RE: SBS and smtp service using Exchange

• From: "Wayne Small" <wayne@xxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sat, 26 Oct 2002 16:02:41 +1000

Peter,
 
Microsoft have done a pretty good job with SBS to make it all work on one box.  
The fact that you can telnet to port 25 is not an issue as you need this port 
open to allow incoming mail via SMTP.  The telnet service on the server is a 
totally different item and works on a different port altogether.  Using telnet 
from a client PC to get to port 25 simply shows that your server is in fact 
working and is not a security risk.  with SBS if you run the Internet 
Connection Wizard and close off the ports you do not need then you are prettty 
safe.
 
Yes having a seperate ISA box in front of SBS would be safer given that it 
would not be a domain controller, but again this would cost more $$$ and hassle 
to get it working - not really the type of thing that SBS was marketed towards.
 
Regards, 
Wayne Small   SBS MVP
MCSE+I,  MCSE 2000 
Correct Solutions Pty Ltd 
  
Check out www.sbsfaq.com for more SBS FAQs and information. Contributions 
welcome! 
-----Original Message-----
From: Peter Forster [mailto:pforster@xxxxxxxxxx]
Sent: Saturday, 26 October 2002 1:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] SBS and smtp service using Exchange


http://www.ISAserver.org


Hi yes I appreciate that the SMTP service had to be running on Exchange. With 
SBS the Exchange and ISA are on the same box, a perimeter box.
This makes me vulnerable with being able to telnet to this box on port 25, even 
though my telnet service is not started.
I imagine the most secure is to have the ISA box on the perimeter, then publish 
to an internal server. I have this working successfully on another site.
That ISA box does not have the SMTP service running it publishes to the 
internal server that is a SecureNAT client. If I was to start the SMTP service 
on that box I would get a relay problem happening. Got to love this stuff.. I 
do!
Thanks, 
Peter
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
wayne@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » SBS and smtp service using Exchange
• » RE: SBS and smtp service using Exchange
• » RE: SBS and smtp service using Exchange

1. Home
2. isalist
3. Archive
4. 10-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---