Re: secure webmail and firewall issues...

[Alex Hague]

Why not have an SSL Relay & Reverse Proxy on a DMZ, and then on your
internal network have an Outlook Web Access Server and an Exchange server. 
Let SSL through your firewall only to your SSL Relay.

Communication between your DMZ and people on the road is encrypted by the 
SSL Relay, then the SSL relay can also be setup to do reverse proxying to 
your internal network's OWA server which can use NTLM Authentication (which 
it can verify against your exchange server, which can verify against your 
PDC).

This way all communications travelling over the internet are encrypted, and 
your users on the road just need to have a browser installed. Also it keeps 
your OWA and Exchange server on your internal network, and you don't need 
trust relationships etc.

The SSL Relay & Reverse proxying can be done using Apache compiled with mod 
proxy and mod ssl.

Cheers,
Alex

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]