Sorry.. I was being flippant re: Hotmail.. more to highlight a reluctance to use POP3 (through a firewall) than any desire to use Hotmail... The comment about OWA was regards having to wrap a session with SSL to get around the basic authentication requirement/clear text password limitation of a FE/BE deployment and make it 'secure'.
Thanks for the pointer on the IPSec article. -----Original Message----- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: 19 March 2002 23:11 To: Exchange Discussions Subject: RE: Front-End/Back-End Topology - Ex2K With OWA2000 over SSL, the entire session is encrypted. With Hotmail, ony authentication is encrypted (I believe). AND you ought to read Martin Tuip's article on deploying IPSec to secure the front end to back end communication for OWA. Riveting stuff!! -----Original Message----- From: Myles, Damian [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 2:19 AM To: Exchange Discussions Subject: RE: Front-End/Back-End Topology - Ex2K More an aversion to using something (POP/IMAP) with passwords in clear text and since Outlook doesn't support APOP we have to go over SSL. Having said all that, I have to do HTTP over SSL with OWA and a front-end/back-end topology anyway ... so I'll just get my coat :) Mylo -----Original Message----- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: 19 March 2002 01:36 To: Exchange Discussions Subject: RE: Front-End/Back-End Topology - Ex2K Why? What's wrong with POP/IMAP? IMAP4 over SSL for example. Why would you rather give them Hotmail? William -----Original Message----- From: Myles, Damian [mailto:[EMAIL PROTECTED]] Sent: Monday, March 18, 2002 7:38 AM To: Exchange Discussions Subject: RE: Front-End/Back-End Topology - Ex2K I'd be happier giving them a hotmail account than POP/IMAP.. -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED]] Sent: 18 March 2002 16:35 To: Exchange Discussions Subject: RE: Front-End/Back-End Topology - Ex2K Let's see - OWA = SSL POP/IMAP = doesn't happen on my network, but it it did, it would only be via VPN ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Peregrine Systems Atlanta, GA > -----Original Message----- > From: Matt Plahtinsky [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 18, 2002 8:48 AM > To: Exchange Discussions > Subject: RE: Front-End/Back-End Topology - Ex2K > > > How do you guys secure exchange with OWA and POP/IMAP if you > don't put it in a DMZ? > > > Matt > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 18, 2002 8:44 AM > To: Exchange Discussions > Subject: RE: Front-End/Back-End Topology - Ex2K > > > There should be a rotating tag line appended to each message; > > "Exchange doesn't belong in the DMZ" > "PST=BAD" > "BLB=BAD" > > Etc _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
