Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

squid proxy server in front of exchange 2003 for https access

Status
Not open for further replies.
gwu

gwu

MIS
Dec 18, 2002
239
0
0
US
would there be any point in putting squid proxy server in front of exchange for https access from the internet? I beleive squid just forwards the traffic so it might not help security at all.

Are there any better options to give our users https access to their email from the internet? VPN?

I figured it would be better(in terms of security) than allowing internet users direct access to exchange.

thanks
 
Sort by date Sort by votes
Properly configured, Windows Server 2003 and Exchange 2003 can survive without a firewall. But I wouldn't do it myself.

If you know squid, put it in. If not, get a Netgear DG834 and after about 4 minutes configuring it, you are done.
 
Upvote 0 Downvote
I believe (though am shaky on the details) that you want a reverse proxy, not a forward proxy.

I *believe* squid can act as both.

I am looking into using apache as a reverse proxy, there seems to be a few articles around. I can't recall the links but I would google 'OWA and apache reverse proxy'.

This also talks about putting OWA behind the proxy too.

Cheers.
 
Upvote 0 Downvote
Firewalls are not going to protect against unknown IIS vulnerabilities are they? Wouldn't a proxy, (or reverse proxy ) help protect against unknown IIS vulnerabilities . I don't understand how proxies work so someone may have to explain.

Isn't a common practice to not allow direct access to a company's internal network?

thanks blakey2 ,I will look
 
Upvote 0 Downvote
Some links:

HOWTO: OWA 2K/2K3 Front-end SSL Proxy with Apache 2.0

A thread discussing pros and cons:

Server Watch - Reverse Proxying with Apache 2.0

An introduction to securing Linux with Apache, ProFTPd and Samba
The actual link:
Otherwise simply go to their homepage, click on archives and then select "Issue 1.1" (April 2005)


Hope these links may prove useful?

I looked into the whole scenario about six months ago (hence the shady recollection). I built a debian linux apache (v2.0) webserver back then and made sure I compiled all of the relevant libraries/modules to make it all happen. Unfortunately I have only now taken stock of my new mailserver hardware and Exchange 2003 software so have not had the opportunity to set it up as yet.

Fun and games! Keep us posted.

Cheers - Chris.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
568
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
524
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
562
Brent Fletcher
Brent Fletcher
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
645
microsGuy16
microsGuy16
ponoodle
  • Locked
  • Question
Disabling OWA for on prem Exchange while in a hybrid envirenment.
Replies
0
Views
494
ponoodle
ponoodle

Part and Inventory Search

Sponsor

Back
Top