From a security perspective (meaning concerned about attacks on Exchange server) I'd like to offer guidance on how bet to configure and run Exchange services. Given Exchange services run on a stand-alone server, does the following statement make sense? "(reference to Exchange 2003, 2007, 2010) When configuring Exchange server service accounts, use the principle of least privilege. The service account should have exactly the privileges that it needs to do its job and no more privileges. For example, create a specific local user account on the machine running Exchange Server and use that account to run Exchange services. Do not user domain user or domain administrator accounts, nor should one use local system or network accounts." If this is completely wrong, please point me to specific documentation that might help me understand best practices for configuring and securing exchange services. Thanks!

NOt sure what you mean by "Exchange Services". The actual Exch services do not use a domain or local account to logon ( that went away in 5.5). Can you explain more what you are referring to?

Exchange 5.5 was the last version of Exchange that had a service account. "red_star" wrote in message news:d77282c2-7874-4398-ba43-2c31a21d39b0... From a security perspective (meaning concerned about attacks on Exchange server) I'd like to offer guidance on how bet to configure and run Exchange services. Given Exchange services run on a stand-alone server, does the following statement make sense? "(reference to Exchange 2003, 2007, 2010) When configuring Exchange server service accounts, use the principle of least privilege. The service account should have exactly the privileges that it needs to do its job and no more privileges. For example, create a specific local user account on the machine running Exchange Server and use that account to run Exchange services. Do not user domain user or domain administrator accounts, nor should one use local system or network accounts." If this is completely wrong, please point me to specific documentation that might help me understand best practices for configuring and securing exchange services. Thanks! Mark Arnold, Exchange MVP.