RE: Accessing Exchange 2000 Remotely
From: Boyce Ezell (boyceezell@yahoo.com)Date: 08/17/01
- Previous message: jaysen@cyberbookies.com: "RE: MS01-044"
- In reply to: Stephen K. Watling: "Accessing Exchange 2000 Remotely"
- Next in thread: Byron Kennedy: "RE: Accessing Exchange 2000 Remotely"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Boyce Ezell" <boyceezell@yahoo.com> To: <focus-ms@securityfocus.com> Subject: RE: Accessing Exchange 2000 Remotely Date: Fri, 17 Aug 2001 09:46:10 -0400 Message-ID: <000501c12722$f9b737b0$8065a8c0@porcupine>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have never been big on granting POP/IMAP access to remote users on
my Exchange installations. My main reason for disliking this
solution is backups: users never backup their .pst files. My other
reason is that when they leave the company, users retain the
information, some of which may be privileged. If you have to do it,
secure it with a certificate. IPSEC/PPTP VPN is an alternative, but
it is easier to add your SSL certificate to POP3 and close port 110
to force the issue. Outlook supports using SSL for POP3. Using RRAS
can be a headache, especially when you don't need it. Pay $100 and
get a certificate for a year, sleep well.
Boyce Ezell
SysAdmin-At-Large
- -----Original Message-----
From: Stephen K. Watling [mailto:steve.watling@neumark.com]
Sent: Thursday, August 16, 2001 6:47 PM
To: focus-ms@securityfocus.com
Subject: Accessing Exchange 2000 Remotely
We are running a MS Exchange 2000 server behind our firewall. We do
not
have any problems with our users accessing it from within our LAN (of
course), however, we do have a number of employees who work remotely,
at
least part of the time. In order to accommodate them, we enabled
Outlook Web Access across an SSL connection. Our remote users have
requested that we go a step further and enable POP3 access to the
system. Now, I am against doing this, because I question the
security
aspects of this. I have suggested we enable IMAP4 over SSL to allow
remote access. However, our users are sticking to their guns on POP3
access. We are working on implementing VPN access, but due to
logistical constraints, we will not be able to implement it for a few
months. We would like to find an interim solution as soon as
possible.
Question: What is the most secure/flexible method of accessing an
Exchange 2000 server from across the Internet? Is there a more
secure
option that I just don't see?
Thank you in advance for your assistance,
Steve
Systems Engineer
Systems Engineer
Neumark Technology Group, Inc.
Phone: 630-505-3721
Fax: 630-505-4999
Mobile: 847-366-9088
steve.watling@neumark.com
www.neumark.com
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBO30gIlFH1oF9Bg0QEQKUEgCgima7wT2X1IxFI4yQMu5GL5vJ9EEAoMz9
6j+X92jqw1dhNFkjIDHIz654
=O7+e
-----END PGP SIGNATURE-----
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
- Previous message: jaysen@cyberbookies.com: "RE: MS01-044"
- In reply to: Stephen K. Watling: "Accessing Exchange 2000 Remotely"
- Next in thread: Byron Kennedy: "RE: Accessing Exchange 2000 Remotely"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
