Security Basics mailing list archives

RE: Exchange Server and External Access

From: "Nick Duda" <nduda () VistaPrint com>
Date: Mon, 25 Aug 2003 12:15:22 -0400

I just implemented a similar solution here. I've upgraded my environment to enterprise edition, and made a front end 
server behind the firewall. Allowed 80,443 to it. Require SSL, 128bit...etc Tighten the box down like crazy. Only issue 
after the fact I found was I needed to tweak the URL filtering on iiscan. It was filtering some silly stuff. I have a 
whitepaper on this (although not to difficult to setup out of the box).

- Nick

-----Original Message-----
From: Cherian M. Palayoor [mailto:cpalayoor () cwalkergroup com]
Sent: Friday, August 22, 2003 1:26 PM
To: security-basics () securityfocus com
Subject: Exchange Server and External Access


Hi,

We presently use the Std edition of Exchange 2000 as a mail server for our
internal users, behind the Firewall.

However we would like to grant mailbox access to external users outside the
Firewall.

What would be the most secure and efficient method of accomplishing this. 

One stream of thought that I have been entertaining is having a separate
Exchange/Mail  Server on the DMZ.

Now this solution would result in having to maintain 2 separate mailboxes for
internal and external users. This creates problems for users who would access
their emails from both inside and outside the office.

How can I workaround this problem.

Thanks in advance for any suggestions.

Regards

CP


 Scanned by Webshield E250



---------------------------------------------------------------------------
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

Current thread:

RE: Exchange Server and External Access, (continued)
- RE: Exchange Server and External Access Joey Peloquin (Aug 25)
- Re: Exchange Server and External Access chort (Aug 25)
- RE: Exchange Server and External Access Rubottom, Karl (Aug 22)
- Re: Exchange Server and External Access salgak (Aug 22)
- Re: Exchange Server and External Access Tony (Aug 22)
- FW: Exchange Server and External Access Cherian M. Palayoor (Aug 25)
  - Re: FW: Exchange Server and External Access chort (Aug 26)
- RE: Exchange Server and External Access Depp, Dennis M. (Aug 25)
- RE: Exchange Server and External Access Gregory M. Brown (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 25)
- RE: Exchange Server and External Access McGill, Lachlan (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 26)
- Re: Exchange Server and External Access salgak (Aug 26)
- RE: FW: Exchange Server and External Access Cherian M. Palayoor (Aug 26)
  - Re: FW: Exchange Server and External Access Gabriel Orozco (Aug 26)
- RE: Exchange Server and External Access Hay, Duane (Aug 26)
  - RE: Exchange Server and External Access Aditya [Aditya Lalit Desgmukh] (Aug 27)
- Re: Exchange Server and External Access Valery Baranov (Aug 26)
- RE: Exchange Server and External Access Nero, Nick (Aug 26)
- RE: FW: Exchange Server and External Access Cherian M. Palayoor (Aug 26)

(Thread continues...)