>From: Roger Seielstad <[EMAIL PROTECTED]> >To: "Exchange Discussions" <[EMAIL PROTECTED]>
>Subject: RE: Locking of Exchange ports question. >Date: Wed, 30 Oct 2002 15:04:16 -0500 >Reply-To: "Exchange Discussions" <[EMAIL PROTECTED]> > >There is a hack for newer (OL2k and newer) to actively poll Exchange for new >messages on an interval. I can't find the article right now though. > >For what its worth, I use ports in the 3200 range without incident. > >------------------------------------------------------ >Roger D. Seielstad - MCSE >Sr. Systems Administrator >Inovis - Formerly Harbinger and Extricity >Atlanta, GA > > >> -----Original Message----- >> From: Pfefferkorn, Pete (PFEFFEPE) [mailto:PFEFFEPE@;UCMAIL.UC.EDU] >> Sent: Wednesday, October 30, 2002 2:14 PM >> To: Exchange Discussions >> Subject: Locking of Exchange ports question. >> >> >> Exchange 5.5 SP4, NT 2000. >> >> We are finally going to be moving our Exchange deployment >> into a safe zone. >> The servers will be put into it's own secure segment that will have a >> firewall for internal and external users. We are requiring >> users to use a >> VPN client if they are coming in from an ISP, but we also >> want to try and >> safeguard the systems internally from the students as well, >> such as the >> dorms. >> >> Anyhow, we're looking at locking down all the ports on the >> Exchange Servers >> as well and only open ports that are required. I know I'll >> have to assign >> static ports for the MSEXCHANEDS, IS and SA TCPIP as defined >> Q148732. It >> recommends using ports above 5000, so I was going to use >> 5001, 5002 and 5003 >> and I presume that a reboot will be required. >> >> The one item which cannot be locked down is the push >> notification messages >> and UDP ports 1024-65535. I talked to our firewall expert >> and asked if >> those ports can be blocked from coming in but not for going >> out. Does this >> make sense or is there another way of securing those ports a >> little better. >> >> Anyone have any other advice prior to us cutting over. Any >> gotchas I need >> to be aware of? >> >> _________________________________________________________________ >> List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >> Archives: http://www.swynk.com/sitesearch/search.asp >> To unsubscribe: mailto:leave-exchange@;ls.swynk.com >> Exchange List admin: [EMAIL PROTECTED] >> > >_________________________________________________________________ >List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe: mailto:leave-exchange@;ls.swynk.com >Exchange List admin: [EMAIL PROTECTED] ______________________________________________________ Get Paid... With Your Free Email at http://www.zwallet.com/index.html?user=katnpal1 _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:leave-exchange@;ls.swynk.com Exchange List admin: [EMAIL PROTECTED]
