Securing Mailbox Servers
Applies to: Exchange Server 2010
This topic summarizes the security-related options available for a computer running Microsoft Exchange Server 2010 that has the Mailbox server role installed. By default, HTTP, Microsoft Exchange ActiveSync, POP3, and IMAP4 communication between the Mailbox servers and other Exchange server roles, domain controllers, and global catalog servers is encrypted.
Make sure that your Mailbox servers aren't accessible to the Internet. Also, the Mailbox server role in Exchange 2010 includes security improvements to the Exchange store. For information about these improvements, see Understanding the Exchange 2010 Store.