Link to home
Start Free TrialLog in
Avatar of cmuir
cmuir

asked on

SMTP relay in DMZ a bad idea?

Hi we have a web server in our DMZ and someone wants to send mail straight from it out onto the internet. Their suggestion is to enable SMTP on that server and use it that way. My instincts say its not a good idea so I am looking for some guidance as to whether this is ok? We don't have any exchange servers in the dmz but do have lots of 2k3 on this side we could use. Its just whether we can do without having smtp enabled on web box in dmz. Or is there a standard way that people suggest?

Cheers

Charlie
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image

If the box is protected by a firewall then it shouldn't be a problem.
Although what I tend to do is use the ISPs SMTP server.

Simon.
Avatar of Exchgen
Exchgen

Charile,

If its just one user, why not add his/her ip to the SMTP relay tab of the issue box....

This way only that individual would be able to relay...

Raghu
Avatar of cmuir

ASKER

it is an automated form on a website - not sure that would be possible or best practice would it if the web box was in the DMZ and Exchange was on the local LAN?
ASKER CERTIFIED SOLUTION
Avatar of Exchgen
Exchgen

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cmuir

ASKER

so i can do that within IIS then - do you know of any documentation that shows how this can be achieved?
If you are using Windows 2003, then you have to base it on two articles:

http://support.microsoft.com/default.aspx?kbid=293800
http://support.microsoft.com/default.aspx?kbid=324272

Simon.