I second that. To install Exchange in the DMZ is a pain that requires other supporting infrastructure (NT domain for example) and since you're not installing the other services you would have an easier time securing a Windows 2K/3 SMTP relay in the DMZ. Al -----Original Message----- From: Will Taborda [mailto:wtaborda@xxxxxxxxxxxx] Sent: Wednesday, February 11, 2004 1:26 PM To: [ExchangeList] Subject: [exchangelist] RE: Installing a second Exchange 5.5 server in our DMZ http://www.MSExchange.org/ As an alternative maybe you can use the SMTP service that comes with Win2k. You can allow your apps to relay by allowing relay through IP or authentication. Its simpler and cheaper than using Exchange. Just a thought. Will -----Original Message----- From: Greg Hermida [mailto:ghermida@xxxxxxxxxxxxxxx] Sent: Wednesday, February 11, 2004 12:52 PM To: [ExchangeList] Subject: [exchangelist] Installing a second Exchange 5.5 server in our DMZ http://www.MSExchange.org/ My boss would like to turn on relaying on our one and only Exchange server for application purposes. He has proposed installing a secondary exchange server in our DMZ. I believe I can get away with only the DMZ IMS configured to transfer "inbound only", delivering messages by "forwarding all messages to host" (using the IP of the internal exchange server), and rerouting incoming SMTP mail to our email domains to "inbound". I would like to have as many other exchange functions as possible on the DMZ exchange server to be disabled or deleted (public information store). Is there anything else I need to do to get the DMZ exchange server to function simply as a '"forwarding" SMTP server?? Both are on Win2k servers, running 5.5 Enterprise, and internally we have a NT 4 domain. Thanks, Greg CONFIDENTIALITY NOTICE: This E-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized retention, review, printing, copying, disclosure or distribution is prohibited. If you are not one of the intended recipients, please contact the sender by reply e-mail or phone, destroy all copies of the original message and keep the information contained here confidential. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------