i would put a mail gw of sorts of the dmz and forward mail related items
to the outside...external users get no connects to internal mail
server,,,,ever...outbound mail s/be filtered at routers.
drop everything but established proxy traffic to internal resources.
allow established trusted connx bakin but drill'em if you see any
wacko mask or options bit set in weirdo combos..
piranha's do not like the taste of piranha.
piranha-2....
>From: Apisit Suksakorn <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: MS Exchange
>Date: Thu, 5 Oct 2000 09:13:32 +0700
>
>Dear all,
>
> I plan to setup system that allows managers using MS Exchange from his/her
>house. I has one firewall dividing my network to four subnets, internet,
>internal, DMZ and remote access network. Machine running MS Exchange is
>located in internal network. Right now, I drop all connections from other
>networks to internal network.
> Is it a good way, if I configure firewall to allow that remote access
>network can use MS Exchange services in internal network? If not, can you
>suggest me a better way? and which port I must open for MS Exchange?
>
>best regards,
>apisit.
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
