HiWe areusingExchange 2003 SP2.I recently built a new Exchange server...everything seems work fine, apart from theOWA functionality on this server, as I receive the following errors;1. Get a 404 Not Found error when opening an email with a '+' sign in the mail subject2. Get a 404 Not Found error when opening some emails with .gif signature attachments3. Get a 404 Not Found error for some emails with kanji/asian character set in the title.Any ideas?Thanks

Hi,Sounds like urlscan is enabled - look for the urlscan.ini file and compare that to the working server.http://technet.microsoft.com/en-us/library/cc751376.aspxLeif

The problem is that the original server the mailbox was on didn't have URLscan installed.I've checked the URLScan logs, and there are loads of these entries;01-07-2009 - 19:55:10] Client at 172.21.3.221: URL normalization was not complete after one pass. Request will be rejected. Site Instance='1', Raw URL='/exchange/TestMailbox/Inbox/%2B.EML'Any ideas on which particular setting on URLScan would cause the issues I am experiencing?Thanks!

Hi, We recommend you to uninstall URLscan from front-end and back-end server. Some known issues can be found in the article below. Fine-tuning and known issues when you use the Urlscan utility in an Exchange 2003 environment http://support.microsoft.com/kb/823175/ The URLScan tool may cause problems in Outlook Web Accesshttp://support.microsoft.com/default.aspx?scid=kb;EN-US;325965IIS lockdown and URLscan configurations in an Exchange environment http://support.microsoft.com/kb/309508/ Regards, Xiu

HiSo, do MS recommend removing URLscan from Exchange 2003 boxes?I have found the 'faulty' setting.On the Exchange servers with OWA working fine, the VerifyNormalization setting is 0. On the server with the problems, it is 1.According to MS, this setting is;VerifyNormalization. If you set VerifyNormalization to 1, URLScan further normalizes URLs before the program proceeds. This setting is valuable because it can catch double-encoding techniques. For example, an attacker who hides an ampersand (&) in a URL might send %2526, which one normalization pass translates to %26. However, if you set VerifyNormalization to 1, URLScan recognizes that normalization isn't complete and resolves %26 to the ampersand character, which [DenyUrlSequences] then catches.Does anyone know why the default setting (1) doesn't seem to work properly, and is it safe to set to 0?Thanks