SBS2008 - IMAP access to mailbox in Exchange 2007
|
Prev: Default email address?
Next: Two server updates won't install - any way to remove them from the list??
From: Jim on 7 Jan 2010 07:49 It does work internally though. If I send a message from a user to the user who is configured for IMAP then I can reply to their messages OK. Only doesn't work if it is from an external domain..which bit in EMC ought I to be looking at ? Or is there a cmdlet that I could run ? Jim. "Jim" <jim(a)dontwantspam.com> wrote in message news:hi4ips$2g95$1(a)energise.enta.net... > ...found another difference as well.. > > The customers 'Accepted Domains' had domain.co.uk as the Default (True) > > My test rig has domain.local as the Default (True) , as does several other > SBS2008 servers which I have checked. > > I've changed theirs to domain.local as the Default (True) now...still > didn't make any difference but have not yet restarted any Exchange > services. > > Their server was an SBS2003 to SBS2008 SwingIT Migration.. > > Jim. > > > "Jim" <jim(a)dontwantspam.com> wrote in message > news:hi4g95$2cb5$1(a)energise.enta.net... >> Hmmm.. >> >> I find that I *can* reply to IMAP mesages on my test SBS2008 >> server...work on mine no problem. >> >> Though I am using Outlook 2007 on my test PC on my test rig as opposed to >> Outlook 2003 at the customer site..would this be relevant ? >> >> I've compared the settings on my server to the customers server and the >> only difference that I could see was that in the EMC in Server >> Configuration / Client Access / POP3 and IMAP4 / Authentication tab the >> customers has 'Sites' as the X.509 certificate name. >> >> ..mine had the fqdn of my test server.. etc: SERVER.domain.local >> >> I changed this to the fqdn of the customers server and restarted IMAP4 >> service...didn't seem to make any difference is this relevant. >> >> Apart from that everything else look identical...can't see where the >> difference is.. ?? >> >> I've not restarted Information Store on customer server as not ideal time >> to do this, could try that later.. >> >> Jim. >> >> >> "Jim" <jim(a)dontwantspam.com> wrote in message >> news:hi4c7q$25uq$1(a)energise.enta.net... >>> Hi Guys, >>> >>> Already tried lots of this already....though I'll go through it all >>> again in case I've missed something.. >>> >>> Main purpose for thisis that the customer has an IP PBX telephone system >>> that the voicemail uses IMAP to get voicemail messages from Exchange. >>> >>> Worked perfectly with Exchange 2003. >>> >>> Customer has upgraded to Exchange 2007...now we're having all sorts of >>> problems. >>> >>> So I thought let's start off with seeing whether I can use IMAP from a >>> simple Outlook client...and I couldn't. So I though until we get this >>> working then the telephone PBX most likely ain't going to work. >>> >>> Now we have changed the authentication to basic for IMAP on Exchange >>> 2007 I can logon from Outlook client and see messages but not send any >>> replies. >>> >>> Just get the unable to relay message. Have tried all the SMTP >>> authentication stuff on the Outlook client but sill won't work. >>> >>> The telephone PBX can now logon also.. as opposed to saying that it >>> cannot, .but it now says that there are no new voicemails...when there >>> actually are.. >>> >>> We think that the Outlook clients inability to send via IMAP might be >>> related to this. >>> >>> I'll go over it again. >>> >>> Jim. >>> >>> >>> ""Robbin Meng [MSFT]"" <v-robmen(a)online.microsoft.com> wrote in message >>> news:esHIcT1jKHA.3976(a)TK2MSFTNGHUB02.phx.gbl... >>>> >>>> Hi Jim, >>>> >>>> Thanks for your post and Ace's good suggestions. >>>> >>>> I am with Ace that the " Unable to relay" issue is possibly caused by >>>> the incorrect IMAP authentication for the SMTP server. The following >>>> examples demonstrate how Exchange Server accepts and >>>> relays mail by using authenticated relaying: >>>> >>>> " An anonymous user connects to the SMTP virtual server and attempts to >>>> deliver mail to an internal user in the Exchange organization. >>>> In this situation, the SMTP virtual server accepts the message