Re: Outlook, Exchange and Port 1237
From: David Fosdike (me_at_there.com)
Date: 02/11/05
- Next message: Rod: "security update KB890047"
- Previous message: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- In reply to: Steve Riley [MSFT]: "Re: Outlook, Exchange and Port 1237"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 12 Feb 2005 08:20:43 +1030
Thanks Steve,
I'll pass this onto to the Windows admins,
David.
"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:72004632437173523473318@news.microsoft.com...
>A couple KBs might be of interest to you. The first allows you to reduce
>the range of port numbers RPC will use. The second has specific steps for
>Exchange RPC only.
>
> How to configure RPC dynamic port allocation to work with firewalls
> http://support.microsoft.com/default.aspx?scid=kb;en-us;154596
>
> Exchange 2000 Windows 2000 connectivity through firewalls
> http://support.microsoft.com/default.aspx?scid=kb;en-us;280132
>
>
> But understand...all this will do is make it *easier* to get through
> firewalls. Locking down to certain ports certainly doesn't make it any
> more *secure*. Simply knowing a port number doesn't mean you can trust the
> traffic; look at how much garbage spews over port 80 these days. Since
> every firewall in the world is open for port 80, it's logical that the bad
> guys are using this as their transport now.
>
> That's why I'd never build a network without content-inspecting firewalls.
> And once you have that, then it really doesn't matter any more what ports
> something uses.
>
> Steve Riley
> steriley@microsoft.com
>
>
>> Thanks for your help Steve,
>>
>> Probably is it - I'll get our Server gurus to check it out. If it is
>> I see 2 problems with MS's method here.
>>
>> Firstly, using random ports makes for difficulties in network traffic
>> shaping, particularly if mail needs to be prioritised.
>>
>> Secondly, using random ports makes for difficulty in firewalling. I
>> have to allow all ports from my exchange server.
>>
>> Can the ports be made static?
>>
>> David
>>
>> "Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
>> news:71003632434553991180840@news.microsoft.com...
>>
>>> MAPI uses RPC. RPC services bind themselves to random ports when they
>>> start. Could be that 1237 is one of the three ports Exchange is
>>> currently bound to.
>>>
>>> Run RPCDUMP from the Resource Kit to see which ports are assigned to
>>> which services.
>>>
>>> Steve Riley
>>> steriley@microsoft.com
>>>> We are using Exchange 2000 with Outlook 2000 on the client and seem
>>>> to have excessive use of port 1237 on the Exchange server. What is
>>>> this port used for and what should be normal use? A search of the
>>>> MS KB has produce 0 hits and that is why I'm posting here.
>>>>
>>>> Any clues?
>>>>
>>>> David Fosdike
>>>> dfosdike at nospam(leave this out and change 'dots' and 'at') dot
>>>> elders dot
>>>> com dot au
>
>
>
- Next message: Rod: "security update KB890047"
- Previous message: David Fosdike: "Re: Outlook, Exchange and Port 1237"
- In reply to: Steve Riley [MSFT]: "Re: Outlook, Exchange and Port 1237"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
