It's not a rule... Just something nice to have... I use SMTP connectors both ways, as long as you're using the proper security methods, neither way is really better than the other...
Don Ely - NMBOTWBAS and then some [EMAIL PROTECTED] -----Original Message----- From: Cook, Jason [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 2:19 PM To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp Seems a little rash mr. butler, a lot of small companies use the scenario presented by Rob Ellis. A firewall, a good hardware one anyway is great protection if used effectively. OWA with ssl is a good and secure solution, so I'm curious as to why you believe that it's a "rule" to use a dmz? Jason Cook J.H. Ellwood and Associates Network Administrator [EMAIL PROTECTED] -----Original Message----- From: Rob Ellis [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 12:57 PM To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp Already considered, but the bean counters noticed the extra hardware and licensing needs for it. (FE-BE needs enterprise edition) In addition, the system is initially quite small, something like a few hundred users, but with the probable increase to something like 800 within 12 months. Regards, Rob Ellis Network Manager Profectus IT Tel 023 9224 7960 Mob 07974 111867 -----Original Message----- From: Ely, Don [mailto:[EMAIL PROTECTED]] Sent: 06 June 2002 18:31 To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp Niether is a bad theory with the proper security in place. I'd put OWA on a separate box from the Exchange server though. You might also consider a front end/back end solution... D -----Original Message----- From: Rob Ellis [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 1:26 PM To: Exchange Discussions Subject: lesser of the evils - ssl or smtp Ok, I've got a couple of scenarios, which of them is the least risky? Exchange 2000 mailbox server on the LAN, accepting/making connections using SMTP through a firewall to the internet Exchange 2000 mailbox server on the LAN, accepting SSL secured OWA connections from the internet, again, protected by a firewall. Basically I am being told I may have to do both with the same box, but I'd rather have the smtp traffic going through a DMZ based gateway running McAfee Webshield, and let the OWA clients come into the internal box over SSL (which I see as less of a risk than opening up port 25. If you had to choose one of the 2 above scenarios, which would it be? Regards, Rob Ellis _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
