Web Beaconing is a method used to retrieve email addresses and recipient information, mostly used by spammers. A Web beacon is a file object, such as a transparent graphic or an image, that is put on a website or email. Web beacons are typically used together with HTML cookies to monitor user behaviour on a website or to validate a recipient’s email address when an email that contains a web beacon is opened.
By default, Web beacons and HTML forms are set to “UserFilterChoice”, which means that they are blocked, but the user can unblock them if needed.
If you are a strict administrator or your company policies force you to block the beacons, you can do so with exchange shell.
The parameter which defines the behaviour is “FilterWebBeaconsAndHtmlForms” and we have three values.
- UserFilterChoice – Blocks, but user can unblock
- ForceFilter – Blocks all.
- DisableFilter – Allows all.
In order to block beacons forcefully and not give the end user the option to unblock, run the following cmdlet,
Set-OWAVirtualDirectory –identity “OWA (Default Web Site)” –FilterWebBeaconsAndHtmlForms ForceFilter