Building an MS-SA box

Jan-Peter Koopmann Jan-Peter.Koopmann at SECEIDOS.DE
Fri Feb 20 17:31:25 GMT 2004


> My plan is to use LDAP to do the user authentication against 
> the Exchange server, thus making delivery rules and such 
> easier to maintain and verify real users and trash everything else.

My suggestion: Don't. Do it the other way around. Push all valid e-mail
adresses to the MailScanner box (I posted a script to do this earlier.
Have a look at the FAQ). If you need auth, consider RADIUS instead of
LDAP. LDAP will work of course but it is quite messy and from my point
of view opens up too many possible security holes on an Exchange box.

Regards,
  JP




More information about the MailScanner mailing list