Advice required regarding conneting an exchange server behind a firewall and forwarding ports
Posted on 2005-04-04
In my quest for greater stupidity and knowledge, I am putting a proposal to my boss for new services and hardware.
What we run now:
Inet ---- cable modem --- Router ---- LAN --- PC's and w2k Server with exchange and SQL
What I want to do is bring our website in house, and bring our mail in as well using a DSL service and a second router.
Inet ---- cable modem --- Router 1 ---- LAN --- PC's and w2k Server with exchange and SQL
Inet ---- DSL modem ---- Router2 ---- LAN (forward ports on Router2 to the w2k server for mail in and out, maybe a webserer on Router 2 as well)
Some useful notes:
1. We have been running our current setup for approx 3-4 years. We have had no virii or other attacks on our w2k server.
2. The routers are only able to handle one ISP connection at a time. (I don't have a problem running two routers)
My questions are related to other people's experience similar to my proposed network:
Has any-one had any direct hacker or virus attacks on a windows server by having the mail port(s) forwarded per the diagram above? (I do not include Virii that are mail attachments to users on the network in this)
Or can any-one forsee potential harm? If need be, I will install a mail server on Router2 as well and have our exchange server collect mail via pop3 (current operation but pop3 server is not on our site)