POP3 mail retrival from China failing

I am currently running Exchange 2003 server in the United States. I have about 5-7 employees in China that connect to our exchange server using Outlook Express over POP3. Last week they started having problems retrieving their email. everytime they started a send/recieve of their email they recieved an error. So I had the IT guy there connect to my server via telnet and attempt to check an email on one of the accounts. he was able to connect, execute the LIST and STAT commands. When he execute the RETR command to retieve a message he recieved a portion of it and then the telnet connection reported that the connection was dropped. I have no problems with pop 3 on that same account here in the states. I have even tested the server via a telnet connection at 2400 baud to determine if there was a speed factor involved and it still worked for me. Exchange server is showing no errors in any of the logs even with Diagnostic Logging turned on maximum for the POP3 service. ANyone have any ideas what might be causing this or any ideas of what else to test for?

Who is Participating?
flyguybobConnect With a Mentor Commented:
In all seriousness, due to how the Chinese filter and packet-inspect their traffic, you may be better off implementing and testing RPC over HTTPS.  This is not a problem with your Exchange server, as you have already discovered.

The only other option may be setting up a local Exchange server in China and setting up a Routing Group and Routing Group Connector between your server and the server in China.  Work with the local Chinese authorities and the local Chinese ISP to ensure that the firewall connectivity is allowed between the IP of your box and the IP of the box in China.  However, occasionally you may find that the link state packets (they go over Port 25, SMTP, between routing groups).

There is not anything that you can change on your Exchange server to get around these issues.
Welcome to the "Great Firewall of China."
thelaziestninjaAuthor Commented:
Yeah that is my suspicion that something at their ISP or the great firewall has changed. This set up has been working for well over a year, it's just odd that it suddenly stopeed.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Unfortunately, this is one of those cases where there does not appear to be a technical answer that will fix the issue on your Exchange server.

If you are in a country that is 'somewhere other than China', you should be able to see this article:

Why do I say this?  Because wikipedia is blocked by Chinese censorship:

In the grand scheme of things, once you find out the root cause (as has already been determined, it is not your Exchange server), it won't seem as odd.  The Chinese users need to contact their ISP, which is generally ran by authorities/government in China, and they need to see if the ports or the POP3 verbs are being blocked.  It might be something simple that they can work with the ISP to resolve.

Since it is not a problem with the Exchange server, then it's on the 8th (and unspoken) layer of the OSI model - Politics.  All People Seem To Need Data Processing (and) Politicians.  That is a model that the user community and IT community has to fix.  Without the political layer fixed the physical layer will not function.  Regardless of community, country, state, etc.

As long as your company or organization is not censored, you *may* be able to run RPC over HTTPs if they have Outlook 2003.  You have Exchange 2003, which is the other precursor.  For more info, please see Sembee's site:

Otherwise, your users in China need to touch base with their ISP to see if this issue can be resolved or if they can work around this issue somehow.
It would have been cool to hear what the outcome was (the ISP, the Great Firewall of China, etc)...
thelaziestninjaAuthor Commented:
Actually I was able to fix the problem, I simply enabled SSL on the POP3 connection and everything worked fine after that.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.