Prevent users from creating new email accounts in Outlook

Prevent users from creating new email accounts in Outlook

If you are using Microsoft Exchange with Microsoft Outlook in a corporate environment to handle your email, you may have noticed that there is no way to stop your users from creating secondary email accounts in Outlook 2003 or Outlook 2007. So in addition to their Exchange email account, they can import email boxes, add a POP3 email account, etc.
This is bad for IT Administrators as they cannot directly control what is being sent and received in those secondary email accounts. If a user adds their personal email accounts to Outlook, it could eventually cause problems with Exchange or cause unfiltered viruses or spyware to enter the domain.
If you want to prevent users from creating additional email accounts in Outlook, you have to do it yourself via the registry. Here’s what you would need to do.
Step 1: Navigate to the following registry key in Windows:
HKEY_CURRENT_USER\Software\Microsoft\Office\xx.0\ Outlook\Options
The xx will be a different number depending on the version of Outlook you are running: For Outlook 2007, it’s 12.0, for Outlook 2003, it’s 11.0, and for Outlook 2002 it’s 10.0.
Now you’ll want to go ahead and add a new DWORD value for each of the protocols you want to disable, i.e. POP3, IMAP, MAPI, HTTP, etc. Here are the values:
POP3 use DisablePOP3
IMAP4 use DisableIMAP
MAPI use DisableExchange
HTTP use DisableHTTP
Other use DisableOtherTypes
Go ahead and set the value to 1 if you want to prevent the user from being able to add a new account of the type added. Note that if you disable POP3, HTML and IMAP, then the option for Add New Internet Email Account will be disabled also.

This is one way to disable POP3, IMAP, etc, but you can also create a .registry file and use that in logon scripts to do the same thing. It’s actually much easier to do it this way if you need to disable the creating of new email accounts on many computers. Here’s an example of a registry file that disables POP3, IMAP, AND HTTP in Outlook 2007:
Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\12.0\Outlook\Options] “DisablePOP3″ = dword:00000001 “DisableIMAP” = dword:00000001 “DisableHTTP” = dword:00000001
Easy eh!? Note that if you love Group Policy and you don’t want to add any more scripts to a user logon, you can also configure this option in the Outlook Group Policy Adm template. You have to go to download.microsoft.com and search for admintemplates.exe to find the outlk12.adm template file.

When you apply the configuration through Group Policy, it uses a slightly different key in the registry instead of the one mentioned above. For Outlook 2007, the registry values are under
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Office\12.0 \Options
So, here we presented three ways you can more effectively control the way users use Outlook 2003 and 2007 in your corporate environment. They will now be unable to create new POP3 email accounts or to add their Internet email accounts to Outlook, thereby saving you headaches in the future! Also, check out my previous post on how to use RPC over HTTP with Outlook 2007. Enjoy!