Firewall filtering

Firewall filtering

Post by Jody Green » Sun, 01 Sep 2002 22:40:03



I want to filter everything to and from my Exchange 2000
server throught a Novell NetWare 6, BorderManger 3.7
firewall, except for the following:

- http
- SMTP connector
- Outlook Webaccess

What ports are required (other than the norm) for this to
work. I am shutting down all other ports to this Exchange
server.

Thanks,
Jody

 
 
 

Firewall filtering

Post by Lanwenc » Sun, 01 Sep 2002 23:19:33


Port 80 for HTTP
Port 443 for SSL (preferable over 80)
Port 25 for SMTP

If you have people accessing the server via POP remotely, you also need to
open up 110.


Quote:> I want to filter everything to and from my Exchange 2000
> server throught a Novell NetWare 6, BorderManger 3.7
> firewall, except for the following:

> - http
> - SMTP connector
> - Outlook Webaccess

> What ports are required (other than the norm) for this to
> work. I am shutting down all other ports to this Exchange
> server.

> Thanks,
> Jody


 
 
 

1. Firewall filtering ESMTP/relay authorization?

Is it possible that if my firewall removes the Authenication headers  it
could cause the authentication not to work and make exchange give a
rejection notification? Here are the logs. Relaying works as long as the
restrictions are blank, as soon as the IP address or Auth. restriction is
placed then the relay is rejected. I am at a loss.

smtp-proxy[2043] [199.1.78.56:1376 192.168.40.12:25] removing ESMTP
keyword "XEXCH50"
smtp-proxy[2043] [199.1.78.56:1376 192.168.40.12:25] removing ESMTP
keyword "ETRN"
smtp-proxy[2043] [199.1.78.56:1376 192.168.40.12:25] removing ESMTP
keyword "DSN"
smtp-proxy[2043] [199.1.78.56:1376 192.168.40.12:25] removing ESMTP
keyword "AUTH"
smtp-proxy[2043] [199.1.78.56:1376 192.168.40.12:25] removing ESMTP
keyword "AUTH=LOGIN"
smtp-proxy[2044] [199.1.78.56:1378 192.168.40.12:25] removing ESMTP
keyword "XEXCH50"
smtp-proxy[2044] [199.1.78.56:1378 192.168.40.12:25] removing ESMTP
keyword "ETRN"
smtp-proxy[2044] [199.1.78.56:1378 192.168.40.12:25] removing ESMTP
keyword "DSN"
smtp-proxy[2044] [199.1.78.56:1378 192.168.40.12:25] removing ESMTP
keyword "AUTH"
smtp-proxy[2044] [199.1.78.56:1378 192.168.40.12:25] removing ESMTP
keyword "AUTH=LOGIN"

Thanks in advance....
Brent Perez

2. OWA for the organization

3. FIREWALL FIREWALL FIREWALL

4. error 1025 continued...

5. users to send ONLY internal mail

6. Converting from Unix mail server to MSE Server...

7. Filtering Exchange messages at the firewall level

8. Spam filter (Norton a/v filtering)

9. SPAM filtering via message filters: mass import?

10. Exch 2003 Issue: Sender Filter Archiving with Connection Filter Enabled