because >>>> it is destined for an internal domain and because the user exists in >>>> Active Directory. >>>> " An anonymous user connects to the SMTP virtual server and attempts to >>>> deliver mail to an external user in an external domain. >>>> In this situation, the SMTP virtual server rejects the mail because it >>>> is destined for an external domain for which the Exchange server is not >>>> responsible. Because the user is not authenticated, the >>>> SMTP virtual server does not relay this mail outside of the Exchange >>>> organization. >>>> " A user connects to the SMTP virtual server using a Post Office >>>> Protocol (POP) or Internet Message Access Protocol (IMAP) client (for >>>> example, Microsoft Outlook? Express), authenticates, >>>> and then attempts to send a message to a user in an external domain. >>>> In this situation, the e-mail client connects directly to the SMTP >>>> virtual server and authenticates the user. Although the message is >>>> destined for a remote domain, the SMTP virtual server accepts and >>>> relays this mail because the user is authenticated >>>> >>>> To resolve this issue, configure Outlook Express to send authentication >>>> credentials: >>>> 1. On the Tools menu, click Accounts. >>>> 2. Click the current user account. >>>> 3. Click Properties. >>>> 4. Click the Servers tab. >>>> 5. Under Outgoing Mail Server, click to select the My server requires >>>> authentication check box. >>>> 6. Click Settings. >>>> 7. In the Logon Information dialog box, select one of the three >>>> following options: >>>> o Use same setting as my Incoming Mail server. The authentication >>>> credentials in the Incoming Mail Server option. >>>> o Log on using. Type the user account and password of the current user. >>>> o Log on using Secure Password Authentication. An authentication >>>> credential is displayed every time a message is sent. >>>> 8. Click OK until the Internet dialog box appears, and then click >>>> Close. >>>> >>>> In addition, here are some articles you may refer to configure your >>>> SMTP server authentication so that it can relay for IMAP client. >>>> >>>> Prevent anonymous access on internal SMTP virtual servers and dedicated >>>> SMTP virtual servers for IMAP and POP clients. >>>> http://technet.microsoft.com/en-us/library/bb123843(EXCHG.65).aspx >>>> >>>> Setting Relay Restrictions >>>> http://technet.microsoft.com/en-us/library/aa996446(EXCHG.65).aspx >>>> >>>> 550 5.7.1 Unable to relay for >>>> http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/1a84a06a-f1c8-40b4-ace8-1e264f218aa1 >>>> >>>> Hope this helps. >>>> >>>> >>>> >>>> Best regards, >>>> Robbin Meng(MSFT) >>>> Microsoft Online Newsgroup Support >>>> >>>> ================================================================== >>>> Please post your SBS 2008 related questions to the SBS newsgroup on >>>> Connect website: >>>> https://connect.microsoft.com/sbs08/community/discussion/richui/default.aspx >>>> >>>> Please post your EBS related questions to the EBS newsgroup on Connect >>>> website: >>>> https://connect.microsoft.com/ebs08/community/discussion/richui/default.aspx >>>> >>>> If you want to use a newsreader other than a web forum to access these >>>> newsgroups, >>>> please refer to the following blog to apply NNTP password and configure >>>> a newsreader: >>>> http://msmvps.com/blogs/bradley/archive/2008/11/02/signing-up-for-the-sbs-2008-newsgroups.aspx >>>> ================================================================== >>>> When responding to posts, please "Reply to Group" via your newsreader >>>> so >>>> that others may learn and benefit from your issue. >>>> ================================================================== >>>> This posting is provided "AS IS" with no warranties, and confers no >>>> rights. >>>> ================================================================== >>>> >>>> >>>>
