Troubleshooter: Replacing a UNIX SMTP Relay Host

What's the best way to replace a UNIX SMTP relay host? Should we use the Windows SMTP service or an Exchange Server 2003 or Exchange 2000 Server server?

Most of the time, you use a relay host to segregate SMTP routing from the internal network. Ideally, a Windows relay host wouldn't be a domain member. By restricting the system in this way, you can prevent an attacker from using the relay host, even if it's compromised, as a springboard to attack the domain. If you just want a basic machine that will accept SMTP traffic and send it to your Exchange server, you don't need Exchange 2003 or Exchange 2000; you can use a Windows server. Of course, if you want to gain the extra functionality of Exchange's SMTP engine, which does a lot of things that the Windows SMTP service can't do, you can still use a Windows relay host to pass SMTP traffic to the Exchange server. If you plan to use Exchange to relay SMTP traffic, make sure that you use Exchange 2003, which has much better default security than Exchange 2000.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.