just putting out some feelers to get some info on the best way to re-structure our Exchange Architecture.
We currently have 3 mail servers in out Organisation. these provide OWA/OMA to users as well as normal MAPI connections. They sit on the internal network. We have a Fortimail Anti-Spam device that sits in our DMZ that is the INCOMING SMTP server for our domain. All OUTBOUND mail is sent straight from the exchange boxes to the internet.
We want to re-architect our exchange organisation. One thing we want to acheive is a more secure Front-End Back-end system.
Does anyone have any best practices on how to acheive this? Also, i am a little unclear on how the Anti-Spam device will fit into the design.
I would want all incoming SMTP messages to go through the AS box, but all OWA and OMA etc. requests to go through the Front-end servers, which would also sit in the DMZ.
Any info on this, things to watch out for or recommendations would be excellent,