Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

putting proxy server in DMZ to realy email for the exchange server 2

Status
Not open for further replies.
homerunkevin

homerunkevin

IS-IT--Management
Jun 7, 2002
86
0
0
US
We have DMZ zone setup with a web server in it. Currently, our exchange server is sitting in our private network. HOwever, our Outlook Web Access is sitting out in private network, the consultant said there were a risk of someone hacking into the exchange server. So to increase secruity sake, he recommend to have a proxy server install in teh DMZ to replicate email traffic and relay them internall to the email server. I still not sure as to how it works or understand it correctly. If anyone know more info or links to good docs that can help me better understand this project, that would be great. Just need to know how secure it will be if so? or any endanger having proceed with this project?

Any feedback comment would be greatly appreciated!!!

Best regards
Kevin Z
Techncial Support specailist
 
Sort by date Sort by votes
Well, it's certainly no big deal to put an email relay server in your DMZ but I have to question whether or not it's worth it from a security standpoint. You're still going to need to have port 80 or 443 open for OWA, and the reality of it all is that port 25 being open for SMTP traffic just isn't a security risk worth complicating your setup for. But that's just my opinion.

If you do feel like you have to do this then the web server you have now could probably do the job. If it's a Windows 2000 system you probably have the SMTP service on it already and it could be configured to accept mail for your domain and relay it on to the internal server. I don't know of any docs on it but I'm sure there are some on Microsoft's web site.

Good luck!

Gary McDonnell
 
Upvote 0 Downvote
This is what we did here...

Our Exchange is into our Internal Network, we use a sendmail into our DMZ to relay everything to our Exchange Server. Our OWA is on another server into the DMZ. (for the ports to open in the firewall see the docs about OWA.)
But if you don't want to use a SendMail relay you can probably only set your MX to point to your Internal Exchange Server with appropriate rules into your firewall... But not sure it's really secure. With a sendmail ( you will be abble to also setup a antispam and you will be sure everything is secure.
What ever the setup you did, my advise is, do not keep your OW server into your private network. And if you can setup a relay into your DMZ to your Internal Exchange Server. (SendMail or Windows)
With this you will avoid a lot of problems!
Hope could help! And Good luck!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
572
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
525
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
567
Brent Fletcher
Brent Fletcher
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
523
Priyanka_Chauhan
Priyanka_Chauhan
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
647
microsGuy16
microsGuy16

Part and Inventory Search

Sponsor

Back
Top