How to Configure SBS 2008 to Host POP3/IMAP4
★★★★★
★★★★
★★★
★★
★
September 19, 2008 // 5 Comments
[Today’s post comes to us courtesy of Shawn Sullivan]
Today’s post will discuss the steps necessary to allow your SBS 2008 server to host POP3 and IMAP4 services for external clients. This process consists of four parts:
- Enabling the POP3/ IMAP4 services on the SBS 2008 server.
- Port forwarding POP3 /IMAP4 through the firewall to the SBS 2008 server.
- Configuring Exchange 2007 for authenticated client SMTP relay.
- Configuring POP3/IMAP4 and SMTP settings on the client.
Part 3 of this process has already been documented in the following blog post, which covers authenticated SMTP relay: How to Configure Trusted SMTP Relay in Exchange on SBS 2008.
Enabling POP3/IMAP4 on SBS 2008
After SBS 2008 setup completes, the POP3 and IMAP4 services are both stopped and set to manual for startup type. You can run the services.msc console to start them and change the startup type to automatic.
Launch the Exchange Management Console as administrator and expand Server Configuration > Client Access and click on the POP3 and IMAP4 tab. Here you can view the banner string, binding, authentication, connection, and retrieval settings for both services.
Launch the Exchange Management Shell as administrator and run Get-ImapSettings | fl or Get-PopSettings | fl to get the complete list of configuration settings in one list.
By default, both the POP3 and IMAP4 services require a TLS authenticated connection using an X.509 certificate. Exchange setup creates a certificate matching the server’s internal fully qualified domain name (FQDN) and configures both services to use it for TLS. When you run the “Internet Address Management Wizard” to configure you external FQDN, another certificate matching your external address is created and configured for POP3 and IMAP4 services. You can view your exchange certificates in the Exchange Management Shell with Get-ExchangeCertficate:
You need to change the certificate that POP3 and IMAP4 uses for TLS to the certificate that has been created by the “Internet Management Address Wizard”. This is done either through the management console or shell.
Run the Set-PopSettings or Set-ImapSettings with the –X509CertificateName option and enter the name of the certificate:
Or open the properties of POP3 or IMAP4, click on the Authentication tab, enter the certificate name.
Port forwarding POP3/IMAP4 through your firewall to the SBS 2008 server
For POP3, you need to open either TCP 110 or 995. For IMAP4, open either TCP 143 or 993, depending on whether you are configuring the client to encrypt the traffic with SSL or not. Whatever ports you are opening, they need to point to the IP address of the SBS 2008 server.
Windows Firewall is enabled on SBS 2008 by default with exceptions for both POP3 and IMAP4. Configuration changes will not be necessary.
Configuring POP3/IMAP4 settings on the client
Other than choosing the FQDN of the server you are connecting to and configuring user account settings, there are a couple of things to note about client setup.
To comply with Exchange’s default settings, Microsoft clients like Outlook, Outlook Express, or Windows Mail will need to configure POP3 to connect using SSL (port 995).
For IMAP, Outlook 2007 will allow you to authenticate with TLS using port 143. Earlier versions of Outlook, Outlook Express, and Windows Mail will need to connect using SSL (port 993).
If you are configuring your SBS 2008 server as your outgoing SMTP server, then you will need to authenticate using TLS on port 587. Once again, full details in the following blog post: How to Configure Trusted SMTP Relay in Exchange on SBS 2008.
Top Server & Tools Blogs
SBS-Related Links
EPS Team Blogs
Disclaimer
This posting is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of Microsoft. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/copyright.
Recent Posts
- Office 365 Integration fails with “Cannot connect to Microsoft online services” in Windows Server 2012 R2 Essentials March 14, 2018
- How to configure ASR in Windows Server Essentials 2016 September 13, 2017
- Windows Home Server 2011 End of Mainstream Support July 3, 2017
- Windows Server Essentials 2016 – Update two on Remote Web Access June 26, 2017
Tags
Active Directory Backup/Restore BPA Certificates Community console DHCP Disaster Recovery Exchange Hotfix IIS ISA Licensing migration Mobile Devices Networking Office 365 Outlook 2007 Partners Performance Podcast Product Group R2 RWW SharePoint SQL Technote Training Update update rollup Windows 2003 Service Pack 2 Windows Essential Business Server (EBS) Windows Essential Server Solutions Windows MultiPoint Server 2011 Windows Server 2008 Windows Server 2012 Essentials Windows Server 2012 R2 Essentials Windows Small Business Server 2003 Windows Small Business Server 2008 Windows Small Business Server 2011 Essentials Windows Small Business Server 2011 Family Windows Small Business Server 2011 Standard Windows Storage Server 2008 R2 Essentials Windows Vista WSUS
Archives
- March 2018 (1)
- September 2017 (1)
- July 2017 (1)
- June 2017 (1)
- May 2017 (1)
- April 2017 (1)
- October 2016 (2)
- July 2016 (2)
- February 2016 (1)
- All of 2018 (1)
- All of 2017 (5)
- All of 2016 (8)
- All of 2015 (7)
- All of 2014 (20)
- All of 2013 (30)
- All of 2012 (53)
- All of 2011 (83)
- All of 2010 (61)
- All of 2009 (100)
- All of 2008 (109)
- All of 2007 (79)
- All of 2006 (67)
- All of 2005 (52)
Tags
Comments are closed.
Anonymous
PingBack from http://www.ditii.com/2008/09/19/sbs-2008-configure-to-host-pop3imap4/
Anonymous
Enabling SBS 2008 to allow remote users to use their email clients (Outlook, Outlook Express, etc.) or
hassan sayed issa20014
thank you
Deeply Confused
Can you post a "for dummies" version of this please
xX_MLG_pr0_360noscope_Xx
@Deeply Confused: this is the dummy version
welcome to hell