Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exchange 2003 vs. Sendmail Mail Routing?

Posted by Cliff on from the do-you-change-the-exchange dept.

good soldier svejk asks: "I am a unix sysadmin at a medium sized (~10,000 user) organization. We currently using Exchange 5.5 for messaging, calendaring etc., and sendmail for mail routing and relaying. We arrived at this architecture because Exchange 5.5 was neither flexible enough to route our mail nor secure enough to meet our relay control standards (my Windows counterparts tell me it has since improved it's relay control). Now we are looking to upgrade to Exchange 2003 and the boss wants to know if we can eliminate the sendmail layer. We use LDAP mail routing across multiple domains and Brightmail Anti-Spam. We have not yet implemented Active Directory. Does Exchange 2003 offer a sendmail comparable level of configurability and flexability regarding routing, access control, filtering, virtual hosting and queue management? Just as important, is the Windows 2000/Exchange 2003-SMTP combination adequately securable for use in the DMZ?"

3 of 95 comments (clear)

  1. You have a major problem. by Talonius · · Score: 5, Informative

    Exchange 2003 requires Active Directory, quite an undertaking in an organization of your size.

    I would investigate the repercussions of that requirement before moving forward with any other research or comparisons.

    --
    My reality check bounced.
  2. Re:Capabilities aside....... by 4of12 · · Score: 3, Insightful

    security debate (which can get political).

    It can get political, emotional and religious if the discussion gets away from the facts.

    Defense in depth is sound security strategy; a strategy whose soundness is manifest to people of all political persuasions.

    Let Exchange do what it's good at: storing user mail messages in a database, serving IMAP clients and helping do group calendaring.

    Switch out sendmail for qmail, which is more secure. Keeping a pure MTA like qmail costs very little in the way of setup and maintence and helps purify the traffic seen by your Exchange servers.

    --
    "Provided by the management for your protection."
  3. Lots of work... by seigniory · · Score: 3, Informative

    I'm in the same predicament here. We're a small company (~500) but handle more email than most 10,000 shops - mostly customer service-related mails.

    Anyway, first off, I'd like to say that if you have a 10,000 person organization, and you'renot running AD yet, handle that first. I'd guess that you're looking at at *least* 4 months for planning and implementation of your AD environment.

    Also, you might as well go right to Windows 2003 (AD 2.0) since Exchange 2003 can only run in an AD 2.0 environment and on Windows 2003 server.

    Finally, yes, Exchange 2003 routing is much better than 5.5 (which was hooooriiiible). Now, if you're familiar with sendmail routing, who cares? :-) The only way you're going to be able to do the Exchange 2k3 (or 2k) routing you require is to program some custom COM event sinks in a .NET language.

    If you question is "can it be done" the answer is "sure it can". Just remember that just like any major infrastructure change, it ain't gonna be easy or quick to do.

    Luckily, we were able to upgrade to Exchange 2k3 with little trouble. I'm still trying to get the hang of the custom event sinks, but it's coming along. I'm a perl guy and trying my best to use Perl.NET but there's few resources out there to help out with the nook I've created for myself.

    If you're looking for spam/anti-virus management - definitely check out Postini (www.postini.com) - they rock and are pretty cheap ($1.25/month/user). Setting us up with this service removed 4 front-end mail relays from my DMZ and dropped our spam over 90%.

    That's my $0.02.