Re: Outlook, Exchange and Port 1237
From: Steve Riley [MSFT] (steriley_at_microsoft.com)
Date: 02/11/05
- Next message: none: "Re: What is The best Firewall and Anti-Virus Program?"
- Previous message: PA Bear: "Re: Users of NAV, NSW or NIS 2004"
- In reply to: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Next in thread: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Reply: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 11 Feb 2005 11:15:52 -0800
A couple KBs might be of interest to you. The first allows you to reduce
the range of port numbers RPC will use. The second has specific steps for
Exchange RPC only.
How to configure RPC dynamic port allocation to work with firewalls
http://support.microsoft.com/default.aspx?scid=kb;en-us;154596
Exchange 2000 Windows 2000 connectivity through firewalls
http://support.microsoft.com/default.aspx?scid=kb;en-us;280132
But understand...all this will do is make it *easier* to get through firewalls.
Locking down to certain ports certainly doesn't make it any more *secure*.
Simply knowing a port number doesn't mean you can trust the traffic; look
at how much garbage spews over port 80 these days. Since every firewall in
the world is open for port 80, it's logical that the bad guys are using this
as their transport now.
That's why I'd never build a network without content-inspecting firewalls.
And once you have that, then it really doesn't matter any more what ports
something uses.
Steve Riley
steriley@microsoft.com
> Thanks for your help Steve,
>
> Probably is it - I'll get our Server gurus to check it out. If it is
> I see 2 problems with MS's method here.
>
> Firstly, using random ports makes for difficulties in network traffic
> shaping, particularly if mail needs to be prioritised.
>
> Secondly, using random ports makes for difficulty in firewalling. I
> have to allow all ports from my exchange server.
>
> Can the ports be made static?
>
> David
>
> "Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
> news:71003632434553991180840@news.microsoft.com...
>
>> MAPI uses RPC. RPC services bind themselves to random ports when they
>> start. Could be that 1237 is one of the three ports Exchange is
>> currently bound to.
>>
>> Run RPCDUMP from the Resource Kit to see which ports are assigned to
>> which services.
>>
>> Steve Riley
>> steriley@microsoft.com
>>> We are using Exchange 2000 with Outlook 2000 on the client and seem
>>> to have excessive use of port 1237 on the Exchange server. What is
>>> this port used for and what should be normal use? A search of the
>>> MS KB has produce 0 hits and that is why I'm posting here.
>>>
>>> Any clues?
>>>
>>> David Fosdike
>>> dfosdike at nospam(leave this out and change 'dots' and 'at') dot
>>> elders dot
>>> com dot au
- Next message: none: "Re: What is The best Firewall and Anti-Virus Program?"
- Previous message: PA Bear: "Re: Users of NAV, NSW or NIS 2004"
- In reply to: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Next in thread: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Reply: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
