نمایش نتایج: از شماره 1 تا 2 از مجموع 2

موضوع: Using POP3 and IMAP4 to Access Exchange 2007

  
  1. #1
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272

    Using POP3 and IMAP4 to Access Exchange 2007

    کد:
    http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/using-pop3-imap4-access-exchange-2007-part1.html

    PART 1


    Brief

    In this, the first part of a two article series, I will provide an overview of the use of POP3 and IMAP4 with Exchange 2007. First I will take a look at some of the differences between the two protocols. I will then discuss a few scenarios where they can be used, followed by the actual configuration details required, including how to set up a client connection.
    In the second part of the series I will show some of the more advanced configuration settings and touch on some best practises for using the two protocols. Finally I will take a look at what is to come for IMAP4 and POP3 in SP1 (Service Pack 1) for Exchange 2007.
    Introduction

    POP3 (Post Office Protocol 3) and IMAP4 (Internet Message Access Protocol 4) are both protocols which allow access to mail on/from a remote server. Both of these protocols are widely used outside the enterprise for accessing personal mail from ISPs, but, I have found they are also used on occasion within the business setting, for example on a mobile phone.
    The key difference between the protocols is that IMAP4 provides access to mail on a server and doesn’t download it to the local machine, compared to POP3 which does download mail to the local machine (note: there is also an option to leave a copy on the server). Also, POP3 only downloads mail from the inbox, although other local folders can be created whereas IMAP4 allows access to all server based mailbox folders. Compared to other remote access methods like OWA (Outlook Web Access), neither protocol offers more advanced features like scheduling, task, or contact management.
    Various things have changed for these protocols in Exchange 2007. Firstly they are now fully part of Exchange 2007 and not installed as part of IIS. Secondly, perhaps more importantly, unlike in Exchange 2003 there is no GUI to manage POP3 or IMAP4 (at least until SP1). One thing that has not changed is the fact that both of these protocols are mail retrieval protocols, neither of them let you send mail. To do that you need to relay through an SMTP server. In the next section I will show you how!
    Installing / Enabling IMAP4 & POP3

    As mentioned above, IMAP4 and POP3 are fully part of the CAS (Client Access Server) role of Exchange 2007, which means that to use them no further installation is required, they simply require enabling. To do this, proceed as follows:
    First enable the relevant service and set start-up mode to automatic, see Figure 1:

    Figure 1: Setting the start-up options of the POP3 Service
    Next Start the Service, see Figure 2:

    Figure 2: Starting the POP3 Service
    Once the PowerShell command returns to the prompt, it is worth checking that the services have actually started as this is not information PowerShell returns! To do this, run the commands shown below in Figure 3.

    Figure 3: Checking the services have started
    Note for IMAP4: replace “POP3” in the examples above with IMAP4
    Having enabled the server side protocol, ensure that the user who needs access has the relevant protocol enabled for use. In the released version of Exchange 2007 this must be done by using the PowerShell commands below, but in Exchange 2007 SP1 it will also be possible to go in to the properties of the user and view/set the required setting on the Mailbox Features tab (Figure 4)
    Set-CASMailbox -Identity mailboxname -PopEnabled $true
    Set-CASMailbox -Identity mailboxname -IMAPEnabled $true
    Note: $false disables the protocol for the specified user

    Figure 4: Mailbox Features of a User
    Having covered the retrieval mail protocol setup sorted, we must now allow mail to be sent. In Exchange 2007, SMTP mail flow is dealt with by both the Hub Transport (HT) server role and the Edge Transport (ET) server role. Both can have connectors set up to allow the receipt and forward of mail however, in this instance, you are more likely to use the HT server to relay mail because, as the ET server is not part of your production AD (see Rodney Buike’s article here for more), your HT server will be best placed to authenticate those who need to relay mail, which is far better than allowing unauthenticated relay!
    By default, an HT server already has a suitable connector set up and waiting for you to authenticate and submit mail; the “Client HTServerName” connector. When looking at its properties (Figure 5) you will immediately notice the port which the connector listens on is port 587. Yes, this is an SMTP connector, but instead of using port 25, the standard for server to server SMTP, port 587 is used because this is the standard for SMTP mail received from client software.

