Building an MS-SA box
MW Mike Weiner (5028)
MWeiner at AG.COM
Fri Feb 20 18:06:23 GMT 2004
JP -
I appreciate the timely response, and appreciate your opinion. I was not at
all sure I wanted to use LDAP but its now "embedded" in exchange for w2k3
which is a nice means of authenticating. I will have to check into the
radius idea, I havent done it this way but will look into the suggestion.
You say you have a script for the pushes?? Mind sharing to my private
address? Also, what else are you running in addition to MS-SA??
Thanks in advance.
-----Original Message-----
From: Jan-Peter Koopmann [mailto:Jan-Peter.Koopmann at SECEIDOS.DE]
Sent: Friday, February 20, 2004 12:31 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Building an MS-SA box
> My plan is to use LDAP to do the user authentication against the
> Exchange server, thus making delivery rules and such easier to
> maintain and verify real users and trash everything else.
My suggestion: Don't. Do it the other way around. Push all valid e-mail
adresses to the MailScanner box (I posted a script to do this earlier.
Have a look at the FAQ). If you need auth, consider RADIUS instead of LDAP.
LDAP will work of course but it is quite messy and from my point of view
opens up too many possible security holes on an Exchange box.
Regards,
JP
More information about the MailScanner
mailing list