locked
Microsoft Outlook POP3 configuration using Exchange 2007 421 4.3.2 service not available RRS feed

  • Question

  • I have my Exchange 2007 hub transport/client access server configured for POP3.  The service is started and running ok.  However, I'm having trouble when trying to setup an Outlook profile to use POP3.  I'm receiving an error message:

    The server responded: 421 4.3.2 Service not available

    There's no firewall between the PC and the server and I've restarted the POP3 service. I can also successfully telnet to port 110 from a command prompt.  
    Tuesday, February 8, 2011 6:04 AM

Answers

  • called Microsoft support and got it resolved:

     

    1.       Install Windows 2008 support tools on the mail server.  Go to Server Manager, Select Features, then select Active Directory Lightweight Directory Services.

    2.  Start, Run, type ADSIEDIT.MSC   Open Configuration, then navigate to Services, Exchange, ORGNAME, Administrative Groups, Exchange Admin Group, Servers, MailServer, Protocols, SMTP Receive Connector.  Go to the Properties of the Client, Default and Inbound SMTP relay.  Select Security tab, Authenticated Users, Accept Authoritative Domain Send (ALLOW). 

    3.        Added remote IP address of the device that’s trying to use POP3 to Default and Inbound SMTP Relay.

    4.       Under Authentication tab of the receive connector, uncheck OFFER BASIC AUTHENTICATION ONLY AFTER STARTING TLS for all 3 connectors (default, client and inbound SMTP relay).  (no need to change the Anonymous relay)

    5.       Restarted Exchange Transport and POP3 service

    6.       Outlook client: go to More Settings and change the following under Outgoing server tab:  Outgoing server requires authentication (use same settings as my incoming.)

     

    as an alternative, we were able to use port 587 instead of 25 under the Advanced tab.

     

    • Marked as answer by Gen Lin Thursday, March 3, 2011 2:13 AM
    Wednesday, February 23, 2011 6:22 PM

All replies

  • Hi,

    Please follow these steps check the POP3 service configuration:

    1. Open Exchange Management Console, expand to Server configuration->Client Access->POP3 and IMAP tab. Right click POP3 and choose properties.

    3. Open services.msc, right click Microsoft Exchange POP3 service and click restart. Change the Startup type to "Automatic".

    Then restart outlook to configure POP3 profile.

    If the issue persists, please restart exchange server to resolve any potential issue then test the problem once again.

    Gen Lin

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

     

    2. In Authentication tab, select "Plain Test logon".


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks Gen Lin-MSFT
    Wednesday, February 9, 2011 7:40 AM
  • I've tried all the steps above, it still doesn't work.
    Wednesday, February 9, 2011 2:24 PM
  • Hi,

    1. Make sure that the network card in the client's PC has Gateway configured.

    2. Please use anthoer computer which has outlook installed to test this problem.

    3. Use another mailbox account for testing.

     What's result?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks Gen Lin-MSFT
    Wednesday, February 9, 2011 3:07 PM
  • Have you enabled the user you are trying to configure for POP3? Perhaps it is disabled.

    Shell command:

    Set-CASMailbox -Identity 'user@domain1.com' -PopEnabled $true

    If that doesn't work I'd enable some logging on the server and see what is going on. You can test if it is a server setting by trying to telnet into the POP3 port from another machine to see if you get the header for the session. That will tell you if the server itself is accepting POP3 connections, then you will know it is a user that is POP disabled. If you aren't getting a header you'll need to dig through some more logs.

    Thanks,



    Jorge R. Diaz, PMP, CCNA, MCSA, MCSE


    Senior Microsoft Consultant

    Planet Technologies, Inc.

    Check out My Blog!

    Wednesday, February 9, 2011 3:10 PM
  • You said you can telnet to port 110, did you complete the entire transaction?

    telnet exchangeserver 110

    user jdow

    pass mypass

    list

     


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
    Wednesday, February 9, 2011 4:13 PM
  • Yes, I was able to complete the entire transaction.
    Wednesday, February 9, 2011 4:57 PM
  • Hi,

    Are you using the "Aministrator" account?

    You can't connect to the Administrator mailbox through POP3 or IMAP4. This limitation was included intentionally in Exchange to enhance security for the Administrator mailbox. To access the Administrator mailbox, you must use Microsoft Office Outlook or Outlook Web App.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks Gen Lin-MSFT
    Thursday, February 10, 2011 2:23 AM
  • 1.  The NIC does have a gateway configured

    2.  I tried another computer, same result

    3.  I tried another mailbox, same result

    4.  I am NOT using Administrator account.

    What kind of logging do I need to turn on and how do I do it?

    Thursday, February 10, 2011 4:24 PM
  • Gilbert, did you try to POP enable the user as I recommended above, I never saw a response?

    Also, what SP are you on for your Exchange server?



    Jorge R. Diaz, PMP, CCNA, MCSA, MCSE


    Senior Microsoft Consultant

    Planet Technologies, Inc.

    Check out My Blog!

    Thursday, February 10, 2011 4:26 PM
  • Yes, the user is POP enabled. 

    I'm on SP2.

    Thursday, February 10, 2011 4:27 PM
  • OK, it shouldn't matter but you should probably bring all of your boxes up to SP3 to stay current. There is a glitch with environments that have SP2 and SP3 when a non SP3 box calls a get-devicestatistics it forces all handhelds to reset. Just an FYI if you do upgrade. Anyway, here is how to enable logging: http://technet.microsoft.com/en-us/library/aa997690(EXCHG.80).aspx

    Jorge R. Diaz, PMP, CCNA, MCSA, MCSE


    Senior Microsoft Consultant

    Planet Technologies, Inc.

    Check out My Blog!

    Thursday, February 10, 2011 4:30 PM
  • All of them are on SP2, I don't have a mixed environment.  I enabled logging, where are the log files located?
    Thursday, February 10, 2011 6:30 PM
  • called Microsoft support and got it resolved:

     

    1.       Install Windows 2008 support tools on the mail server.  Go to Server Manager, Select Features, then select Active Directory Lightweight Directory Services.

    2.  Start, Run, type ADSIEDIT.MSC   Open Configuration, then navigate to Services, Exchange, ORGNAME, Administrative Groups, Exchange Admin Group, Servers, MailServer, Protocols, SMTP Receive Connector.  Go to the Properties of the Client, Default and Inbound SMTP relay.  Select Security tab, Authenticated Users, Accept Authoritative Domain Send (ALLOW). 

    3.        Added remote IP address of the device that’s trying to use POP3 to Default and Inbound SMTP Relay.

    4.       Under Authentication tab of the receive connector, uncheck OFFER BASIC AUTHENTICATION ONLY AFTER STARTING TLS for all 3 connectors (default, client and inbound SMTP relay).  (no need to change the Anonymous relay)

    5.       Restarted Exchange Transport and POP3 service

    6.       Outlook client: go to More Settings and change the following under Outgoing server tab:  Outgoing server requires authentication (use same settings as my incoming.)

     

    as an alternative, we were able to use port 587 instead of 25 under the Advanced tab.

     

    • Marked as answer by Gen Lin Thursday, March 3, 2011 2:13 AM
    Wednesday, February 23, 2011 6:22 PM