EXPERT RESPONSE
To be honest, it's impossible for me to opine as to whether or not the risk is acceptable. I'm not trying to be glib -- there's just a lot more involved in risk assessment than the facts presented to me here. I don't see how a MAPI client on a properly secured SQL server could create a risk (huge or otherwise) from your employees; however, certainly your internal folks know more about the situation than I do. Thus, in the absence of any information to the contrary, I would have to defer to their opinions on this one.
Having said that, I have never encountered nor heard of any security violations or issues related to having a MAPI client on a SQL Server.
As far as I know, you won't be able to use the Groupwise SMTP Server. My understanding of SQLMail, which is based in part on Microsoft Knowledge Base article 263556, is that SQLMail only sends MAPI-based e-mail. That relevenat part of this article states:
The SQL Server mail client support depends upon your SQL Server version and the functionality required.
SQL Server 6.5 and SQL Server 7.0
SQL Mail establishes a simple MAPI connection to Microsoft Exchange Server, Microsoft Windows NT Mail, or a Post Office Protocol 3 (POP3) server.
SQL Server 7.0 Using SQLAgentMail
SQLAgentMail establishes either a simple or extended MAPI connection to Microsoft Exchange Server, Microsoft Windows NT Mail, or a Post Office Protocol 3 (POP3) server.
SQL Server 2000
SQL Mail establishes an extended MAPI connection with a mail host, while SQLAgentMail establishes a separate extended MAPI connection. Both SQL Mail and SQLAgentMail can connect with Microsoft Exchange Server, or a Post Office Protocol 3 (POP3) server.
NOTE: Due to the limitation of only providing extended MAPI support, SQL Server 2000 requires a Microsoft Outlook 2000 client (or later version)."
You can find the complete text of this article, which has a lot of great information, on the Microsoft Web site.
|
