My current company has thier mail hosted outside on a pop3 provider. I need to bring this in house so what is the most secure way to set it up? also I will need to setup OWA and some type of other remote access. I was thinking pop3 but believe rpc over http would be more secure. Any ideas would be great.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
new exchange setup.
- Thread starter stangdude
- Start date
WhoKilledKenny
MIS
In a nutshell?
Exchange Server(s)-----Firewall-----Front End Servers (for OWA -- and an SMTP Gateway (smarthost)(IIS6).
More detail...
Exchange Server(s)-----Firewall-----Front End Servers (for OWA -- and an SMTP Gateway (smarthost)(IIS6).
More detail...
If you're just now starting to look at Exchange, it would be in your best interest to look into Exchange 2007.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
- Thread starter
- #4
I would use 2007 but my predecessor bought 2003 and was already trying to make it work. Maybe that is why he is my predecessor 
. So to make sure I understand what you guys are saying we need a front end, back end solution with a firewall in between. Our firewall is in place already it is a pix 506e which also would not have been my choice. Also thanks for the help you guys are giving I really appreciate it.
. So to make sure I understand what you guys are saying we need a front end, back end solution with a firewall in between. Our firewall is in place already it is a pix 506e which also would not have been my choice. Also thanks for the help you guys are giving I really appreciate it.You don't need a firewall in between, and a 506e is fine.
What you DO need is to tell us more about amount of mail, number of users, how they will access the server (Outlook, OWA, OMA, WM devices, etc). That way, we can better advise you on a direction.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
What you DO need is to tell us more about amount of mail, number of users, how they will access the server (Outlook, OWA, OMA, WM devices, etc). That way, we can better advise you on a direction.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
- Thread starter
- #6
58sniper wrote:
You don't need a firewall in between, and a 506e is fine.
What you DO need is to tell us more about amount of mail, number of users, how they will access the server (Outlook, OWA, OMA, WM devices, etc). That way, we can better advise you on a direction.
Ok here it goes.
Currently we have two servers. One is a domain controller and the other runs exchange 2003. Both of those sit behind a pix firewall that is natted to a public ip address. Port 80, 25,110, and 443 have static translation to the exchange server. All current mail is hosted by an outside vendor via pop3. Have about 100 users that will access mail through Outlook 2003. And then probably another 30 or so that will either use pop3, or OWA (most likely pop3). Amount of mail will be large since I have drafters that send 50mb plus e-mail attachments and other users that will have a large volume of mail.
You don't need a firewall in between, and a 506e is fine.
What you DO need is to tell us more about amount of mail, number of users, how they will access the server (Outlook, OWA, OMA, WM devices, etc). That way, we can better advise you on a direction.
Ok here it goes.
Currently we have two servers. One is a domain controller and the other runs exchange 2003. Both of those sit behind a pix firewall that is natted to a public ip address. Port 80, 25,110, and 443 have static translation to the exchange server. All current mail is hosted by an outside vendor via pop3. Have about 100 users that will access mail through Outlook 2003. And then probably another 30 or so that will either use pop3, or OWA (most likely pop3). Amount of mail will be large since I have drafters that send 50mb plus e-mail attachments and other users that will have a large volume of mail.
I'd close 110 and have them use OWA or Outlook Anywhere. I'd also sit both servers on the LAN and have the Pix tunnel into the Exchange which is your front end as well.
I'd also make the Exchange Server a second DC for resilience (this is not an MS recommendation, but it works for SBS so don't knock it).
I'd also make the Exchange Server a second DC for resilience (this is not an MS recommendation, but it works for SBS so don't knock it).
I'd agree on closing 110, but I'd also close 80 as well, and open 443 instead. Tie an SSL cert to the Exchange box and use https for OWA. This will also work better with Windows Mobile devices.
I'd caution you against making the Exchange box a DC. You can NEVER promote or demote an Exchange server without permanently breaking Exchange. Promotions and demotions have to happen before Exchange is installed.
Outlook Anywhere is certainly a good path. If you can't use Outlook Anywhere, IMAP4 is still better than POP3.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
I'd caution you against making the Exchange box a DC. You can NEVER promote or demote an Exchange server without permanently breaking Exchange. Promotions and demotions have to happen before Exchange is installed.
Outlook Anywhere is certainly a good path. If you can't use Outlook Anywhere, IMAP4 is still better than POP3.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
- Status
Similar threads
- Locked
- Helpful tip
- Locked
- Question
