Secure SMTP setup/ISA 2004

["Dan Tesch" <dan.tesch () comcast net>]

I have installed a new 2003 Server with Exchange 2003
and while planning the deployment I started reading and
thinking about not opening my firewall to the Ex server
and putting an SMTP server in my DMZ.

I have a test 2003 Srvr. with ISA on it and I have the
2003 SMTP service running - the 2003/ISA box will
receive mail from the internet and the Ex Srvr will pull
mail from ISA.

My question is this- is this a good way to go about it
with the SMTP service running on the ISA server?
How likely might this be to be compromised? and
being that the ISA server with SMTP running on it
touches my LAN would it be better to have ISA or
another firewall as the border and a separate box
for SMTP?