Any suggestion to improve my exchange security.TQ

Fauzi Badron 
System Administrator
Sepakat Computer Consultant Sdn Bhd

----- Original Message -----
From: "Aftarul Izam B. Basri" <[EMAIL PROTECTED]>
Date: Tuesday, April 23, 2002 2:34 pm
Subject: RE: RE: Open port 1023-65535

> Fauzi,
> 
> The best way to decide which strategy for your email/workgroup 
> server is to
> identify who and from where the user will be coming in to access 
> the server.
> It doesn't have to run vpn to let outside user access the 
> workgroup. You can
> use OWA so that external user use their browser(preferably using 
> https) to
> access all the workgroup function. This way you only configure 
> your firewall
> to allow port 443 from external to the OWA server.
> 
> *normally personally I don't recommend to put a full
> blown(workgroup+pop3+smtp) exchange server even in a dmz zone.
> 
> Izam
> 
> -----Original Message-----
> From: Fauzi Badron [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, April 23, 2002 11:27 AM
> To: Aftarul Izam B. Basri
> Cc: [EMAIL PROTECTED]
> Subject: Re: RE: Open port 1023-65535
> 
> 
> My Mail server located in DMZ.Should i changes to VPN from DMZ to 
> allow 
> the workgroup function of Exchange.TQ
> 
> 
> Fauzi Badron (New Fauzi)
> System Administrator
> Sepakat Computer Consultant Sdn Bhd
> 
> ----- Original Message -----
> From: "Aftarul Izam B. Basri" <[EMAIL PROTECTED]>
> Date: Tuesday, April 23, 2002 9:23 am
> Subject: RE: Open port 1023-65535
> 
> > It depend......if you run Exchange only for basic email 
> > server(POP3 and
> > SMTP) thats all the port you should open. But if you run a 
> > complete Exchange
> > server which mean beside POP3/SMTP, also all its workgroup 
> > function like
> > journal, contacts list, public folders, then there will be few 
> > more ports
> > you should open. But for a better security, normally we don't 
> > allow external
> > people to access the workgroup function of Exchange only for 
> POP3 
> > and SMTP.
> > If they still want to access all function, better to go through 
> > VPN first at
> > then access Exchange workgroup function.
> > 
> > Izam
> > RHB KL
> > 
> > -----Original Message-----
> > From: Fauzi Badron [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, April 23, 2002 9:14 AM
> > To: Tan Tshun Kiat
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Open port 1023-65535
> > 
> > 
> > If I use Microsoft Exchange 2000 what port must i open.
> > 
> > Fauzi Badron (New Fauzi)
> > System Administrator
> > Sepakat Computer Consultant Sdn Bhd
> > 
> > ----- Original Message -----
> > From: Tan Tshun Kiat <[EMAIL PROTECTED]>
> > Date: Tuesday, April 23, 2002 8:59 am
> > Subject: Re: Open port 1023-65535
> > 
> > > Hi,
> > >    TCP port 25 for SMTP is good enough. If it's POP, then 110. 
> IMAP> > port 143.
> > > 
> > > Regards,
> > > --
> > > Tan Tshun Kiat (Mr)
> > > Systems Administrator (Unix)
> > > Information Technology Group
> > > Institute For Communications Research
> > > 
> > > 
> > > Fauzi Badron wrote:
> > > 
> > > > All,
> > > >
> > > > Does suitable to open tcp port 1023 to 65535 for mail server 
> > at my
> > > > firewall?
> > > >
> > > > Fauzi Badron
> > > > System Administrator
> > > > Sepakat Computer Consultant Sdn Bhd
> > > >
> > > > _______________________________________________
> > > > Firewalls mailing list
> > > > [EMAIL PROTECTED]
> > > > http://lists.gnac.net/mailman/listinfo/firewalls
> > > 
> > > 
> > > 
> > 
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> > This message is intended only for the use of the person(s) to 
> whom 
> > it is
> > addressed and may contain information that is privileged or 
> otherwise> protected from disclosure.If you are not the intended 
> recipient 
> > you are
> > hereby notified that any use, review, disclosure or copying of 
> > this message
> > and the information it contains is prohibited. If you receive 
> the 
> > message in
> > error , please notify the sender by reply e-mail and discard all its
> > contents. Thank You.
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> > 
> This message is intended only for the use of the person(s) to whom 
> it is
> addressed and may contain information that is privileged or otherwise
> protected from disclosure.If you are not the intended recipient 
> you are
> hereby notified that any use, review, disclosure or copying of 
> this message
> and the information it contains is prohibited. If you receive the 
> message in
> error , please notify the sender by reply e-mail and discard all its
> contents. Thank You.
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
> 

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to