My Exchange server that is open for Outlook Web Access over port 443 has recently started showing that there's a pop-up ad for b.casalemedia.com attached to it. Whenever I hit the server, I get the pop-up blocked message.

I'm the only admin on the server, and the only thing that was done recently was upgrading to Exchange SP2.

Any ideas how a pop-up ad could have become associated with OWA on my server?

no no no...
but, yes your are right
but the real problem is not your OWA, but the NEW BREED of SPAM that has a HTML code or URL to a Secured External HTTPS website.

****.. this annnoying people are getting smarter bypassing the SPAM filters now, knowing most SSL are not secured againts SPAMs.

emails in Outlook specially from the web, is dumb, it always thinks everything points back to the server, but the truth it's not, when you click on the link it GOES back to your OWA server, to THEN retrieve the original attach URL to the email, before it opens your the URL into a new IE window.

I really hate how it works, i noticed that problem when colleages were sending me internal URLs of our internal network, yet it treats them like if the link was coming from the OWA server, which always made the links to not work properly, until you manually copy and paste the url into another IE window to run it.

:t

Maybe I should clarify that I'm only getting this pop-up when I go to mail.thedomain.com which opens up the https site. Only then do I get a pop-up. I have no problems with the Exchange server with internal Outlook clients.

Can this pop-up actually be on the server somehow?

:confused: if that is true, i've got no idea how could that have got installed into your server...

it just doesn't make sense, can know for sure, unless i can fiddle with it myself, and track where is that coming from. )-|

Send you a PM with the server address so you can see for yourself. I had a couple of people here at the office try it. Two got the pop-up, one did not. I also have another SSL page that I use on that same website which does not have a pop-up. I'm begininng to wonder if this is really on my server or not.

Okay. If I use the DNS entry basic mail.blahblah.com that forwards to the actual address, I get the pop-up ad. If I type in the actual address, no pop-up.

I checked the server and there's nothing on it that could be causing this. Since it happens from multiple places and through multiple networks, could some sort of DNS hijack have taken hold?

I can't figure this one out.

Turns out that it had to do with URL forwarding. When I had the mail.blahblah.com stealth forwarded, I was getting pop-ups. As soon as I changed it to standard forwarding, the pop-ups stopped completely.

I'm thinking that it's some sort of ad passed on by my registrar or the sites hosting my DNS entries.

hmm... yes i've seen that before, with services like No-IP and other freebies.

but when you switch to pay account, you should have an option to Dissable that.

BTW, the link to the mail didn't work, but you can forget about that, since you found the root problem already :)