Robb,
Yes, he said to not open the ports:
135/tcp (endpoint mapper)
1024/tcp or similar* (where openchange mapiproxy endpoint is bind)
publicly, and to instead setup a vpn.
As I understand it, RPC over HTTP is the correct way to connect exchange over the internet and does not cause any security issues.
Someone did ask about this here:
https://forum.zentyal.org/index.php?topic=19010.0but there is no reply.
That is why I am asking, maybe I am missing a configuration step somewhere. Or, maybe there is no secure way to do this via Zentyal yet? (without a vpn).
Thank you