Re: [FW-1] exchange 2003 best practices

Subject:	Re: [FW-1] exchange 2003 best practices
From:	"Covington, Chris" <ccovington AT PLUSONE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 25 May 2004 17:22:28 -0400

Tell them to install a postfix relay server in your DMZ to take care of
relaying and other misc. MTA-related issues.  I wouldn't trust the
firewall's SMTP security server.

Chris

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Matt
Arntsen
Sent: Tuesday, May 25, 2004 2:43 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] exchange 2003 best practices

In an attempt to limit email relaying, I was wondering how others have
set up their email routing with an exchange 2003 email server in
conjunction with their NG-AI R55 firewall. What is the best way to set
it up? I currently have a static NAT rule to send all email inbound. Our
email engineers want to prevent relays and are convinced it is the
firewall's responsibility. The also want to limit authorized IP
addresses which can connect to the email server. The problems I see with
this is that you cannot block the Internet from sending you an email.
Perhaps I am wrong but I keep telling them it is the function of the
email server to only allow emails destined to our domain and refuse all
others rather than forcing the firewall to do this. Perhaps I am wrong
and so I am hoping I can get some feedback. Thanks!





Matt


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] exchange 2003 best practices, Matt Arntsen Re: [FW-1] exchange 2003 best practices, Robert Plaenk Re: [FW-1] exchange 2003 best practices, Sean Donaghey/HDGH Re: [FW-1] exchange 2003 best practices, daniel owen Re: [FW-1] exchange 2003 best practices, Wayne Ho Re: [FW-1] exchange 2003 best practices, Covington, Chris <= Re: [FW-1] exchange 2003 best practices, Davis, Nathaniel

Previous by Date:	Re: [FW-1] exchange 2003 best practices, daniel owen
Next by Date:	[FW-1] R55 HFA05 on its way + IPSO 3.8, Ray Pesek
Previous by Thread:	Re: [FW-1] exchange 2003 best practices, Wayne Ho
Next by Thread:	Re: [FW-1] exchange 2003 best practices, Davis, Nathaniel
Indexes:	[Date] [Thread] [Top] [All Lists]