none
Can you serve both POP3 - port 110 and SSL-POP - port 995 concurrently on Exchange 2007

    Question

  • Is it possible to run both POP3 - port 110, and Secure POP3 (SSL-POP) - port 995 on the same exchange server? It appears that you are only able to run one or the other, but not both.

    If anyone can help with this I would greatly appreciate it. I just need to know if it is indeed possible and if so, how to do it.


    Monday, August 11, 2008 3:46 PM

Answers

  • Hi,

     

    Yes. You can configure the clients to connnect with either SSL or non-SSL as long as the server has Integrated Windows authentication and secure logon unchecked.

     

    Thanks

     

    Allen

    Tuesday, August 26, 2008 1:48 AM

All replies

  • Hi,

     

    What’s the version of your Exchange server?

     

    In fact, both Port 110 and 995 port are open status for listening the request from client no matter what version of your Exchange server. To use only 995 port on the premise that the certificate has been installed Exchange and applied for POP3 service.

     

    Please understand that the communication is mutual between the Exchange server and the client. That means if the configuration on the Exchange ask for the SSL, the client must connect Exchange by using 995 port. If no such configuration exists there, you can free to select 110 or 995 port to connect Exchange server on the client side.

     

    Regarding how to configure on the Exchange server so that both 110 and 995 port are available, please view the below content:

     

    For Exchange 2003, open ESM, expand Administrative Groups, expand the Servers, expand Protocols, expand POP3, right click Default POP Virtual Server, click Properties, in the Access tab, click Communication button, uncheck “Require secure Channel” option.

     

    For Exchange 2007, open EMC, expand Server Configuration, locate Client Access, in the POP3 and IMAP4 tab, double click POP3, in the Authentication tab, ensure “Plain text authentication logon” and “Secure logon” option are unchecked.

     

    Hope that can help you understand this issue.

     

    Thanks

     

    Allen

    Wednesday, August 13, 2008 7:45 AM
  • Allen,

    Thank you very much for your reply. We are using Exchange 2007.

    Your post was helpful, but I think I was unclear in my question. I am trying to figure out how to allow non-SSL connections on 110, at the same time as allowing SSL connections on 995. The reason for this is that 995 is allowed through the firewall for external access, and must be encrypted. We also have some clients on our LAN which do not support SSL and need to connect to port 110 without SSL.

    Is this possible with Exchange? I really appreciate you taking the time to help.


    Wednesday, August 13, 2008 9:18 PM
  • Hi,

     

    Of course, that is complete available.

     

    As I said, to allow both ports are available, we need to first ensure the server side configuration is meet the needs as I outlined in the last steps:

     

    After that, please change the port as 110 on the configuration of the client side.

     

    If it is OE, click Tools, click Accounts, double click your account, in the Advanced tab, please check the Incoming mail (POP3) is 110 and also ensure “This server requires an encrypted connection (SSL)” option is unchecked.

     

    Click OK.

     

    If you configured Outlook as POP3 client, please click Tools, click Account Settings, click More Settings button, in the Advanced tab, look over the Incoming mail (POP3) is 110 and also ensure “This server requires an encrypted connection (SSL)” option is unchecked.

     

    Thanks

     

    Allen

    Thursday, August 14, 2008 2:22 AM
  • Allen,

    Thank you again for taking the time to reply. I do understand your previous post, but the key point I am trying to make is that I do not want to use SSL on port 110. I only want SSL to be required for port 995. I have LAN clients that must connect to port 110 without SSL. I also have external remote clients that need to connect securely through port 995 with SSL.

    I hope this helps clarify.
    Thursday, August 14, 2008 3:34 PM
  • Hi,

     

    You misunderstood my meaning. Maybe that state is not clear.

     

    Actually, this is determined by the client side settings.

     

    For the SSL, you just need to check “This server requires an encrypted connection (SSL)” option, then the port will be changed as 995 port automatically.

     

    In other words, for the LAN clients, uncheck “This server requires an encrypted connection (SSL)” option on the client side. For the external remote clients, check “This server requires an encrypted connection (SSL)” option.

     

    But the prerequisite to make the above needs function is that we must configure the server settings based on my first reply.

     

    Thanks

     

    Allen

    Friday, August 15, 2008 2:01 AM
  • Ok. So what you are saying is that if the server has plain text and secure logon unchecked, then the clients will be able to connect with either SSL or non-SSL?



    Monday, August 25, 2008 11:24 PM
  • Hi,

     

    Yes. You can configure the clients to connnect with either SSL or non-SSL as long as the server has Integrated Windows authentication and secure logon unchecked.

     

    Thanks

     

    Allen

    Tuesday, August 26, 2008 1:48 AM
  • Great. Thank you very much for all your help. That is exactly what I was looking for.
    Tuesday, August 26, 2008 5:59 PM