Exchange 2003 vs. Sendmail Mail Routing?

good soldier svejk asks: "I am a unix sysadmin at a medium sized (~10,000 user) organization. We currently using Exchange 5.5 for messaging, calendaring etc., and sendmail for mail routing and relaying. We arrived at this architecture because Exchange 5.5 was neither flexible enough to route our mail nor secure enough to meet our relay control standards (my Windows counterparts tell me it has since improved it's relay control). Now we are looking to upgrade to Exchange 2003 and the boss wants to know if we can eliminate the sendmail layer. We use LDAP mail routing across multiple domains and Brightmail Anti-Spam. We have not yet implemented Active Directory. Does Exchange 2003 offer a sendmail comparable level of configurability and flexability regarding routing, access control, filtering, virtual hosting and queue management? Just as important, is the Windows 2000/Exchange 2003-SMTP combination adequately securable for use in the DMZ?"

Re:Capabilities aside.......

[4of12]

security debate (which can get political).

It can get political, emotional and religious if the discussion gets away from the facts.

Defense in depth is sound security strategy; a strategy whose soundness is manifest to people of all political persuasions.

Let Exchange do what it's good at: storing user mail messages in a database, serving IMAP clients and helping do group calendaring.

Switch out sendmail for qmail, which is more secure. Keeping a pure MTA like qmail costs very little in the way of setup and maintence and helps purify the traffic seen by your Exchange servers.