Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Exchange 2003 on DMZ?

Status
Not open for further replies.
sghezzi

sghezzi

Technical User
Apr 7, 2003
56
DE
Hello,

we are planning to have Exchange 2003 as our internal mail server. At the moment we have an external ISP which acts as mail server as well and each user downloads mail from it.

What is the best strategy?
I can see different solution:

1- we put Exchange inside the PIX and we apply static translation to let users to access to it via Web interface from the Internet. From the inside users will not have to cross the PIX to send/receive emails to/from other internal users.

2- we place Exchange in the DMZ. But in this case From the inside users will have to cross the PIX to send/receive emails to/from other internal users. Or is it maybe possible to split Exchange in two different parts: mail Relay and mail server?

3- On both the previous cases we may decide whether to keep our external provider or not. Then Exchange could download emails from it periodically. On one side it would be maybe better do that we can let external users to access to it via web, and we don't need to open HTTP on PIX. But on the ther hand it is a problem of costs (monthly fee to the provider)


What do you suggest?
Are there some documents showing what is the best strategy?

thanks a lot
regards
Silvia
 
Sort by date Sort by votes
Go with #1 if at all possible. It's how Exchange is designed to work. If you put Exchange in the DMZ then you'll have to open up all sorts of ports to communicate between the users, Exchange and Active Directory.

If you feel the need you can always put in an SMTP relay server in the DMZ. It can run Windows server and the IIS SMTP service or be a Linux box running SendMail or other SMTP program.

Gary McDonnell
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
1K
Wesaf
Wesaf

Part and Inventory Search

Sponsor

Back
Top