I have an Exchange server 2003 on a server 2003 r2 computer. It is currently sitting on the router as a dmz device so that remote users may attach their outlook 2007/2010 clients directly to the exchange server. This server is also acting as a web server for exchange owa and a company website.
What ports on the router would I need to open/forward to the server so that I could remove it from the dmz and afford it a little more safety behind the nat?
Also, since this server is the only device on the router/network/external ip. Would it be beneficial or acceptable to close of ranges of ports on the router and if so, which ones?