Re: Near and far dmz (is this model secure)

From: Useko Netsumi (usenets@nyc.rr.com)
Date: 10/04/02 

From: "Useko Netsumi" <usenets@nyc.rr.com>
Date: Fri, 4 Oct 2002 14:08:58 -0400

I tend to agree with your manager but its overkill.

First, install an SMTP-gateway machine in the dmz(you can use a cheap Intel
box running linux), then move the exchange server into the internal network.
Next is to configure the firewall to allow SMTP-protocol to flow ONLY
between SMTP-gateway(in DMZ) and Exchange Server(internal network).

Relevant Pages

  • Re: Exchange POP3 DNS issue
    ... the same POP3 client tries to connect from our internal network it ... If I try to telnet to the Exchange server on 110 it will ... connect but never return a banner from the Exchange Server. ... Could this be a sign of DNS problems? ...
    (microsoft.public.exchange.admin)
  • SMTP and E2 w/SP3
    ... I am running Exchange Server 2000 with SP3 installed on an internal network. ... All outside mail is handled through the ISP email and there is no forwarding ...
    (microsoft.public.exchange.admin)
  • Re: Multiple Nics
    ... Put 1 NIC in the Exchange server and put that on the internal network. ... Please do not send email directly to this alias. ... >I want to configure exchange to run behind a firewall utilizing 1 to 1 nat. ...
    (microsoft.public.exchange.setup)
  • Re: Protecting an Exchange server?
    ... > internal network and place some kind of email appliance on our DMZ to ... > actually send and receive email to the world and to the Exchange server on ... Securing Microsoft Groupware Environments with Unix ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
Quantcast