You do not need port 53 open as long as you have an external DNS server you can poll for look ups. http://www.microsoft.com/downloads/release.asp?releaseid=43997 -----Original Message----- From: ONG Liang Bu (CSC) [mailto:lbong@xxxxxxxxxx] Sent: Monday, November 11, 2002 6:30 AM To: [ExchangeList] Subject: [exchangelist] Why Frontend server need TCP port 53 http://www.MSExchange.org/ Need an answer for this to the management. For the Frontend - Backend configuration as this technet article http://support.microsoft.com/default.aspx?scid=kb;en-us;280132 Management is asking on TCP/UDP port 53 that needs to be open up. For UDP 53 is the name queries so no issues, but for TCP 53, is asking for DNS zone transfer which violate some security issue. Anybody knew why need TCP port 53? From the article the frontend server is not running DNS and has to go back to the DC for DNS queries, stuck in this for the past 2 days, any reason? anyone? Thanks, much appreciated. Ong LB Exchange Admin National Institute of Education Nanyang Technological Univeristy Singapore This communication (including any attachment) is meant only for the recipient(s) named above and may contain confidential or legally privileged information. If you are not an intended recipient, this communication has been sent to you in error and you must delete all copies of this communication from your computer system and notify the sender immediately by reply email. Unauthorised use, disclosure, dissemination, distribution, retention, copying or reliance on this communication is prohibited and may attract civil and/or criminal penalties. Thank you. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: matthew.whitaker@xxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ** Confidential ** The information in this email is confidential and may be proprietary or legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, please reply to the sender that you received the message in error and then delete or destroy the message along with any attachments. Thank you.