Another way (particularly if you already have an SMTP connection to your
Exchange server in place) is to place your OWA box on your internal LAN and
reverse-proxy it through your proxy server / firewall.
Interestingly enough, a discussion about the pros and cons of both methods
just took place on another mailing list, dealing with MS Exchange. I prefer
the method outlined above, as it's easier to implement, and secure enough
for almost anyone. It's the method I'm presently providing for my users to
access their Exchange mail.
Brian Steele
----- Original Message -----
From: Roy <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, 29 February, 2000 4:04 PM
Subject: Re: Security of MS Exchange access via the Internet
> Yes, it can be done.
>
> For best security, place IIS/OWA on a separate box on the DMZ and while
> you're at it, put an SMTP server there for communication with your
internal
> Exchange Server so you can close up Port 25 into the LAN.
>
> Of course, getting the IIS/OWA box configured for communication with the
> Exchange Server in this manner is a study in great patience. Please let
me
> know if you would like a helping hand...
>
> Roy.
>
>
> >>> The organization is studying the idea of allowing access the the
> corporate
> Exchange server via the Internet - going through IIS via an SSL connection
> first.
>
> >>> Can this be done securely? Has anyone done this? What problems are
> likely to be encountered?
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