From: Jim on 7 Jan 2010 07:55 >>which bit in EMC ought I to be looking at ? ...bearing in mind this is Exchange 2007 not Exchange 2003...it worked fine in Exchange 2003... Jim. "Jim" <jim(a)dontwantspam.com> wrote in message news:hi4l9q$2k6e$1(a)energise.enta.net... > It does work internally though. > > If I send a message from a user to the user who is configured for IMAP > then I can reply to their messages OK. > > Only doesn't work if it is from an external domain..which bit in EMC ought > I to be looking at ? > > Or is there a cmdlet that I could run ? > > Jim. > > > "Jim" <jim(a)dontwantspam.com> wrote in message > news:hi4ips$2g95$1(a)energise.enta.net... >> ...found another difference as well.. >> >> The customers 'Accepted Domains' had domain.co.uk as the Default (True) >> >> My test rig has domain.local as the Default (True) , as does several >> other SBS2008 servers which I have checked. >> >> I've changed theirs to domain.local as the Default (True) now...still >> didn't make any difference but have not yet restarted any Exchange >> services. >> >> Their server was an SBS2003 to SBS2008 SwingIT Migration.. >> >> Jim. >> >> >> "Jim" <jim(a)dontwantspam.com> wrote in message >> news:hi4g95$2cb5$1(a)energise.enta.net... >>> Hmmm.. >>> >>> I find that I *can* reply to IMAP mesages on my test SBS2008 >>> server...work on mine no problem. >>> >>> Though I am using Outlook 2007 on my test PC on my test rig as opposed >>> to Outlook 2003 at the customer site..would this be relevant ? >>> >>> I've compared the settings on my server to the customers server and the >>> only difference that I could see was that in the EMC in Server >>> Configuration / Client Access / POP3 and IMAP4 / Authentication tab the >>> customers has 'Sites' as the X.509 certificate name. >>> >>> ..mine had the fqdn of my test server.. etc: SERVER.domain.local >>> >>> I changed this to the fqdn of the customers server and restarted IMAP4 >>> service...didn't seem to make any difference is this relevant. >>> >>> Apart from that everything else look identical...can't see where the >>> difference is.. ?? >>> >>> I've not restarted Information Store on customer server as not ideal >>> time to do this, could try that later.. >>> >>> Jim. >>> >>> >>> "Jim" <jim(a)dontwantspam.com> wrote in message >>> news:hi4c7q$25uq$1(a)energise.enta.net... >>>> Hi Guys, >>>> >>>> Already tried lots of this already....though I'll go through it all >>>> again in case I've missed something.. >>>> >>>> Main purpose for thisis that the customer has an IP PBX telephone >>>> system that the voicemail uses IMAP to get voicemail messages from >>>> Exchange. >>>> >>>> Worked perfectly with Exchange 2003. >>>> >>>> Customer has upgraded to Exchange 2007...now we're having all sorts of >>>> problems. >>>> >>>> So I thought let's start off with seeing whether I can use IMAP from a >>>> simple Outlook client...and I couldn't. So I though until we get this >>>> working then the telephone PBX most likely ain't going to work. >>>> >>>> Now we have changed the authentication to basic for IMAP on Exchange >>>> 2007 I can logon from Outlook client and see messages but not send any >>>> replies. >>>> >>>> Just get the unable to relay message. Have tried all the SMTP >>>> authentication stuff on the Outlook client but sill won't work. >>>> >>>> The telephone PBX can now logon also.. as opposed to saying that it >>>> cannot, .but it now says that there are no new voicemails...when there >>>> actually are.. >>>> >>>> We think that the Outlook clients inability to send via IMAP might be >>>> related to this. >>>> >>>> I'll go over it again. >>>> >>>> Jim. >>>> >>>> >>>> ""Robbin Meng [MSFT]"" <v-robmen(a)online.microsoft.com> wrote in message >>>> news:esHIcT1jKHA.3976(a)TK2MSFTNGHUB02.phx.gbl... >>>>> >>>>> Hi Jim, >>>>> >>>>> Thanks for your post and Ace's good suggestions. >>>>> >>>>> I am with Ace that the " Unable to relay" issue is possibly caused by >>>>> the incorrect IMAP authentication for the SMTP server. The following >>>>> examples demonstrate how Exchange Server accepts and >>>>> relays mail by using authenticated relaying: >>>>> >>>>> " An anonymous user connects to the SMTP virtual server and attempts >>>>> to deliver mail to an internal user in the Exchange organization. >>>>> In this situation, the SMTP virtual server accepts the message because >>>>> it is destined for an internal domain and because the user exists in >>>>> Active Directory. >>>>> " An anonymous user connects to the SMTP virtual server and attempts >>>>> to deliver mail to an external user in an external domain. >>>>> In this situation, the SMTP virtual server rejects the mail because it >>>>> is destined for an external domain for which the Exchange server is >>>>> not responsible. Because the user is not authenticated, the >>>>> SMTP virtual server does not relay this mail outside of the Exchange >>>>> organization. >>>>> " A user connects to the SMTP virtual server using a Post Office >>>>> Protocol (POP) or Internet Message Access Protocol (IMAP) client (for >>>>> example, Microsoft Outlook? Express), authenticates, >>>>> and then attempts to send a message to a user in an external domain. >>>>> In this situation, the e-mail client connects directly to the SMTP >>>>> virtual server and authenticates the user. Although the message is >>>>> destined for a remote domain, the SMTP virtual server accepts and >>>>> relays this mail because the user is authenticated >>>>> >>>>> To resolve this issue, configure Outlook Express to send >>>>> authentication credentials: >>>>> 1. On the Tools menu, click Accounts. >>>>> 2. Click the current user account. >>>>> 3. Click Properties. >>>>> 4. Click the Servers tab. >>>>> 5. Under Outgoing Mail Server, click to select the My server requires >>>>> authentication check box. >>>>> 6. Click Settings. >>>>> 7. In the Logon Information dialog box, select one of the three >>>>> following options: >>>>> o Use same setting as my Incoming Mail server. The authentication >>>>> credentials in the Incoming Mail Server option. >>>>> o Log on using. Type the user account and password of the current >>>>> user. >>>>> o Log on using Secure Password Authentication. An authentication >>>>> credential is displayed every time a message is sent. >>>>> 8. Click OK until the Internet dialog box appears, and then click >>>>> Close. >>>>> >>>>> In addition, here are some articles you may refer to configure your >>>>> SMTP server authentication so that it can relay for IMAP client. >>>>> >>>>> Prevent anonymous access on internal SMTP virtual servers and >>>>> dedicated SMTP virtual servers for IMAP and POP clients. >>>>> http://technet.microsoft.com/en-us/library/bb123843(EXCHG.65).aspx >>>>> >>>>> Setting Relay Restrictions >>>>> http://technet.microsoft.com/en-us/library/aa996446(EXCHG.65).aspx >>>>> >>>>> 550 5.7.1 Unable to relay for >>>>> http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/1a84a06a-f1c8-40b4-ace8-1e264f218aa1 >>>>> >>>>> Hope this helps. >>>>> >>>>> >>>>> >>>>> Best regards, >>>>> Robbin Meng(MSFT) >>>>> Microsoft Online Newsgroup Support >>>>> >>>>> ================================================================== >>>>> Please post your SBS 2008 related questions to the SBS newsgroup on >>>>> Connect website: >>>>> https://connect.microsoft.com/sbs08/community/discussion/richui/default.aspx >>>>> >>>>> Please post your EBS related questions to the EBS newsgroup on Connect >>>>> website: >>>>> https://connect.microsoft.com/ebs08/community/discussion/richui/default.aspx >>>>> >>>>> If you want to use a newsreader other than a web forum to access these >>>>> newsgroups, >>>>> please refer to the following blog to apply NNTP password and >>>>> configure a newsreader: >>>>> http://msmvps.com/blogs/bradley/archive/2008/11/02/signing-up-for-the-sbs-2008-newsgroups.aspx >>>>> ================================================================== >>>>> When responding to posts, please "Reply to Group" via your newsreader >>>>> so >>>>> that others may learn and benefit from your issue. >>>>> ================================================================== >>>>> This posting is provided "AS IS" with no warranties, and confers no >>>>> rights. >>>>> ================================================================== >>>>> >>>>> >>>>>
From: Ace Fekay [MVP-DS, MCT] on 7 Jan 2010 08:44 "Jim" <jim(a)dontwantspam.com> wrote in message news:hi4l9q$2k6e$1(a)energise.enta.net... > It does work internally though. > > If I send a message from a user to the user who is configured for IMAP > then I can reply to their messages OK. > > Only doesn't work if it is from an external domain..which bit in EMC ought > I to be looking at ? > > Or is there a cmdlet that I could run ? > > Jim. It works internally because it is using the currently logged on user account for credentials. If you look at the IMAP settings in the EMC, Authentication, can you describe your current permisisons list, please? Ace
From: Jim on 7 Jan 2010 14:50 >If you look at the IMAP settings in the EMC, Authentication, can you >describe your current permisisons list, please? Which area are you referring to specifically ? The Authentication tab is set to 'Plain text logon (Basic authentication ) no TLS' Not sure what you mean regards permissions list ? I've been all the way through all the settings on both the server that doesn't work, the customers SBS2008 server ..and my test SBS2008 server that does work ..and they are pretty much identical. That's what's puzzling me.. Jim. "Ace Fekay [MVP-DS, MCT]" <aceman(a)mvps.RemoveThisPart.org> wrote in message news:ewsNS#5jKHA.1540(a)TK2MSFTNGP06.phx.gbl... > "Jim" <jim(a)dontwantspam.com> wrote in message > news:hi4l9q$2k6e$1(a)energise.enta.net... >> It does work internally though. >> >> If I send a message from a user to the user who is configured for IMAP >> then I can reply to their messages OK. >> >> Only doesn't work if it is from an external domain..which bit in EMC >> ought I to be looking at ? >> >> Or is there a cmdlet that I could run ? >> >> Jim. > > > It works internally because it is using the currently logged on user > account for credentials. > Ace >
From: Ace Fekay [MVP-DS, MCT] on 7 Jan 2010 19:24
"Jim" <jim(a)dontwantspam.com> wrote in message news:hi5du7$pej$1(a)energise.enta.net... > >If you look at the IMAP settings in the EMC, Authentication, can you > >describe your current permisisons list, please? > > Which area are you referring to specifically ? > > The Authentication tab is set to 'Plain text logon (Basic authentication ) > no TLS' > > Not sure what you mean regards permissions list ? > > I've been all the way through all the settings on both the server that > doesn't work, the customers SBS2008 server ..and my test SBS2008 server > that does work ..and they are pretty much identical. > That's what's puzzling me.. > > Jim. Both the customers and your server do not work? What port are you specifying in the client? Port 25 or 587? When you specify the user account to use for authentication, are you specifying it as NetBiosDomainName\alias and the password? Let's take a look at the settings.... For IMAP4: Keep in mind, IMAP4 is a client retrieval protocol. It has nothing to do with sending mail. SMTP handles sending mail from the client. These are the retrieval settings. You've already established this part works, but I just wanted to point out the settings . Open EMC Expand Server Conifiguration Client Access In the middle pane, buttom, click on the POP3 & IMAP4 tab Right Click IMAP4, Choose Properties Make sure "Plain Text Logon (Basic Authentication). No TLS connection..." is selected. For Client Sending (SMTP): Open EMC Expand Server Configuration Expand Hub Transport In the middle pane, bottom, Click on the Receive Connectors tab Right Click "Client ServerName," choose Properties Network Tab: You will see it uses port 587 (not 25 as most would think) Authentication Tab: Select: TLS Basic Offer Basic Integrated Windows Permissions Group Tab: select: Anonymous Users Exchange Users Also, another way is to allow anonymous to relay. But that is exposing a big hole for the machine. One way to circumvent that is to create an additional Receive connector, however you would want an additional IP address on the SBS to do that, which will cause numerous issues. Take a look at the following link to know what I mean, including a command to open relaying. However, I highly advise AGAINST it. Allowing application servers to relay off Exchange Server 2007 http://msexchangeteam.com/archive/2006/12/28/432013.aspx Try using port 587 in the client, make sure the credentials are set correctly (as stated above), and give it a try. Let us know how you make out. Ace |