Any suggestion to improve my exchange security.TQ Fauzi Badron System Administrator Sepakat Computer Consultant Sdn Bhd
----- Original Message ----- From: "Aftarul Izam B. Basri" <[EMAIL PROTECTED]> Date: Tuesday, April 23, 2002 2:34 pm Subject: RE: RE: Open port 1023-65535 > Fauzi, > > The best way to decide which strategy for your email/workgroup > server is to > identify who and from where the user will be coming in to access > the server. > It doesn't have to run vpn to let outside user access the > workgroup. You can > use OWA so that external user use their browser(preferably using > https) to > access all the workgroup function. This way you only configure > your firewall > to allow port 443 from external to the OWA server. > > *normally personally I don't recommend to put a full > blown(workgroup+pop3+smtp) exchange server even in a dmz zone. > > Izam > > -----Original Message----- > From: Fauzi Badron [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 23, 2002 11:27 AM > To: Aftarul Izam B. Basri > Cc: [EMAIL PROTECTED] > Subject: Re: RE: Open port 1023-65535 > > > My Mail server located in DMZ.Should i changes to VPN from DMZ to > allow > the workgroup function of Exchange.TQ > > > Fauzi Badron (New Fauzi) > System Administrator > Sepakat Computer Consultant Sdn Bhd > > ----- Original Message ----- > From: "Aftarul Izam B. Basri" <[EMAIL PROTECTED]> > Date: Tuesday, April 23, 2002 9:23 am > Subject: RE: Open port 1023-65535 > > > It depend......if you run Exchange only for basic email > > server(POP3 and > > SMTP) thats all the port you should open. But if you run a > > complete Exchange > > server which mean beside POP3/SMTP, also all its workgroup > > function like > > journal, contacts list, public folders, then there will be few > > more ports > > you should open. But for a better security, normally we don't > > allow external > > people to access the workgroup function of Exchange only for > POP3 > > and SMTP. > > If they still want to access all function, better to go through > > VPN first at > > then access Exchange workgroup function. > > > > Izam > > RHB KL > > > > -----Original Message----- > > From: Fauzi Badron [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, April 23, 2002 9:14 AM > > To: Tan Tshun Kiat > > Cc: [EMAIL PROTECTED] > > Subject: Re: Open port 1023-65535 > > > > > > If I use Microsoft Exchange 2000 what port must i open. > > > > Fauzi Badron (New Fauzi) > > System Administrator > > Sepakat Computer Consultant Sdn Bhd > > > > ----- Original Message ----- > > From: Tan Tshun Kiat <[EMAIL PROTECTED]> > > Date: Tuesday, April 23, 2002 8:59 am > > Subject: Re: Open port 1023-65535 > > > > > Hi, > > > TCP port 25 for SMTP is good enough. If it's POP, then 110. > IMAP> > port 143. > > > > > > Regards, > > > -- > > > Tan Tshun Kiat (Mr) > > > Systems Administrator (Unix) > > > Information Technology Group > > > Institute For Communications Research > > > > > > > > > Fauzi Badron wrote: > > > > > > > All, > > > > > > > > Does suitable to open tcp port 1023 to 65535 for mail server > > at my > > > > firewall? > > > > > > > > Fauzi Badron > > > > System Administrator > > > > Sepakat Computer Consultant Sdn Bhd > > > > > > > > _______________________________________________ > > > > Firewalls mailing list > > > > [EMAIL PROTECTED] > > > > http://lists.gnac.net/mailman/listinfo/firewalls > > > > > > > > > > > > > _______________________________________________ > > Firewalls mailing list > > [EMAIL PROTECTED] > > http://lists.gnac.net/mailman/listinfo/firewalls > > This message is intended only for the use of the person(s) to > whom > > it is > > addressed and may contain information that is privileged or > otherwise> protected from disclosure.If you are not the intended > recipient > > you are > > hereby notified that any use, review, disclosure or copying of > > this message > > and the information it contains is prohibited. If you receive > the > > message in > > error , please notify the sender by reply e-mail and discard all its > > contents. Thank You. > > _______________________________________________ > > Firewalls mailing list > > [EMAIL PROTECTED] > > http://lists.gnac.net/mailman/listinfo/firewalls > > > This message is intended only for the use of the person(s) to whom > it is > addressed and may contain information that is privileged or otherwise > protected from disclosure.If you are not the intended recipient > you are > hereby notified that any use, review, disclosure or copying of > this message > and the information it contains is prohibited. If you receive the > message in > error , please notify the sender by reply e-mail and discard all its > contents. Thank You. > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
