Im upgrading from Exchange 2003 to 2007. Our users are used to accessingOWA by going to mail.domain.com, without https. I'm being asked to keep this functionalityfor Exchange 2007.We don't have anISA server and can't afford one. The only way I know of doing this would be to openport 80 requests to my CAS server, then setup a redirect to the secure OWA site.Is it safe to expose my Exchange 2007 CAS to port 80 requests from Internet? Is there another way to do this safely? Thanks.

Hi, I think the your deployment could be the work around if you do not have ISA. Besides, I note that you do not have certificate installed on Client Access Server, we recommend you to secure CAS with SSL enabled. Please refer to the article below to check information about certificate with CAS. Securing Exchange Server 2007 Client Access http://technet.microsoft.com/en-us/library/bb400932.aspx Besides, we can modify Custom error 403;4 (SSL required) to redirect http to https http://support.microsoft.com/kb/555053 Best regards, Xiu