Wednesday, December 12, 2007

Adding Domains to Exchange Hosting

This article explains how to add multiple domain to exchange hosting. Exchange server can be used for hosting the email account for different domains irrespective of the current domain.

For example, suppose i have implemented exchange server for domain called domain.com and user account will be xyz@domain.com. After multiple domains for exchange hosting enables to have the virtual domain email accounts such as xyz@domain1.com, xyz@domain2.com, etc.

1. Create a OU called domain1.com.

2. Create a group with the scope as Universal and type as Distribution, name it as domain1-all. Also, create an exchange email address with the same name as that of the group name(By default will have the same name).

3. Edit the domain1-all group property - edit the default smtp address from domain1-all@domain.com to domain1-all@domain1.com.

4. Create new recipient policy - name the policy as domain1.com, create new SMTP address as @domain1.com and make it as primary , leave @domain1.com as secondary.

5. Create the filter rules for domain1.com policy as below in the advanced LDAP query
(&(&(&(&(objectCategory=*)(memberOf=CN=domain1-all,OU=domain1.com,DC=domain,DC=com)))))

The analogy behind the above LDAP query is to query the object stored inside the domain1.com OU.

6. Create the GAL(Global address list) for this domain. Name the new GAL as domain1.com and in the filter rule option use advanded menu to find the Email address ends with @domain1.com option.

7. Open the ADSIEdit.msc, Choose Domain-->DC=domain,DC=com-->OU=domain1.com-->right click property-->In attribute editor section, edit uPNSuffixes to domain1.com.

8. Try to create new user, check the drop down box near the logon name button will have @domain.com and @domain1.com in the drop down list.

So we conclued that in the domain.com email server, domain1.com email domain is hosted successfully.

Thanks
Logu
logu_microsoft@hotmail.com
91-98414-99143

PIX Firewall - Basic configuration

Hi friends,

This article gives the basic configuration steps of Cisco PIX firewall series.The pix firewall is the hardware device known for delivering robust user and application policy enforcement, multivector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions.

Setting hostname:
hostname pixfirewall

Setting Domainname:
domain-name domain.com

setting the interface speed:
interface ethernet0 100full
interface ethernet1 100full

Naming the interface:
nameif ethernet0 outside security0
nameif ethernet1 inside security100

Setting the logging:
logging on

configuring interface:
ip address outside 200.200.200.200 255.255.255.240
ip address inside 192.168.2.254 255.255.255.0

configuring NAT:
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
global (outside) 1 200.200.200.201-200.200.200.200.215 netmask 255.255.255.240
global (outside) 1 200.200.200.216 netmask 255.255.255.240


enabling telnet :
telnet 192.168.2.0 255.255.255.0 inside
telnet 200.200.200.200 255.255.255.240 outside
telnet timeout 15

Setting the Telnet password:
passwd

Configuring access-list:
access-list 100 permit icmp any any
access-list 100 permit tcp any any eq www
access-list 100 permit tcp any any eq ftp
access-list 100 permit tcp any any eq ftp-data
access-list 100 permit tcp any any eq smtp
access-list 100 permit tcp any
access-list 100 permit tcp host any
access-group 100 in interface outside

Setting the Route for packet transfer:
route outside 0.0.0.0 0.0.0.0 200.200.200.200 1

saving the changes to the flash memory:
write memory

configuring the PDM:
setup - enter the related details.

Thanks
Logu
logu_microsoft@hotmail.com
991-98414-99143

Hardening Exchange server

This articles list of steps that needs to be followed in the exchange server environment for hardening.

1. Basic security best practise like antivirus,secure password,correct privillage for the users,latest service packs and patches,stopping unnessary services,event logging,monitoring,basic firewall policies,good backup and restore plan,etc.

2. Full Knowledge of your infrastructure and network layouts.

3. Status of the ports that are open in the front end.

4. Aware of different types of attacks like data theft,tampering,forgery,Denial of services,Trojon horse,Virus,Spoofing,Mail-relaying,etc,.

5. Assigning proper administrative roles and delagation policy.

6. Enabling all possible logging like audit logs,security logs,SMTP, logs,http logs,etc.

7. Use of Security configuration wizard availbale server 2003 SP1.

8. Effective usage of exchnage security template based on server roles.

9. Updating the Exchange server with related updates,patches,hotfixes,service packs.

10. Maintaining strong firewall in the front end.

11. Strong SMTP settings.

12. Intelligent spam filter or other third party spam solution products.

13. Restricting the distribution list properties.

14. Securing the client.

15. ExBPA(Exchange Best Practice Analysis tool).

Thanks
Logu
logu_microsoft@hotmail.com
91-98414-99143

POP3 Vs IMAP

POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) are two different email protocols. Both allow you to access your emails offline from your preferred email client.Both POP3 and IMAP4 has some functional difference.

POP3 vs. IMAP: Technology

* POP3 always downloads all new emails locally to your computer(by default, also can store the copy of emails in the server).
* IMAP downloads message summaries and doesn't download the entire message until you explicitly select it.

POP3 vs. IMAP: Email Inbox Display

* POP3 downloads all emails into 1 mail folder called "Inbox".
* IMAP preserves your folder structure in a main folder called "imap.domain.com".Using the IMAP protocol, all your mail stays on the server in multiple folders, some of which you have created. This enables you to connect to any computer and see all your mail and mail folders.

POP3 vs. IMAP: Multi-Computer Access

* POP3 is useful if you only access your email from one computer, since the email is typically downloaded locally (this is the default and can be changed).When you open your mailbox, new mail is moved from the host server and saved on your computer. If you want to be able to see your old mail messages, you have to go back to the computer where you last opened your mail.
* IMAP allows email to be manipulated from a desktop computer at home, a workstation at the office, and a notebook computer while traveling, without the need to transfer messages or files back and forth between these computers.

POP3 vs. IMAP: Email Storage

* With POP3, your emails can be automatically erased from the server after they are downloaded freeing up space in your account.
* IMAP keeps all emails on the server until you erase them.

POP3 vs. IMAP: Internet Connectivity

* In general, IMAP is great if you have a dedicated connection to the Internet or you like to check your mail from various locations.

* With this type of account you do not have to stay logged on to the Internet. You can log on when you want to receive and send new messages. Once your new messages have been downloaded to your computer you can log off to read them. This option is good when you connect with your modem to DAS and are charged for your connection or you have an older computer.

Thanks
Logu
logu_microsoft@hotmail.com
91-98414-99143