    Figure 5: The network settings tab showing the port value for the Client Connector
    Having looked into the enabling of POP3 and IMAP4 access and the provision of transport for relaying outbound mail, I will now move on and take a look at actually setting up the client. You will find that this is not as simple as you might think!
    Client Setup – Authentication and Ports

    Although Outlook Express 6 is installed on the majority of machines, I decided to use the new Windows Live Mail Desktop client to demonstrate the client setup because of an issue with Outlook Express detailed below. Having opened up the client I entered the account setup area as follows:

    1. Select “Accounts” from the “Tools” menu.
    2. To create a new account click “Add” and selected “Email Account”.
    3. Then enter the users name, email address (in my case “imap” and “imap@exchange.local” respectively) and the login credentials. Also check the “Manually configure server settings for e-mail account” box. (Figure 6)
    4. Next select the protocol (either IMAP or POP3) and enter the server details for both receiving and sending mail, which in my case were the same “e2k7cas-ht.exchange.local”. (Figure 7)


    Figure 6:
    Username and login settings

    Figure 7: Server settings
    Having completed the account as above, you may have noticed a few differences from what you were expecting. In Exchange 2007 the default settings are a little more secure than in previous versions. By default Exchange 2007 requires SSL/TLS secured connections, which means ensuring the client connects to the secured port. For IMAP4 that port is 993 and for POP3 it is 995. When using the SSL/TLS connection, as with OWA using HTTPS, it is important to make sure your client computer trusts the certificate path used for traffic encryption, otherwise an error occurs as shown in Figure 8.

    Figure 8: Un-trusted Certificate chain error
    The steps above show you how to connect in the most secure manner, however, you could loosen the settings using the “set-popsettings –logintype” or the “set-imapsettings –logintype” commands. The commands are followed by the following options;

    • PlainTextLogin
    • PlainTextAuthentication
    • SecureLogin

    Using PlainTextLogin option opens things up, completely allowing connection to the standard (non TLS) ports (110 for POP3 and 143 for IMAP4). It also allows passwords in plain text over the network.
    The PlainTextAuthentication options still allows for connection to the standard (non TLS) ports, but requires the use of secured passwords as used with the Secure Password Authentication option in the client.
    Finally, the SecureLogin option is the default as detailed in the walkthrough above. After changing any of these settings, restart the relevant service for it to take effect. Personally, I would leave the settings at their defaults as anything less is simply not secured.
    Note: If you are trying the above with Outlook Express 6 or earlier, then you will have a problem setting the SMTP server to use SSL/TLS over port 587. The problem is that Outlook Express can only negotiate explicit TLS over port 25. Outlined below are both explicit and implicit TLS:
    Explicit TLS: In order to establish the SSL link, explicit security requires that the client issues a specific command (STARTTLS) to the server after establishing a connection.
    Implicit TLS: Implicit security automatically begins with an SSL connection as soon as the client connects to a server. With implicit security, the server defines a specific port for the client (for POP3 and IMAP4, 995 or 993) to be used for secure connections.
    If you want to keep using SSL/TSL with Outlook Express 6, one solution to this problem is to make use of the default SMTP connector which is set up to use SSL/TLS over port 25. However, perhaps a better option would be to separate the traffic off to a new connector listening on a different IP address but still on port 25.





    موضوعات مشابه:

  2. #2
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/using-pop3-imap4-access-exchange-2007-part2.html

    PART 1

    Advanced POP3 and IMAP4 configuration settings and a look at IMAP4 and POP3 in Exchange 2007 SP1
    In the first part of this two article series, I looked at how to configure IMAP4 and POP3 for use with Exchange 2007 and then set up a client to connect. In this final part I will touch on some more advanced features and configuration of IMAP4 and POP3 and also take a look at the new GUI administration capabilities which will arrive with SP1.
    Note that as the SP1 features are still in beta they are subject to change before release.
    Advanced Configuration

    In this section I am going to run through a few of the options you have when setting up Exchange for access via POP3 or IMAP4. I will start with a look at calendaring.
    Obviously when using Outlook and MAPI, appointments come through as usable items which can be accepted and automatically placed in your calendar, however, with POP3 or IMAP4 access things can be a little different. The following options are provided as shown in Table 1.
    Setting
    Value
    Description
    iCalendar
    0
    This setting lets users use the iCalendar standard for calendar items. The iCalendar standard is a standard for exchanging calendar information.
    IntranetUrl
    1
    This setting lets you specify an internal URL for users to access their calendar information.
    InternetUrl
    2
    This setting lets you specify an external URL for users to access their calendar information.
    Custom
    3
    This setting lets you specify a Microsoft Office Outlook Web Access server for users to access their calendar information.
    Table 1: Different calendaring options for POP3 and IMAP4
    By default, the iCalendar option is selected. This can be seen using the command in Figure 1 below:

    Figure 1:
    The default Calendar settings
    Note the use of the wildcard to show only entries including Cal
    This option allows all the usual functionality for calendar/meeting requests. Using the other options gives you the ability to point users to a website either internal, external or OWA to gather meeting information. To implement such a system, first put together the website and then use the syntax below:
    Set-ImapSettings –CalendarItemRetrievalOption 1 –IntranetURL “intserver”
    Set-ImapSettings –CalendarItemRetrievalOption 3 –InternetURL “https://extserver.com”
    Set-ImapSettings –CalendarItemRetrievalOption 3 –OwaServerURL “https://owa.server.com/owa”

    Note:
    As mentioned in part one, for POP3 use the Set-PopSettings command
    Another thing that might be useful to those still in the process of migrating to Exchange 2007 from Exchange 2000 or 2003 is using Exchange 2007 CAS servers to proxy POP3 or IMAP4 access to mailboxes on Exchange 2000/3. To do this, there are a couple of important things to check on the Exchange 2003 server;
    First ensure that SSL/TLS is disabled and basic authentication is enabled on the IMAP (or POP3) virtual server. This can be found under the “Protocols” section of the relevant server where the mailbox is held. See Figure 2


    Figure 2:
    Disabling SSL
    Having done that, it is important to realise that the user name and password are sent in clear text when Basic authentication is used without encryption. Therefore, I suggest securing the traffic between the Client Access server and Exchange Server 2003 server by using Internet Protocol security (IPsec).
    On the Exchange 2007 CAS server you must then configure the proxy port using the command shown below:


    Figure 3:
    Setting the proxy port
    To enable basic authentication use the command:
    Set-ImapSettings –LoginType plaintext
    Finally restart the msexchangeimap service
    Having done all that, point the IMAP client at the CAS server, remembering that if you want to send mail, unless you have changed the default settings, you will still need to use TLS/SSL by clicking the box shown in figure 4.


    Figure 4:
    The checkbox to use SMTP over SSL
    Note:
    It is also possible to disable access to Exchange 2003 servers by using the command: Set-ImapSettings – ProxyTargetPort 0
    Another area where extra configuration is required is if you want to listen for IMAP traffic on anything other than the default IP address or port.
    Should you wish to configure ports use the commands below;
    Set-PopSettings -SSLBindings: IPaddress:Port
    Set-PopSettings -UnencryptedOrTLSBindings IPaddress:Port
    The first command sets the port for the encrypted session (by default 993 and 995) and the second command is for the unencrypted session, by default 143 and 110.
    The final configuration to look at in this section is that of message retrieval format. The options are listed below:

    • 0:Text Only
    • 1:HTML Only
    • 2:HTML and Text
    • 3:Rich Text Only
    • 4:UUEncode
    • 5:UUEncodeBinHex
    • 6:Best Body Format

    Interestingly the retrieval format options can either be set per user or for everyone as shown in the commands below:
    Set-ImapSettings –MessageRetrievalMimeFormat 0
    Sets the mail format to Text only
    Set-CasSettings –Identity mailboxname –ImapMessagesRetrievalMimeFormat 2
    Sets the mail format for user “mailboxname” to “HTML and Text”
    Having looked at some of the more advanced configuration options which are available, I will now move on to give some suggestions on how to protect your system serving IMAP4 and POP3 for users.
    Best Practises for IMAP & POP3

    Before we take a look at the new GUI in SP1 I think it is worth looking some settings which could protect your system.
    Connection Limits allow you to prevent the server being overloaded by someone generating a massive number of fake connections, thereby using up all available RAM. Obviously you must set this limit so that it does not hinder the number of concurrent user connections you expect. The default of 2000 is quite high so you could bring this down if you only have a few users using the command below:
    Set-ImapSettings -MaxConnections Value
    Another settings you may wish to change is that shown below:
    Set-ImapSettings –MaxConnectionsFromSingleIP Value
    One reason you might change the above value (default 20) is if you have all connections passing through a NAT firewall which makes them all look like they come from the same IP address.
    TimeOuts are another way to protect the server. They prevent connections for staying open indefinitely again using up server resources. They can also be the cause of issues when downloading large attachments over a slow link. If the timeout is too short then the connection may drop, interrupting the download.
    Finally for this section, protocol logging. In general this should not be left on and it is not on by default. Logging is used when you need to troubleshoot problems with IMAP4 or POP3 and can be enabled as follows:
    Open the file Microsoft.Exchange.Imap4.exe.config which by default is found in the location shown below:
    Note:
    As mentioned before open the substitute POP3 where necessary to change the POP3 config


    Figure 5:
    POP3 and IMAP4 config files location
    Right at the bottom of the file in the “appSettings” section change the line highlighted in the screenshot below to a value of “true”


    Figure 6:
    Change this value to “true” to enable logging
    Note:
    The parameter names in the config file are case sensitive.
    A Look at SP1 GUI

    If you are a fan of the GUI then you will be pleased to know that SP1 for Exchange 2007 will give you back a GUI for several features. One of these is IMAP4 and POP3. The new interface is found under the Sever Configuration, Client Access node in the bottom pane as shown in Figure 7.


    Figure 7:
    The location for the new IMAP4/POP3 GUI
    When you double click either the POP3 or IMAP4 objects, a very similar set of options are available as shown in the screenshots below. The first screenshot shows the “General” tab, giving you a view of when the configuration was last modified and allowing you to change the banner shown to clients who connect.


    Figure 8:
    The General Tab
    On the “Binding” tab you get the option to change IP addresses and Ports on which the IMAP or POP3 services will listen.


    Figure 9:
    The Bindings tab
    On the Authentication tab you can set the Login Type as discussed in part one.

    Figure 10:
    The Authentication Tab
    The connection tab shown in Figure 11 is one area where there are slight differences between the IMAP and POP settings. Although all the fields are the same some values are different.


    Figure 11:
    The Connection Tab
    The “Message” tab is the other area where there are differences between POP and IMAP settings. Figure 12 shows the POP3 “Message” tab with its options for “Message Sort Order”. This is compared to Figure 13 which gives an options to ”Display hidden folders”. Other than that, the options are the same giving you the ability to configure calendar item retrieval.


    Figure 12:
    POP3 Settings Message tab

    Figure 13:
    IMAP Settings Message tab





کلمات کلیدی در جستجوها:

how to open port 587 in microsoft tmg

imap settings owaserverurl

19

imap4 logintypes chaning exchange 2007

pop3 ERR Protocol error. 17

protocol error 17 pop3 exchange

set-cassettingserr protocol error. 17 exchangepop3 tls tmg exchangehow to publish pop3 protocol exchange TMGe2k7cas-ht.exchange.localtmg imaps default portexchange 2007 pop3 current sessionSet-PopSettings commandoTMG howto enable IMAP4protocol error 17 exchangeexchange pop3 error 17exchange 2007 multiple pop3 bindings connectionserr protocol error 17 exchange pop3exchange 2003 imap default mailbox folder -publicpop protocol error 17exchange pop3 err protocol error 17opening port 587 in microsoft tmgserver returned error: protocol error. 17imapmessagesretrievalmimeformat owa firewall

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •