Help setting up a small office network

By davids
Jul 11, 2006
  1. Hi all. I have a small office network to set up but im not TOTALLY sure how to go about it! I was hoping to iron out a few points on here.

    As Im sure you'll ask for the details; here is the current setup:

    4 computers running XP pro, networked together as a workgroup.

    I am planning to install a server and create a domain.

    The part where I am getting stuck is the email.

    Basically, they all need email access, now Im wondering should I just set everyone up with outlook, or should I setup exchange server? - is exchange swerver useful in this situation or not?

    If anyone could give me some help I would greatly appreciate it.

  2. TypeX45

    TypeX45 TS Rookie Posts: 144

    Truthfully in your situation I would just set up outlook and forget exchange. It will save you money and resources.
  3. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    Outlook has some nice features (calendar, tasks, contacts), but I strongly advise
    you opt for a 3rd party email client (eg: Thunderbird). MS Outlook and Outlook
    Express are so tightly coupled to the OS, they have too many security issues and
    exposes your users to having the address book ripped off.
  4. #Curtis

    #Curtis TS Rookie Posts: 66

    I agree withTypeX45, however i would suggest you use a Mail client such as Thunderbird, it is much more secure and use friendly, it would be my personal choice any day and ive converted a lot of people to using.

    And that sounds like a nice little setup youve got going Good work :)
  5. davids

    davids TS Rookie Topic Starter Posts: 96

    Thanks all. I sort of understand where your coming from with outlook having security issues, however I may stick with it for now; purely because netwokring is so new to me that I dont want to create any extra elements that might cause trouble.

    The customer wants to monitor all the emails flowing through the office, how could I best do this if I am setting up outlook on each machine? Would creating message rules be the easiest way? And can I easily lock down outlook so that the settings cant be changed??

    Thanks for your help everyone.
  6. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    You will need a central point to monitor the email. Record keeping requirements
    make this an ever important consideration. Solutions include:
    1) an email proxy server between the users and the real POP3/SMTP service
    2) an Exchange Server (assuming MS environment)

    The 'client' should publish a policy on email usage and openly disclose that all
    email to/from the office systems are monitored for business reasons.
  7. davids

    davids TS Rookie Topic Starter Posts: 96


    Thanks for the advice, if you have the time would you explain how I should go about creating a proxy server?

    I will be using an MS environment, do I need exchange to create an email proxy, or can I do it another way?

    Thanks in advance.

  8. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    the concept of a proxy is shown in the attachment. Ususally, there is a unique
    proxy for each service being controlled, due to the unique requirements of the
    monitoring. EG: web browsers need only user+url accessed, while email may be
    as extensive as, timestamp, sender, to-list, cc-list, bcc-list, subject, body of msg.

    strictly speaking lan-segment-B does not need to be unique from A, but then
    that allows any client to bypass the proxy and get straight to the internet:(

    suggest you look(google) for a commercial email proxy product as they will
    include the logging facility you need.

    Attached Files:

  9. davids

    davids TS Rookie Topic Starter Posts: 96

    Thanks Jobeard. I think I understand the diagram, So basically, every client has to go through the proxy server to get to the internet, I think that is more along the lines of what I had initially thought was the way to go, however I had sort of decided on having direct access to the internet (through a firewall obviously), but it was really just the mail I wanted to have coming through the server. Is this possible?

    I have been researching it further today, and I have figured out/assumed that I need a fixed IP on the server, and a public domain name, and then I need to set the server up as the actual email server (for example the pop email server) is that right?

    I also have another basic question: If I get a fixed ip address, that will be assinged to the WAN port on the router right? And that being the case, can I still keep the same private IP addresses on the server and workstations? And if so, when packets come in from the internet (with the public IP as their destination) how will they find their way to the right computer?

    Hope this makes sense Jobeard

    Thanks again for the help

  10. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    you can setup the email as the only proxy BUT, if all else goes directly to the
    gateway, then your only hope to enforce the usage of the proxy is to lockdown
    the email client settings. You can still use the diagram and the A/B lan segments
    by just having the email ports(25,110) forward to the proxy machine and
    the default forward to the last firewall.

    yes. this gives you FULL control
    by setting up the POP3 and SMTP servers. you may be able to configure the
    monitoring directly in each of them.

    If you need a fixed(static) IP, you will get it attached to the port
    that accesses your ISP; usually your modem. the modem attaches to a router,
    giving you NAT support (off the LAN ports) and the gateway to the Internet on its WAN port.
  11. davids

    davids TS Rookie Topic Starter Posts: 96

    Thanks Jobeard, I appreciate the help.

    Im going to TRY and set up a test machine over the next few days, and hopefully get the email going, so I will post back here with the results, and maybe have a stab at setting up the internet proxy as well, can that be acheived using features available in server 2003? And is it easy to go about?

    I will post back again when I have the email gateway running.

    Thanks again

  12. davids

    davids TS Rookie Topic Starter Posts: 96

    Hi again all.

    Hope you'll get this message despite the thread being a few days old.

    I am still messing around with this network setup, basically I am trying to get remote desktop connection working, as a practise in port forwarding:

    I have setup a rule on my dlink router, to forward port 3389 to my LAN (the computer i want to remotely connect to).

    Then i trying remotly connecting (usuing the WAN ip address) from a computer outside the network, but it doesnt work.

    Any ideas what im doing wrong? incidently i trying it the other way round and it worked ok...

    Thanks in advance
  13. tipstir

    tipstir TS Ambassador Posts: 2,383   +105

    The best thing you could do is set-up a local domain instead of a workgroup. I've done here at home to match what I do at work in a corporate america.

    What you could do right now is take your ISP IP Address you have and make it a account. This process is free and what would happen is that you would have something liket this:

    I say 5800 port should be open and install Ultra VNC on the PC you want to connect to via remote location. This will work I do many times.

    Ultra VNC is freeware
    dyndns is free for one ISP IP address makes your IP into web address name.

    First thing you need to do is setup a free account with The instructions on that site also. You'll to run a program that will keep your IP address current for what your ISP give you. The program is also free what it does "dyndns updater keep the IP address updated. Now your Dlink router might have this feature in there already but you have to check it out.

    Next is to install Ultra VNC it comes in two parts client and server. Once you install it reboot the PC

    Also install it on a remote PC also. There is info about doing this on that site for Ultra VNC.

    For your other problem you first posted I would get MS Windows Server 2003 for Small Business Premium which has MS Outlook 2003 Web, MS Exchange 2003 and everything else you need. This if you want to spend the money for it though. I would stick to your workgroup for now..
  14. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    you need a firewall rule on the machine that
    allow in/out tcp from x port 3389​
    X is either ANY machine or a specific ip-address
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...