We had a customer recently requesting that we block users from downloading attachments in OWA but allow them to view attachment when choosing the open in new windows option. They had published there OWA via UAG and had a single application in a UAG trunk that published there OWA.
To do this the first thing you need to do is edit the trunk that you Exchange OWA application Sits in.
Hit Configure on your trunk and then go to the Global URL Settings and Press Configure on Download URLS.
Now we need to remove “.*/WebReadyView.aspx.*” but I’ve just renamed it to “.*/DeleteMEWebReadyView.aspx” essentially removing it. The reason we are doing this is that all URL’s under the Download URL’s will hit the UAG Download Policy, but as we want to allow users to open attachments in new window , we need to make UAG treat it as a normal URL so that it doesn’t get blocked by download policy. (“.*/WebReadyView.aspx = Open in New Window Page)
Now we need to actually set what download policy is set for OWA so now if you open the Exchange Application in the Exchange Trunk and go to the Endpoint Policy Setting Tab. I have set the Download Policy Option to Never which will block downloads for any device connection to OWA (Please Note this Only Effects the individual application and has no effect on the others)
Once I did this and applied the setting , the OWA attachment was still downloading. So I went back into the Exchange 2010 application and noticed the following setting was checked “Evaluate without Enforcement” , so basically what was happening is that UAG knew the downloads from the OWA URLs should have been blocked but due to this setting it didn’t enforce the Download Policy and allowed the attachment to be downloaded. As soon as I unchecked this option the download of the attachment started getting blocked