Re: Security

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 12/17/04

• Next message: cgp77: "Cannot send mail to a specific address"
• Previous message: Joe: "Re: VPN difficulties with netgear adsl router D824M"
• In reply to: Colin T: "Security"
• Next in thread: Colin T: "Re: Security"
• Reply: Colin T: "Re: Security"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 17 Dec 2004 12:42:41 -0800

Pro POP = no ports open
Pro SMTP - can't use Exchange IMF filter

POP - password is sent to ISP in clear text.. if the mailbox password is
the same as your domain password.. you are shipping over the web

POP - gunky email can clog up box

POP - have to buy third party program if you want a <15 minute pull

SMTP is an issue if you use stupid passwords... DON'T DO THAT.

I would argue that Remote web workplace has IMHO the ability to be
"less" exposed than an VPN. If you are opening VPN, you are already
opening a risk factor just as large as SMTP. You have a port open there.

You do realize that CISCO pix firewalls need maintenance and patching,
right? I personally would sandwich the Cisco and have two nics and keep
the ISA to ensure egress filtering...but that's just me :-)

Colin T wrote:
> Hi all,
>
> I haven't as yet set up an SBS box but intend to do so soon. I have read
> many of this newsgroups postings and have picked up numerous tips which will
> no doubt help me when I come to start using SBS 2003. I still have
> reservations about opening/forwarding ports to allow the SBS box receive SMTP
> mail as opposed to using the POP3 connector. Can anyone shed any light on the
> pro's and con's of using SMTP as opposed to the POP3 connector ? My first
> choice would be the POP3 connector simply because I would not have to open
> any ports. I intend to install my SBS machine with 1 NIC and use a Cisco PIX
> Firewall for perimeter security and will use this device to enable any VPN's
> required. My intended topology will be :
>
> Internet -> DSL Router -> Cisco PIX -> Switch ->SBS Box & Clients
>
> OWA will not be required by my client and neither will RWW. My client who
> needs SBS has extremely confidential medical data and this is my reason for
> not wanting to open up any ports. Incidentally, my client only has 5 mail
> addresses to collect. Any comments welcomed :) TIA.
>
> Regards Colin.

• Next message: cgp77: "Cannot send mail to a specific address"
• Previous message: Joe: "Re: VPN difficulties with netgear adsl router D824M"
• In reply to: Colin T: "Security"
• Next in thread: Colin T: "Re: Security"
• Reply: Colin T: "Re: Security"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint