RE: Message Screener vs. GFI - First time setup...
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 17 Mar 2005 09:12:46 -0400
I never said nuffin!!!!
-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, March 17, 2005 2:31 AM
To: ISA Mailing List
Subject: [isalist] RE: Message Screener vs. GFI - First time setup...
http://www.ISAserver.org
> Yes, I don't mind having remote clients change an IP. Is there a
> reason
why
> you chose port 587..?? Is this a common practice?
>
> I assume then that if something comes in on the standard SMTP port,
there's
> no way to differintiate between an SMTP server sending mail and a
legitimate
> user relaying mail. Correct?
Port 587 is the proposed RFC for an alternative port for SMTP
Authenticated users only. I am not sure exactly which e-mail servers are
actually capable of only accepting outgoing e-mail via port 587 from
authenticated users, but the intent is that an answer to all the zombies
out there spewing filth through the unknowning users ISPs mail servers.
Many ISPs are now blocking outbound port 25 in an attempt to quelch or
stem the flow of that filth from their networks.
What some of us are planning is that we would have 2 or more gateway
SMTP servers that are the MX records and accept all incoming e-mail from
the Internet. Those gateways then forward the messages to the production
or backend server for delivery to uses. That production or backend
server would only accept e-mail from either the gateway servers or from
authenticated users via port 587.
I have now probably explained more than what most Exchange admins
understand, but in this day and age, you can not just administer the
Exchange server. You have to understand and interact with DNS, SPAM,
Viruses, other e-mail admins and so forth.
Do the production e-mail servers you have support LDAP? If so, you best
bet is to use a gateway server that can make LDAP queries to update a
user database, either in realtime or scheduled.
I have not used GFI MailSecurity or Mail Esentials, but the MS IIS SMTP
message screener is not an option for you.
If you are interested in other options, you can contact me off list for
some recommendations. The reason I am saying this is because you are
obviously an ISP or ASP and this goes beyond the intend scope for this
list.
And no Steve, I am not going to try selling him my services. With 1000
domains, he needs a dedicated box as the gateway, or even 2 gateways.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
The haggis is unusual in that it is neither consistently nocturnal nor diurnal,
but instead is active at dawn and dusk (crepuscular), with occasional forays
forth during the day and night.
Other related posts:
