If you lock out the insecure ports at the firewall, you should be set. Our install only allows connections from the outside world on port 25 and 443, everything else is blocked.
LDAP connections are only happening on the LAN and may or may not be secure, but that's currently a lower priority for me. Are you trying to ensure encryption of all traffic both internally and externally? |