Non-ISA server secure remote access to Exchange 2003
Posted on 2006-03-23
I have seen a lot of good posts about remote email access to an internal (behind firewall) Exchange 2003 server. Thank you all for your excellent input!
I am faced with the same thing. I am bringing small business email from a hosted solution to on-site Exchange 2003 box.
The facts are:
1. Remote access is only by 3-4 out of 30 users. This remote access is part time (home and when travelling)
2. They prefer POP3, as it is the current method to acces ISP hosted server. I would leave messages on the server.
3. I do not think adding ISA 2004 is justifiable. It could sit between DMZ and internal.
4. This leaves me with incoming remote connections to an internal server behind firewall. (not my first choice).
5. I understand that RPC over HTTP is an option.
6. I understand that Secure POP3 is an option
With 5 or 6 does the SSL provide authentication protection, or just transport encryption? I assume if this was done with a pre-shared key then more authentication protection would be present? I am trying to determine the best way to mitigate risk of having the Secure POP3 port accept connects from the world.