Port 110, exchange, email, outlook

Hi guys/gals.

I have a request to open port 110 so that some of the company directors can download their emails to local system.

I need to know what are the security complications? we have secure email access. but this one director is really pushing for it. new to the board. anyways, we need to get a policy out, new company getting many things up.

other question can you isolate who can access port 110, or if you open it, its free for all?

pros/cons... etc....

thanks

server is 2008R2 and exchange 2007.
LVL 1
AncientsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

boraganeshCommented:
you can provide security for port110 to access with authntication user/pass
0
sunnyc7Commented:
If you have POP3 service running on Exchange 2007, the try opening Port 995 - instead of 110.

995 = POP3 over SSL

Check the guide here
http://technet.microsoft.com/en-us/library/aa997290(EXCHG.80).aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MegaNuk3Commented:
Or just drop POP3 and use Outlook Anywhere or OWA
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

AncientsAuthor Commented:
We have outlook anywhere configured. and OWA. the user is being very difficult. they pretty much are demanding this. we seem to have a fair few users that just dont care about network security, and we hold very high level secure information. worse when you have members of the board not caring about risks. we put forward all this.

we are going to implement a UAG solution for improved network access. but these users only have mail access. and they dont want to use owa. if you open the port. 110 or 995, can you manage/limit who can use this?

AJ
0
sunnyc7Commented:
I try to avoid port 110 and have everyone come in through the SSL on 995.

Just apples to apples comparison -> 995 - POP3/SSL is much more secure than just naked SSL.
they wont know the difference,
Just tell them its your POP3 with SSL,
outlook / mac clients - need to configure port to 995 and check the box where it says SSL

0
MegaNuk3Commented:
Yep you can restrict individual users as to who can use pop and who can't.

I would still push outlook anywhere as that doesn't involve downloading messages from the server and OST (if used) is more secure than PST. PSTs shouldn't be allowed if you can help it.
0
boraganeshCommented:
you can do it
0
AncientsAuthor Commented:
All provided great answers, and most allocated to most vital information for my needs.

Thanks heaps all

AJ
0
lentinsunCommented:
If u r directing ur traffic through ubuntu based free Squid proxy server ..i think u can achieve ur requirements with more security.  good luck....
0
MegaNuk3Commented:
Thanks for the points. Good luck
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.