I've recently conducted a security scan on my Exchange Server 2019 (CU15 with the latest SU) and discovered that it leaks the internal IP address through the Location header when a request is sent to a folder like mail.xxxx.com. The response I got shows something like this:
HTTP/1.1 302 Moved Temporarily
Location: https://{internal IP}/owa/
It seems that URL rewriting might be the necessary fix for this issue. However, I'm concerned about whether this change could impact mail flow negatively. Has anyone faced a similar problem or can offer advice on the best course of action?
3 Answers
It looks like the server is just redirecting to the URL it thinks is in use. You can use a script like the one on GitHub: https://github.com/cunninghamp/ConfigureExchangeURLs.ps1 to set all your external URLs correctly. This will help ensure that you're not exposing your internal IP anymore.
I can't really assist with your specific question, but just a heads-up: Exchange 2019 is reaching its end of life this October. It's probably time to start thinking about migrating to a newer platform if you want to avoid security risks.
Are your internal and external URLs properly configured? I found this guide that might help: https://www.alitajran.com/configure-internal-external-url-exchange/. Just to remind you, with Exchange going EOL soon, it might be better to consider moving off the platform entirely to avoid potential vulnerabilities.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures