RE: Exchange2K/DMZ

From: Marc Fossi (mfossi@securityfocus.com)
Date: 07/11/02


Date: Thu, 11 Jul 2002 14:51:07 -0600
From: "Marc Fossi" <mfossi@securityfocus.com>
To: "Nicole Tutt" <Nicolet@meddata.com>, <focus-ms@securityfocus.com>

Two part series by Chris Weber called Securing Exchange 2000:

http://online.securityfocus.com/infocus/1572

http://online.securityfocus.com/infocus/1578

Marc Fossi
SecurityFocus
www.securityfocus.com

-----Original Message-----
From: Nicole Tutt [mailto:Nicolet@meddata.com]
Sent: Wednesday, July 10, 2002 4:46 PM
To: focus-ms@securityfocus.com
Subject: Exchange2K/DMZ

The LAN Administrator set up an Exchange server and placed it inside the firewall - opening ports for SSL and SMTP to the Exchange box from the outside world. I want to move the Exchange services to the DMZ. I'm not that familiar with Exchange 2k specifically but am used to being able to split out services from mail servers (IE. put WebAccess and SMTP gateways) and place vulnerable items in the DMZ or if not place the whole Exchange server in the DMZ. The LAN admin is concerned because the Exchange server has to see the domain controller on the inside net. How have others handled this setup?

Thanks in advance
Nicole