server 2003, Exchange Server 2007, or Exchange Server 2010, it is recommend that you configure attachment blocking on the Exchange server and not in Forefront TMG.

Concepts