Hello,
i had a similar problem. I solved it with a VPN Network to our
firewall. POP3 is only allowd to our internal network and the adress
pool our VPN server serves. Additionaly the VPN network is encryted
so the risc is minimized.
Greetings,
Frank
> Currently we have SMTP service only allowed between our exchange
server
> and
> the ISP mail server. This firewall rule is working fine and we
have had
> no
> security incidents with this arrangement. Due to the usual
political
> masters
> which are this company they wish to enable POP3 service on our
exchange
> server so that executives at home could retrive their mail on the
company
> exchange server. We would have to allow the POP3 service on the
firewall
> available to the internet to make this work.
>
> I know that this bad security practice to allow the POP3 service
to come
> in,
> but I need additional internet white papers, concrete evidence,
best
> practices info on why we should not allow this.
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
