Exchange 2000 in the Enterprise: Tips and Tricks Part One
What is the best way to deploy Exchange 2000 in your enterprise? There is, of course, no right answer to that - but hey, I needed an intro.
The Mighty Chris Webber covered securing Exchange 2000 in a DMZ configuration in a series of SecurityFocus articles that makes for great reading. In this two-part article we will discuss an alternate configuration in which we will utilize Microsoft's Internet Security and Acceleration (ISA) Server, a third party SMTP Gateway (Trend Micro's Internet Messaging Security Suite) and Exchange 2000. This sort of configuration is flexible enough to be used in smaller installations that do not use a DMZ, or as part of the DMZ configuration itself.
Email seems simple on the surface, but securing a messaging topology is a complex task. We must consider attacks against the mail services themselves, malicious content within the mail, security issues with remote and Web access, and even information leakage via mail headers. Our goal in the following examples is to address as many of these concerns as possible while maintaining a system that is not a nightmare to administer. So let's get to it.
[ Read more ]