Author: Phil Brutsche Date: To: exim-users Subject: Re: [Exim] OT - Why you should not put Exchange on the Internet.
Steve Thomas wrote:
> I don't work with Exchange, so I can't say that this is a verified
> fact, but I read somewhere (NANOG maybe?) that Exchange requires SMB
> communication with the client. That in itself would be enough to
> convince me not to put it on the 'net.
I can verify that to be the truth (we're about to contaminate our office
with Exchange 2003).
Outlook, when used as an Exchange client, needs to communicate with the
Exchange server on TCP port 135 - the infamous Windows RPC port. Not
all traffic is on port 135, however - it also negotiates alternate port
numbers.
Note that if you're using Outlook 2003 on Windows XP you also need to
worry about what ammounts to XML-RPC over SSL.
> If they're concern is having access to their Exchange calendars and
> other stuff, use the web client - "Outlook for the web" or some such
> thing. I believe it comes with Exchange.
That's not even safe, 'cause then you're exposing IIS to the 'net ;)
