Security Basics mailing list archives
RE: Secure SMTP setup/ISA 2004
From: "Stephane Auger" <stephaneauger () pre2post com>
Date: Tue, 26 Oct 2004 11:19:06 -0400
There's a strong risk there. If your SMTP gets compromised, ISA is compromised and vice-versa. A good setup is having an ISA, with another server acting as an SMTP gateway (Mdaemon is pretty good for that), thus relaying your inbound and outbound mail to/from your Exchange. Stephane Auger -----Original Message----- From: Dan Tesch [mailto:dan.tesch () comcast net] Sent: October 23, 2004 12:14 PM To: security-basics () securityfocus com Subject: Secure SMTP setup/ISA 2004 I have installed a new 2003 Server with Exchange 2003 and while planning the deployment I started reading and thinking about not opening my firewall to the Ex server and putting an SMTP server in my DMZ. I have a test 2003 Srvr. with ISA on it and I have the 2003 SMTP service running - the 2003/ISA box will receive mail from the internet and the Ex Srvr will pull mail from ISA. My question is this- is this a good way to go about it with the SMTP service running on the ISA server? How likely might this be to be compromised? and being that the ISA server with SMTP running on it touches my LAN would it be better to have ISA or another firewall as the border and a separate box for SMTP?
Current thread:
- Secure SMTP setup/ISA 2004 Dan Tesch (Oct 25)
- Re: Secure SMTP setup/ISA 2004 xyberpix (Oct 26)
- <Possible follow-ups>
- RE: Secure SMTP setup/ISA 2004 Stephane Auger (Oct 26)