RE: E-Mail gateway on IIS.

From: Timothy Whisnant (TimothyWhisnant_at_MCBS.com)
Date: 06/13/05

  • Next message: Beauford, Jason: "RE: DHCP database"
    To: Jitendra Kalyankar <jitendra.kalyankar@gmail.com>, "focus-ms@securityfocus.com" <focus-ms@securityfocus.com>
    Date: Mon, 13 Jun 2005 11:12:25 -0400
    
    

    I would recommend using separate servers for email and web publishing (if
    the company budget is there). If the webserver is compromised, then email
    services are still available (vice-versa).

    Since I'm guessing that the webserver is visible to the public, it is highly
    open to attack. It is a matter of the traffic that is allowed to pass to
    each machine (I'm hoping that it is firewalled in some way). Since you would
    have more ports open for these services (http, maybe ssl and various email),
    you are allowing more avenues of attack. If you only allow certain traffic
    to reach these machines, then you are reducing the list of vulnerabilities.

    However, if you are comfortable with your deployment of the email server/web
    server, lock down ports/services on the machine, audit the event logs and
    let it go. Time will tell.

    Sincerely,

    Timothy Whisnant

    E-mail: timothywhisnant_AT_mcbs.com

    -----Original Message-----
    From: Jitendra Kalyankar [mailto:jitendra.kalyankar@gmail.com]
    Sent: Monday, June 13, 2005 7:27 AM
    To: focus-ms@securityfocus.com
    Subject: E-Mail gateway on IIS.

    MS Gurus -

    I have on question about the e-mail gateway. I am working with this company
    where company has webserver as well as E-Mail gateway on the same server.
    Let me know if this will create any security risks. In other words is it
    recommanded that you need to have seperate webserver and e-mail gateway
    servers.

    Any inputs on this are highly appreciated.

    -- 
    Thanks,
    Jitendra Kalyankar
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    [This e-mail message and any attached files are confidential and are intended solely for the use of the addressee(s) named above. This communication may contain material protected by attorney-client, work product, or other privileges. If you are not the intended recipient or person responsible for delivering this confidential communication to the intended recipient, you have received this communication in error, and any review, use, dissemination, forwarding, printing, copying, or other distribution of this e-mail message and any attached files is strictly prohibited. If you have received this confidential communication in error, please notify the sender immediately by reply e-mail message and permanently delete the original message. If you are unable to reach a recipient at this email domain (mcbs.com or brownrad.com) please contact a member of the Computer Support team by calling MCBS, LLC. at (706)-737-4575 or (800)-774-4575 or emailing support@mcbs.com.]
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Beauford, Jason: "RE: DHCP database"

    Relevant Pages

    • Re: RouterPublicIP2Servers
      ... used to make a connection to your webserver (your router if you look from ... you router needs to take care of the request. ... port open, and route the request based on the port. ... Kristofer Gafvert www.gafvert.info - My articles and help www.ilopia.com rj wrote:> We are hosting websites on 2 windows 2003 servers. ...
      (microsoft.public.inetserver.iis)
    • Re: duplicate domain names
      ... > clients the IPs of these DNS servers, ... > because it resolves the domain suffix to the ... > private network (rather than the ip of the webserver ... > webserver, ...
      (microsoft.public.win2000.dns)
    • Re: [opensuse] Store in a box?
      ... I want to build a site to sell stamps, it needs to be able to show photos of ... All servers run on Linux. ... If you want to host it yourself on your own webserver, ...
      (SuSE)
    • Re: Frustrating
      ... But when in the web browser, its going to the internal webserver instead of the external one. ... I did notice there were to A records that pointed to both DNS servers ... To delete them to satisfy website access will compromise domain functionality. ...
      (microsoft.public.windows.server.dns)
    • Re: Is tomcat an application servers, and what are webshere and weblogic called?
      ... Application Servers is an umbrella category for webservers/servlet ... A webserver is what your browser deals with. ... include a servlet container as well as an EJB ...
      (comp.lang.java.programmer)