Re: [Exim] OT - Why you should not put Exchange on the Inter…

Página Inicial
Delete this message
Reply to this message
Autor: Richard Welty
Data:  
Para: exim-users
Assunto: Re: [Exim] OT - Why you should not put Exchange on the Internet.
this seems awfully offtopic, but i'll chip in anyway.

On Thu, 22 Jan 2004 18:49:54 -0600 Phil Brutsche <phil@???> wrote:
> I can verify that to be the truth (we're about to contaminate our office
> with Exchange 2003).


> Outlook, when used as an Exchange client, needs to communicate with the
> Exchange server on TCP port 135 - the infamous Windows RPC port. Not
> all traffic is on port 135, however - it also negotiates alternate port
> numbers.


this is true if you use MAPI. Outlook can (or used to be able to) use ordinary
pop3 and imap w/o going into these modes, and Exchange used to be able to
talk pop3 and imap ok. it's been a few years since i fought with this stuff,
though.

> > If they're concern is having access to their Exchange calendars and
> > other stuff, use the web client - "Outlook for the web" or some such
> > thing. I believe it comes with Exchange.


> That's not even safe, 'cause then you're exposing IIS to the 'net ;)


i have one client i set up with an OpenBSD/Apache web server
in their DMZ, proxying only certain URLs to the Internet Insecurity
Server on the inside. this mitigates a lot of the M$ braindamage,
as some of the most infamous IIS exploits involved poking at certain
double sekrit URLs that nobody knew IIS responded to.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security