You should always disable external access to Exchange Control Panel (ECP). You don’t want a brute force attack on ECP in Exchange Server. It’s a big security risk. The best approach and my advice are to block it on the firewall. The firewall is the first point that will block external access. If it’s not … Continue reading Disable external access to ECP in Exchange Server