RE: ISA 2004 Enterprise Edition and SMTP

From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Tue, 24 Jan 2006 14:10:15 -0600
Hi Gerald,
 
Another lovely example of the "network guys" subverting the company's
(one that I pay big money for in your example) security posture.
 
Its not really routing, unless you have a Network Rule setting a Route
relationship between source and destination.
 
GFI works fine, what specific concerns do you have?
 
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls
**Who is John Galt?**

 


________________________________

        From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] 
        Sent: Tuesday, January 24, 2006 1:59 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] ISA 2004 Enterprise Edition and SMTP
        
        
        http://www.ISAserver.org
        

        I have a couple of quick questions regarding the subject
heading. :-)

        If you use ISA 2004 EE and publish an SMTP server, there are two
options for handing forwarding.  These are:

        Requests appear to come from the ISA Server computer

        Requests appear to come from the original client

        If you choose the "Requests appear to come from the original
client" option, is ISA just simply routing the traffic back to the
published server or does the traffic stop at the ISA server before final
delivery to the published server?

        And if you are publishing an SMTP server from the internal
network through ISA, would a 3rd party application like
GFIMailEssentials still be able to work if it was running on the ISA
server that's publishing the SMTP server?

        Our environment is far from an ISA ideal since it's being used
by the federal government.  Our network topology looks like the
following:

        Hardware firewall -> ISA -> hardware firewall -> internal
network

        The government controls the hardware firewalls where I control
the ISA firewall.  The original goal here was to "enhance" our SMTP
gateway sitting in the DMZ by utilizing ISA.

        Cordially yours,

        Jerry G. Young II

          MCSE (4.0/W2K)

        Atlanta EES Implementation Team Lead

        HHS Engineering

        Unisys

         

        11493 Sunset Hills Rd.

        Reston, VA 20190

        Office: 703-579-2727

        Cell: 703-625-1468

        THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE
PROPRIETARY MATERIAL and is thus for use only by the intended recipient.
If you received this in error, please contact the sender and delete the
e-mail and its attachments from all computers.

        

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Visit TechGenix.com for more information about our other sites:
        http://www.techgenix.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx
RE: ISA 2004 Enterprise Edition and SMTP

Other related posts:
