Let’s face it, the internet is full of bad advice, especially when it comes to technical topics. And I’m not talking about articles or blog posts you might find that are just badly written, or are wrong for your specific scenario but correct for others. I’m talking about advice that is wrong on every level and should not be followed.
Case in point, the question of whether to disable the Windows Firewall on Exchange servers.
I get it. The Windows Firewall has caused you some problems in the past (I’ve been there, it’s not fun). So you turn it off on all your server builds, because your servers are sitting safely on your internal network protected by your network firewall. But the fact is that is a bad practice, and one you should move away from. Especially when it comes to Exchange servers.
Exchange setup will add rules to the Windows Firewall to allow Exchange to work, it’s that simple. You don’t need to disable the Windows Firewall. If you have extra requirements for your Windows servers (such as a special port used by your monitoring system agent) then add a rule to the server’s firewall. Use Group Policy to do it, if you want to save some time.
And if you see advice like this on the internet, ignore it. It’s wrong and dangerous.