• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange in the DMZ

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Installation >> Exchange in the DMZ Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange in the DMZ - 15.Sep.2011 6:19:30 AM   
trebor

 

Posts: 4
Joined: 7.Aug.2008
Status: offline
Hello

I'm looking at options for replacing an old Mimesweeper server we use as the external facing part of our Exchange system. I thought that we could just put an Exchange server in the DMZ, but I'm not entirely sure after reading this:

http://blog.sembee.co.uk/post/Why-you-shouldnt-put-Exchange-2003-in-a-DMZ.aspx

Alternatives are Exchange in the trusted part of the LAN and a NAT rule to allow incoming and outgoing connections - we use a 3rd party as the public face of our email so the firewall would only allow connections to them.

Or use IIS SMTP connector on a server in the DMZ. Problem with this is that it only supports a single smart host and the 3rd party we use has 2 gateways that we need to use.

Any thoughts?

Thank you.
Post #: 1
RE: Exchange in the DMZ - 15.Sep.2011 7:49:22 AM   
mark@mvps.org

 

Posts: 6811
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
You could look at putting a 2010 Edge server into the DMZ. You wouldn't get full functionality but it's something people have done in your position before.
Ideally you'd spend the money that you're budgeting for the mimseweeper replacement on a 2010 server and get slightly more up to date but if you can't do that the Edge is an option.

_____________________________

Mark Arnold (Exchange MVP)
List Moderator

(in reply to trebor)
Post #: 2
RE: Exchange in the DMZ - 15.Sep.2011 8:30:17 AM   
trebor

 

Posts: 4
Joined: 7.Aug.2008
Status: offline
Thanks for the answer.

I like the idea, but I will need to get some Exchange 2010 skills in the team before I can roll it out.

Oh and I need to get TLS for communication between us and the 3rd party.

< Message edited by trebor -- 15.Sep.2011 8:31:41 AM >

(in reply to mark@mvps.org)
Post #: 3
RE: Exchange in the DMZ - 15.Sep.2011 8:40:02 AM   
mark@mvps.org

 

Posts: 6811
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
Yeah, TLS will take some up-skilling to make sure you can troubleshoot any glitches when they arise.

_____________________________

Mark Arnold (Exchange MVP)
List Moderator

(in reply to trebor)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Installation >> Exchange in the DMZ Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter