RE: Accessing Exchange 2000 Remotely
From: Bob Buel (rbuel@asd-web.com)Date: 08/17/01
- Previous message: Laura A. Robinson: "Re: Blocking a remote static IP in Windows 2000"
- In reply to: Byron Kennedy: "RE: Accessing Exchange 2000 Remotely"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bob Buel" <rbuel@asd-web.com> To: <focus-ms@securityfocus.com> Subject: RE: Accessing Exchange 2000 Remotely Date: Fri, 17 Aug 2001 14:57:45 -0500 Message-ID: <000a01c12756$e4e33210$170c650a@340023456>
Why don't you dual home your mail server with a NIC in your DMZ, and
limit it to ports (110 and 25)? There's not much damage (anything?) that
can be done with POP access limited this way, as long as there are no
web servers in the same DMZ with it.
Also, perhaps a better alternative would be to put your exchange server
in your DMZ, (since the internal network would be less directly
accessible) but then again, I would be concerned about the account data
and email that could be compromised.....
Just some thoughts!
Bob
-----Original Message-----
From: Byron Kennedy [mailto:byron@markettools.com]
Sent: Friday, August 17, 2001 11:59 AM
To: 'Mark Parry'; Stephen K. Watling; focus-ms@securityfocus.com
Subject: RE: Accessing Exchange 2000 Remotely
Agreed. What about secure-pop (over ssl) until you get the VPN up?
Byron
-----Original Message-----
From: Mark Parry [mailto:mark@firstworld.net]
Sent: Thursday, August 16, 2001 6:44 PM
To: Stephen K. Watling; focus-ms@securityfocus.com
Subject: Re: Accessing Exchange 2000 Remotely
I think you need a VPN.
Mark
----- Original Message -----
From: "Stephen K. Watling" <steve.watling@neumark.com>
To: <focus-ms@securityfocus.com>
Sent: Thursday, August 16, 2001 4:47 PM
Subject: Accessing Exchange 2000 Remotely
We are running a MS Exchange 2000 server behind our firewall. We do not
have any problems with our users accessing it from within our LAN (of
course), however, we do have a number of employees who work remotely, at
least part of the time. In order to accommodate them, we enabled
Outlook Web Access across an SSL connection. Our remote users have
requested that we go a step further and enable POP3 access to the
system. Now, I am against doing this, because I question the security
aspects of this. I have suggested we enable IMAP4 over SSL to allow
remote access. However, our users are sticking to their guns on POP3
access. We are working on implementing VPN access, but due to
logistical constraints, we will not be able to implement it for a few
months. We would like to find an interim solution as soon as possible.
Question: What is the most secure/flexible method of accessing an
Exchange 2000 server from across the Internet? Is there a more secure
option that I just don't see?
Thank you in advance for your assistance,
Steve
Systems Engineer
Systems Engineer
Neumark Technology Group, Inc.
Phone: 630-505-3721
Fax: 630-505-4999
Mobile: 847-366-9088
steve.watling@neumark.com
www.neumark.com
- Previous message: Laura A. Robinson: "Re: Blocking a remote static IP in Windows 2000"
- In reply to: Byron Kennedy: "RE: Accessing Exchange 2000 Remotely"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
