That is exactly what I did with my last organization before we got a real firewall. I multihomed exchange, used a smart host with our ISP and filtered on the external NIC, everything except port 25. Where I am at now, they say if you do that you will get hacked, and I say only if the box is not properly configured.
I pick up my best practices from this list. Even if they are MVP's..... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Sunday, December 14, 2003 1:38 PM To: Exchange Discussions Subject: RE: Mail Processing by Exchange vs. SendMail Even on allegedly hack-prone Windows, you can lock down the outside port so that it'll filter everything except TCP port 25, no? Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Sunday, December 14, 2003 9:45 AM To: Exchange Discussions Subject: RE: Mail Processing by Exchange vs. SendMail I actually would be comfortable with that, except I have yet to find a way to get Windows (any version) to run correctly from read only media - our external relays boot and run from CD, with only certain configuration files actually existing on a writable drive, along with the spool directories. Sooner or later I might just play with that kind of configuration for Windows, although I'm afraid it might not be possible. But its worth trying.... -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Ed Crowley [MVP] [mailto:[EMAIL PROTECTED] > Sent: Friday, December 12, 2003 6:14 PM > To: Exchange Discussions > Subject: RE: Mail Processing by Exchange vs. SendMail > > > If you feel that way, a locked down Windows 2003 box running the SMTP > service is just as capable as a Unix box running sendmail. > > Ed Crowley MCSE+Internet MVP > Freelance E-Mail Philosopher > Protecting the world from PSTs and Bricked Backups!T > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Roger > Seielstad > Sent: Friday, December 12, 2003 6:54 AM > To: Exchange Discussions > Subject: RE: Mail Processing by Exchange vs. SendMail > > Um, no, it can't. But that's a whole different story. > Microsoft has some > hard num bers about the speed of the IIS SMTP component in comparison > to sendmail. I think they're in a whitepaper someone on the MS site. > > That being said, I'm not a fan of exposing Exchange directly to the > Internet. If for no other reason, I like to run border virus scanning > (using VirusWall from Trend Micro), which I feel runs better on Unix. > Even then, these systems are in the middle of the mail flow (internal > relays). We use a highly locked down[1] version of OpenBSD as inbound > only relays in our DMZ (they only accept and forward mail for us - > they don't send mail outbound). > It's a bit overkill, but we also run a lot more mail through our > systems than comparible sized companies seem to do. > > To answer your question, however, I've not found a case where a > properly tuned Exchange server fell under load, short of an outright > DOS attack or mail loop. > > -------------------------------------------------------------- > Roger D. Seielstad - MTS MCSE MS-MVP > Sr. Systems Administrator > Inovis Inc. > > [1] That seems redundant to me... > > > -----Original Message----- > > From: Sean Faust [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 12, 2003 9:20 AM > > To: Exchange Discussions > > Subject: Mail Processing by Exchange vs. SendMail > > > > > > Good Morning All, > > > > I have a Unix/Linux admin that is just wearing me out with > regards to > > Exchanging being 3rd rate. Given all of the variables including > > memory, processors, etc. How much mail traffic can > Exchange process > > in an hour/day and what is the advantage if any of putting > SendMail in > > front of Exchange? > > > > His last statement was that SendMail can process more mail in one > > minute than Exchagne can process in a day. > > > > Thanks, > > > > Sean > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t ext_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
