msft exchange

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I saw some unanswered posts, asking about tunneling/port forwarding (or
otherwise securing) Microsoft Exchange.

Has anyone managed to secure the link between an Exchange server, and
Exchange clients?
This should happen, even in the presence of a not particularly secure
email connection between the Exchange server and the internet (I do not
see a feasible fix for that).

Here are the issues I see:

First, Exchange opens at least around 20 ports.
Many I do not care about, such as NetMeeting video/audio. However, I do
care about calendaring.

Second, it /looks/ that Exchange works much like FTP, where a static
control port is opened, and then dynamic ports, above 1024 are opened
back to the *clients*.
Can reverse port forwarding work here, to serve *multiple* clients?

Third: the solution to the second problem seems to be, to modify
registry settings, so that the dynamic reverse ports are limited to a
static range. However, registry settings seem to vary with each version
of Exchange.

Alternate to the third issue, is that I understand the dynamic reverse
ports to be opened by RPC. Exchange v2003, only, has RPC over HTTP
technology. Perhaps this is a better, albeit less portable solution?

I'd also enjoy hearing about similar solutions, including SSL and
Firewall setup.

Re: msft exchange

A VPN seems better approach here, given the complex and fragile nature of
a forwarding solution.

  Richard Silverman

Site Timeline