Exchange server security issues

[olana]

I hope someone would help me. I have been given a new assignment to administer an exchange server 5.5. I would like to assess the implemented security measures. What are major areas of interest from secuirity pespective?

Thanks

 

[GWINTO]

Check out the Routing tab on IMC for relay/routing restrictions, Check the permissions tab on recipients for user access rights (who can see what), Is this the sort of thing that you are looking for?

 

[olana]

Yes I was looking for such issues. My question was too general. I have inqured about possible security holes that are relevant to Exchange. I have checked important points whcih I have assumed were important. But I just wanted to know if there are areas that I am not aware of or missed.

Thanks

 

[GWINTO]

Security for Exchange generally follows the rules for any server, make sure its behind a good firewall and you have a good password policy, other than that I'd recommend a specific anti-virus software (this will scan everything coming in), we use Symantec for Exchange and are more than happy with it. Also make sure you have some routing restrictions in place (via the IMC) to prevent spamming off your server.