
#-----------------------------------------------------------------------
# DESCRIPTION
#-----------------------------------------------------------------------
#
# This module allows Exchange clients (Outlook, Exchange, etc.) to 
# access a Microsoft Exchange 5.0 or 5.5 server. Note that new message
# notification uses a separate module, as it requires all outgoing
# high udp ports to be opened to the client, as the client uses a
# random high udp port to listen to, and tells the Exchange server
# which port to use doing initial login.
#
# This module enables the Microsoft RPC mapping port (135) which could
# be regarded as a significant security risk. Use with caution.
#
# Note that the Microsoft Exchange server _MUST_ be configured to use
# static ports on the Information Store and Directory Service. Refer to
# Microsoft Technet articles Q155381 and Q148732 for details:
#	http://www.microsoft.com/technet/support/kb.asp?ID=155831
#	http://www.microsoft.com/technet/support/kb.asp?ID=148732
#
# After installing the module, the user should execute rc.firewall with
# the --update-config parameter. The necessary options will be added to
# the configuration file.
#
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2001-05-15  Dougal Holmes <dholmes@bigpond.net.au>
#             Initial version
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 3
#a# accept
#i# cluster
#n# exchange
#t# servers
#
#   |--------------------------------------------------------------------|
#d# Allows Outlook and Exchange clients in a cluster to connect to a
#d# Microsoft Exchange 5.0 or 5.5 server. Note that the Exchange server
#d# MUST be configured to use static ports for the Information Store and
#d# Directory Service. Refer to Microsoft Technet article Q155831 for
#d# details:
#d#    http://www.microsoft.com/technet/support/kb.asp?ID=155831
#d#
#d# Required ports are:
#d#    Directory Service       1225
#d#    Information Store       1226
#d#
#d# To allow the exchange server to notify Outlook when new mail arrives,
#d# use option "accept-interface-outlook-servers"
#d#
#d# This option is usually only used on cluster interfaces
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------
#
#-----------------------------------------------------------------------

module_name="exchange"
module_type="servers"
service_name="Microsoft Exchange"
rpc_port="135"
ds_port="1225"
is_port="1226"

for host in `Option_Value accept $INTOPT $module_name $module_type`
do
	Accept_Hostports remote tcp "$service_name" $host $rpc_port
	Accept_Hostports remote tcp ""              $host $is_port
	Accept_Hostports remote tcp ""              $host $ds_port
done
unset module_name module_type service_name rpc_port is_port ds_port host

