RATE THIS ANSWER
0
Click to Vote:
0
0
Last Answered:
Feb 9 2008 0:52 AM GMT
by Wrobinson
You are using what is called 'split-brain DNS' -- that is having both your internal and external DNS name spaces as "abc.com". This is fine but requires some amount of administrative overhead to maintain, to prevent internal requests from traversing the WAN for requests such as "www.abc.com". That, however, is not the focus of this question.
By default Exchange 2003 and 2000 will use DNS for sending messages. You can alter this behavior by configuring the Exchange Virtual Server(s) to use a smart host instead. To receive messages, you need to have your ISP setup host (A) and mail exchanger (MX) records that point to your Exchange server or an edge filtering/security device that in turn relays traffic to your Exchange server.
It is highly recommended that you do not expose your Exchange server to the Internet directly. Instead, place an edge screening/filtering device between it and the Internet which should itself, sit behind a firewall. If you can envision this, traffic would come from the Internet to the firewall and get redirected to the edge screening/filtering device and in turn to the Exchange server. You can reverse this process for sending messages though it is less critical; however, it isn't good for infected messages to get sent to recipients, so you may wish to perform screening/filtering on outgoing messages just the same.
You also need to ensure that your server is not configured as an open relay. See the following article for more information:
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm.