Outlook not connecting POP3/IMAP clients SSL/TLS
Question
Answers
-
Hi Faris,
Any update here? Is the issue fixed now? Please don't hesitate to post back if further assistance is needed here.
Regards,
Steve FanPlease remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.- Marked as answer by Farispv Friday, February 22, 2019 8:06 PM
All replies
-
Hi Faris,
May I know how did you configure Outlook to connect via POP3 or IMAP? Please provide the specific settings you used here so that we can check whether there is any misconfiguration.
What error did you get when it failed to connect to the mail server?
Please check whether you have started the Microsoft Exchange POP3 service and the Microsoft Exchange POP3 Backend service. By default, these services are not started.
Regards,
Steve FanPlease remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.- Proposed as answer by Steve Fan Wednesday, February 13, 2019 9:33 AM
-
Hi Faris,
Any update here? Please don't hesitate to post back if you need further assistance here.
Regards,
Steve FanPlease remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams. -
The above are the error am getting while attempting connect by using SSL/TLS with port 587 SMTP and POP3 995, the same happens for IMAP as well. If make 'None' the outlook getting connected without any issue.
The outlook POP3&IMAP service are running, i have already outlook POP3/IMPA which are are connected exchange server with NONE option.
Recently i have applied SSL on my exchange and applied to IIS,POP/IMAP/SMTP.
When i search, i noticed that some article states the SCP/SRV records to be created for autodiscover, as of now i dont have such records in my local DNS and public. I have only autodiscover A records which poiting to email server.I would expect your best advise to get it done. !!
Thank you in advance for your valuable time.
Faris
-
Hi Faris,
Thank you for your reply.
According to the screenshots you provided, I understand that Outlook clients could access with Exchange server and it failed in sending test messages.
After enabling and configuring POP3/IMAP4 on the Exchange server, you need to configure the authenticated SMTP settings for POP3/IMAP4 clients so they can send email messages. The brief steps are like below:
1. Configure the FQDN on the "Client Frontend <Server name>" Receive connector.
2. Specify the certificate that's used to encrypt authenticated SMTP client connections.
3. Configure Outlook on the web (formerly known as Outlook Web App) to display the SMTP settings for authenticated SMTP clients at Settings > Options > Mail > Accounts > POP and IMAP.More details please review the link below:
Configure authenticated SMTP settings for POP3 and IMAP4 clients in Exchange Server
https://docs.microsoft.com/en-us/exchange/clients/pop3-and-imap4/configure-authenticated-smtp?view=exchserver-2019#step-1-configure-the-fqdn-on-the-client-frontend-server-name-receive-connectorService connection point (SCP) AD object is created when an Exchange Client Access Server installed. The SCP object is used by domain joined clients to locate the Autodiscover service. Generally, the Exchange external Autodiscover DNS entity is configured as a regular A record. In your environment, it doesn’t need additional SRV record to instead.
Regards,
Manu Meng
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
- Edited by Manu Meng Friday, February 15, 2019 8:37 AM
-
Hi Faris,
>>I have gone through your article, now am able to connect Outlook POP3/IMAP TLS with in Local network, but SMTP SSL not getting same error.
Do you mean you can successfully connect to Exchange via POP3/IMAP TLS now? What does "but SMTP SSL not getting same error" actually refer to?
>>in the same time, am unable to get connected on both SSL/TLS from outside network. where all the ports are SSL/TLS are open in my internal firewall.
Please use the Exchange Server > POP Email test or IMAP Email test in the Microsoft Remote Connectivity Analyzer to test POP3/IMAP client connectivity to the Exchange server. Please post back with the testing result.
Regards,
Steve FanPlease remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams. -
HI,
I mean being able to connect Outlook POP3/IMAP by using TLS in Local network but not connecting SSL in POP3/IMPA.
and am unable to connect POP3/IMAP over the internet on both SSL/TLS.
Below is the result of the connectivity test.
Connectivity Test Successful with Warnings Test Details<input class=" __ecpStyleButton" id="testSelectWizard_ctl12_btnExpandAll" name="testSelectWizard$ctl12$btnExpandAll" style="background-background-repeat:no-repeat;padding:8px 8px 8px 29px;text-align:left;border-style:none solid none none;cursor:pointer;background-image:url("/Images/expand.gif");border-right-width:1px;border-right-color:#cccccc;" type="submit" value="Expand All" /><input class="ecpStyleButtonImageOnly __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveXml" name="testSelectWizard$ctl12$btnSaveXml" style="background-background-repeat:no-repeat;padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url("/Images/xml.png");" title="Save as XML" type="submit" value="" /><input class="ecpStyleButtonImageOnly __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveHtml" name="testSelectWizard$ctl12$btnSaveHtml" style="background-background-repeat:no-repeat;padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url("/Images/html.png");" title="Save as HTML" type="submit" value="" />
Testing POP for userDOMAIN \test1 on host mail.domain.com :995<g class="gr_ gr_442 gr-alert gr_gramm gr_inline_cards gr_disable_anim_appear Style replaceWithoutSep" data-gr-id="442" id="442">:SSL</g>. POP was tested successfully. 
Additional Details Elapsed Time: 3480 ms. mail.domain.com Test Steps 
Attempting to resolve the host name mail.domain.com in DNS. The host name resolved successfully. 
Additional Details Testing TCP port 995 on host mail.domain.com to ensure it's listening and open. The port was opened successfully. Additional Details Testing the SSL certificate to make sure it's valid. The certificate passed all validation requirements. Additional Details Elapsed Time: 636 ms. Test Steps The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.domain.com on port 995. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. Additional Details Validating the certificate name. The certificate name was validated successfully. Additional Details Certificate trust is being validated. The certificate is trusted and all certificates are present in the chain. Test Steps The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.domain.com, OU=Domain Control Validated. One or more certificate chains were constructed successfully. Additional Details 
Analyzing the certificate chains for compatibility problems with versions of Windows. Potential compatibility problems were identified with some versions of Windows. Additional Details The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.Elapsed Time: 0 ms.Testing the certificate date to confirm the certificate is valid. Date validation passed. The certificate hasn't expired. Additional Details The POP service is being tested. The POP service was tested successfully. Additional Details Successfully tested the POP3 service
Secured: CN= <g class="gr_ gr_488 gr-alert gr_gramm gr_inline_cards gr_run_anim Style multiReplace" data-gr-id="488" id="488">mail.domain.com </g><g class="gr_ gr_488 gr-alert gr_gramm gr_inline_cards gr_disable_anim_appear Style multiReplace" data-gr-id="488" id="488">,</g> OU=Domain Control Validated
S: +OK The Microsoft Exchange POP3 service is ready.
C: CAPA
S: +OK
TOP
UIDL
SASL PLAIN
USER
.
C: USER test1
S: +OK
C: PASS <password>
S: +OK User successfully logged on.
C: STAT
S: +OK 22 239726
C: QUIT
S: +OK Microsoft Exchange Server 2016 POP3 server signing off.Elapsed Time: 2178 ms.
Faris
- Edited by Farispv Tuesday, February 19, 2019 6:27 PM
-
IMAP Test Result.
mail.domain.com
Connectivity Test Successful Test Details<input class=" __ecpStyleButton" id="testSelectWizard_ctl12_btnExpandAll" name="testSelectWizard$ctl12$btnExpandAll" style="background-background-repeat:no-repeat;padding:8px 8px 8px 29px;text-align:left;border-style:none solid none none;cursor:pointer;background-image:url("/Images/expand.gif");border-right-width:1px;border-right-color:#cccccc;" type="submit" value="Expand All" /><input class="ecpStyleButtonImageOnly __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveXml" name="testSelectWizard$ctl12$btnSaveXml" style="background-background-repeat:no-repeat;padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url("/Images/xml.png");" title="Save as XML" type="submit" value="" /><input class="ecpStyleButtonImageOnly __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveHtml" name="testSelectWizard$ctl12$btnSaveHtml" style="background-background-repeat:no-repeat;padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url("/Images/html.png");" title="Save as HTML" type="submit" value="" />Testing POP for user DOMAIN\test1 on host mail.domain.com:110:TLS. POP was tested successfully. Additional Details Elapsed Time: 2784 ms. Test Steps Attempting to resolve the host name mail.domain.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: 1.1.1.1Elapsed Time: 10 ms.Testing TCP port 110 on host mail.domain.com to ensure it's listening and open. The port was opened successfully. Additional Details Elapsed Time: 198 ms. The POP service is being tested. The POP service was tested successfully. Additional Details Successfully tested the POP3 service
S: +OK The Microsoft Exchange POP3 service is ready.
C: CAPA
S: +OK
TOP
UIDL
STLS
.
C: STLS
S: +OK Begin TLS negotiation.
Secured: CN=mail.domain.com, OU=Domain Control Validated
C: CAPA
S: +OK
TOP
UIDL
SASL PLAIN
USER
.
C: USER test1
S: +OK
C: PASS <password>
S: +OK User successfully logged on.
C: STAT
S: +OK 22 239726
C: QUIT
S: +OK Microsoft Exchange Server 2016 POP3 server signing off.Elapsed Time: 2575 ms.Faris
-
I went through the article, i shared my output here, as below.
Faris
-
Client Forntend Settings as per below. its seems already enabled
Faris
-
i tried this way. am right ?
telnet response.
220 mail.domain.com Microsoft ESMTP MAIL Service ready at Wed, 20 Feb 2019 19:58:28 +0300
Faris
-
Hi Faris,
Any update here? Is the issue fixed now? Please don't hesitate to post back if further assistance is needed here.
Regards,
Steve FanPlease remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.- Marked as answer by Farispv Friday, February 22, 2019 8:06 PM
