We want to use Microsoft Outlook's Messaging API (MAPI) encryption, but we'd like to force this feature to run all the time. Can we configure Exchange 2000 Server to always block unencrypted MAPI connections?

Exchange 2000 can't block all unencrypted MAPI connections, but Microsoft Internet Security and Acceleration (ISA) Server 2000 Feature Pack 1 contains a feature that can block unencrypted MAPI connections at the gateway server. Although you can configure Outlook to use 128-bit encryption on MAPI connections, a client-side setting ultimately controls how Outlook establishes the connection to the Exchange server. (You can configure this setting in Outlook's Options dialog box or directly in the profile, which means you can automate the setting if you want to apply it broadly.)