Last Minute Advice for Protecting Your Exchange Deployments

This is the final Exchange UPDATE of the year, century, and millennium; I hope it's been a useful tool for you. I also hope that this final issue makes it to you by the end of the week. Many mail gateways and routers will be shut down for the Y2K weekend with all the impending threats for e-terrorist attacks and the like. Drop me a note to tell me what you're doing to block potential threats this weekend.

These threats include virus attacks that the New Year triggers, as well as other viruses that malicious users launch just for the occasion. Denial of service (DoS) attacks might also be another popular holiday gift.

Organizations that I've talked to about this subject are doing a variety of things to protect their Exchange systems over the Y2K weekend. These solutions range from doing nothing at all to completely shutting down Exchange services on every server. I think the most popular measure users are taking is to simply shut down external SMTP gateways over the weekend. Many organizations are only shutting down Exchange’s Message Transfer Agent (MTA) to prevent the propagation of email-born attacks.

My guess is that antivirus tools and content scanners will be in full operation over the weekend, looking for specific viruses and malicious content that could make their way into your Exchange information store (IS). Some organizations are limiting incoming message size and enabling messaging tracking as an added security and troubleshooting method.

My bet is that this weekend will be mostly quiet for your Exchange Server deployments. Of course, you'll always have virus alerts to deal with, regardless of what weekend it is. Before Friday night, take time to review what your mode of operation will be over the weekend. Evaluate whether you'll use any of the above techniques to protect your Exchange servers. Last week and the previous week, I discussed some additional security information that you might add to your planning for this weekend. The security measures that you use this weekend will largely depend on your overall risk assessment. Hopefully, you've already considered these concerns before reading this column and can relax in the knowledge that your Exchange deployment is protected from attack and ready to safely roll over to Y2K. Most of all, I hope you have a safe and happy millennium celebration. Talk to you in 2000!