I have a customer who will not use Office 365 and has an Exchange 2016 server on a shoestring budget, they will not go for an Exchange Edge Server or WAP though I did get them to buy a firewall (Sonicwall)
I want to implement HTTP redirect for the OWA service and would like to know if opening port 80 on the Exchange server makes it significantly more vulnerable or is it a definite NO-NO.
I know there is a scale of security and normally I wouldn't do this but the client wants people to access webmail through webmail.company.com for ease.
One option I thought if it's possible it to spin up a basic VM in Azure to act as a redirect. Would that be better?
Cheers, as always I welcome input.