Re: POP3 Security & SMTP Authentication
- From: "Neo - [MVP Outlook]" <Neo@xxxxxxxxxxxxxxx>
- Date: Fri, 30 Sep 2005 06:34:09 -0700
1) not sure if this is a configuration question on where to check/set
authentication options or something else. Generally the default
configuration of Exchange 2003 will require a userid/password to collect
POP3 email. The SMTP side is a little different. Assuming no changes where
made to the SMTP virtual server, then anonymous and authenticated sessions
are accepted. Anonymous is for Inbound only while anyone that can
authenticate with a valid userid/password can relay.
2/3) This really depends on the site in my opinion. For example, I believe
that any session that is going to submit a userid/password from an unsecure
network (e.g. internet) to a protected resource (e.g. Exchange), it should
be by SSL. For example, in regards to the SMTP side of the house and
knowing that some ISP/Corporate networks go to the extreme of blocking SMTP
(port 25) traffic from leaving their network from workstations (e.g. they
are enforcing that 1 uses their email servers), that it might be better to
setup a second SMTP virtual server that only accepts Basic Authentication
over SSL on port 587 (message submission port per RFC).
Outside of that, you didn't mention if this a multi-server site or just a
single server. Other considerations might include setting up a front/back
end configuration. Perhaps ditching POP3 all together and going with a more
robust RPC over HTTPS connection if the clients are all Windows XP (SP2) and
Outlook 2003(1).
/neo
(1) Most that use POP3 end up drainging their Inbox empty of messages. When
they return to the office and see an empty Inbox, freak and call IT Support
asking what happened. Once it is found that all of their mail is sitting on
a machine at home, it doesn't do them much good. RPC over HTTPs is getting
the full Outlook 2003 experience in and out of the office w/out having to
worry about POP3/IMAP/SMTP configurations.
"Obersurfer" <oncebound@xxxxxxxxx> wrote in message
news:OkT8aVSxFHA.3180@xxxxxxxxxxxxxxxxxxxxxxx
> current scenario:
> 1) all clients send/receive internal email using outlook2k3 via our
> in-house
> exchsrvr2k3.
> 2) all clients send/receive external email using outlook via an external
> pop3 & smtp server (prominic.net).
>
> desired result:
> 1) all clients send/receive all email (internal or external) using
> outlook2k3 via our exchsrvr2k3.
>
> so far:
> 1) i've started the pop3 service and cfg to auto start.
> 2) i've got pop3 & smtp ports open on the pix firewall.
> 3) i've got a test domain mx record pointing at our office's pix
> firewall/router and then forwarding to the exchsrvr2k3 ip address.
>
> questions:
> 1) how do i ensure pop3 security & smtp authentication?
> 2) what is "best practice"?
> 3) should ssl be in the picture?
> 4) what steps have i missed?
>
> thanks in advance for all the help,
> obersurfer
>
>
>
.
- Prev by Date: Re: Per user bounce back Exchange 2000
- Next by Date: Re: Per user bounce back Exchange 2000
- Previous by thread: eseutil /r never finishes
- Next by thread: Re: configuring mail accounts in outlook whit exchange server
- Index(es):
Relevant Pages
|
