Placement of mail server (is mail relay server needed?)

Posted on 2004-11-28
Medium Priority
Last Modified: 2013-12-04
Heres my planned network http://mvpbaseball.cc/ee3.jpg

I bought the domain name dissolvedz.com through NameSecure. Instead of using their DNS servers, I plan to use my own DNS server (as shown in picture).  so I will be hosting a website, and I will have an exchange server here.

The mail server is for internal clients. When they are outside of the facility, they will use https://owa  to access their mail.
Did I set everything up correctly? Should the mail server be placed internal? Or does it stay in the DMZ?   (im kind of confused on the placement of the mail server)

Thanks in advance
Question by:dissolved
LVL 79

Accepted Solution

lrmoore earned 2000 total points
ID: 12692064
Just my opinion, but since the Exchange server is so dependent on the AD services, it makes more sense to keep it on the local LAN and only forward smtp and https to it.
If you want to take your security one step further, then put a basic SMTP relay box in the DMZ, perhaps something with a spam filter in it, like Ironmail or something. If your firewall is a PIX, then this will allow you to keep the smtp fixup enabled (you must disable it for Exchange), and keeps you from having any direct outside-inside access to your Exchange server.

Author Comment

ID: 12692101
thanks, all i needed to know. Your answers are to the point, and easy to understand.

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question