none
After enabling outlook anywhere in exchange 2010, how to block rpc over tcp? RRS feed

  • Question

  • Hi,

    1. Enabled outlook anywhere in exchange 2010 SP3.

    2. Configured outlook profile with outlook anywhere settings. (this is fine).

    3. Now when I send mail throught script using this profile, how can I confirm that its not going by rpc over tcp.

    -- Is there way to disable rpc over tcp and to exclusively use Rpc over http even in intranet?


    Wednesday, January 8, 2014 7:00 AM

Answers

  • You can configure the Windows Firewall on the server to block TCP port 135, the endport mapper.  I don't know if that will cause other issues.  You could also configure MAPI to use a static port and block that port in the firewall.

    I don't understand why you want to do this, however.  Outlook will use MAPI RPC over TCP when it can and switch to HTTPS when it can't.

    Another option is to upgrade to Exchange 2013, which doesn't have MAPI over TCP anymore.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, January 8, 2014 7:13 AM
    Moderator

All replies

  • You can configure the Windows Firewall on the server to block TCP port 135, the endport mapper.  I don't know if that will cause other issues.  You could also configure MAPI to use a static port and block that port in the firewall.

    I don't understand why you want to do this, however.  Outlook will use MAPI RPC over TCP when it can and switch to HTTPS when it can't.

    Another option is to upgrade to Exchange 2013, which doesn't have MAPI over TCP anymore.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, January 8, 2014 7:13 AM
    Moderator
  • Thanks Ed,

    I will try TCP port 135 blocking. I need to test this against exchange 2010 only. 

    Wednesday, January 8, 2014 8:40 AM