First, set the EWSApplicationAccessPolicy to enforce the block list. The EWS application access policy can be configured on a per-mailbox basis, or configured for the entire organization.Ĭontinuing with the example of LinkedIn, to block EWS access by the LinkedIn user agent for the entire organization there are two steps required that use the Set-OrganizationConfig cmdlet. ![]() Fortunately, we can be selective in what we block or allow for EWS by configuring an EWS application access policy. The connection from LinkedIn made use of Exchange Web Services and highlighted the need to monitor and control EWS access to Exchange on-premises and Exchange Online.ĭisabling the entire EWS protocol because of one unapproved example of application access would deny your organization the many good things that EWS allows. LinkedIn would then connect to the person’s corporate email account and scrape it for email addresses to suggest them as potential contacts that should be invited to connect on LinkedIn. In June of 2013 LinkedIn was found to have implemented a feature that invited users to enter their corporate email credentials on the LinkedIn website.
0 Comments
Leave a Reply. |