Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Confirmation of Blackberry message flow

Posted on 2008-10-01
Medium Priority
Last Modified: 2013-12-09
Hi there

I was just hoping someone could help with a query I had about how Blackberry Enterprise Server works in a corporate environment;

Let's say we have;

We have two BES servers, BES1 and BES2. BES1 holds the account for User1 and BES2 for User2.

Likewise, we have two Exchange servers, Exch1 and Exch2. User1's account is on Exch1 and User2's on Exch2.

Our mail domain is

Am I correct in thinking that the message flow works like this;

BES1 and BES2 make a connection on port 3101 to the RIM server on the Internet. They authenticate themselves with the SRP Authentication key that is held on each BES server, and identifiy themselves with the SRP Identifier, also held on each server, and which is globally unique. This way, the RIM server has an identifier for each BES server and its corresponding mail domain that is connected to it. Both BES servers transfer information such as who has an account on which server, what the mail domain is etc etc.

We create an account for User1 on BES1. We also wirelessly activate User1's handheld. When we enter User1's mail address,, the handheld talks to the RIM server. The RIM server checks its table of mail domain names and finds out that is registered to BES1 and BES2. It then finds out which server holds the account for User1 and tells BES1 that User1 has a handheld with a PIN of #### and an IP of xxxxx (the device has an IP since it is on a GPRS network).

The same process occurs for User2.

The BES servers then communicate with Exch1 and Exch2 and pull information relating to User1 and User2 (e.g mails) and sends this information, via the RIM server, to the handheld devices.

If User1 sends a mail from his Blackberry, then the handheld device connects to the RIM server to state that a mail has been sent. The RIM server sends this information to BES1, and BES1 connects to Exch1 and sends a mail - on behalf of that user - using the BESAdmin account.

Am I correct in my thinking above?

Just a couple of questions;

a) Where do Service Books fit in with this?
b) How does encryption work with mails?
c) Do the BES servers connect to all Exchange servers in an organisation, or just one?

Hope someone can help! I would prefer an answer to my questions rather than a link to the Blackberry site, since it's from the Blackberry site that I'm getting my basic information.


Question by:bruce_77
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 12

Accepted Solution

Kurt_Braeckmans earned 1600 total points
ID: 22613724
You're correct in your thinking.

Some answers on your questions:
a) the service books holds track of the SRP key. So the BB gives this key at RIM, and then they know were to send the message.
b)the BES encrypts the message
c)On the BES you have messaging agents who connects to the specific exchange servers.
Users on the BES are assigned to an messaging agent.  This means that the BES can connect to all exchange servers.

Author Comment

ID: 22613770
Hi Kurt

Ok, thanks...just some quick questions;

a) The service books are sent to the handhelds, correct? Why do the handhelds need to know the SRP key, or is this so that when they connect to the RIM server, the RIM server does not need to keep doing a lookup on the mail domain name?

b) Is the encryption data held in the service book as well?

c) What is a messaging agent exactly? Is it a user account?

LVL 12

Expert Comment

ID: 22614273
a) the service books are indeed send to the handhelds.  probably to make the lookup easier when mail is  transferred from handheld to BES.

b) here you find a good explanation when encryption is used when activating a BB:

c)the agents looks in the exchange mailbox that there are new changed items and gives this at the BES.  This is taken care of by a service

I also found a good link what the service books do:
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.


Author Comment

ID: 22616649
Thanks Kurt, just one final question and that will be all!

What information do the Service Books actually contain, apart from SRP keys?
LVL 11

Assisted Solution

ALogvin earned 400 total points
ID: 22620774
Think of a Service Book like a device driver for your computer mouse. It contains the data that allows the device to use advanced features of the hardware. For example, the Desktop [CICAL] service book can contains information that allows your device to be syncronized wirelessly. If you were to plug your device into Desktop Manager, it woudlnt sync it over the wire, as it knows that you sync wirelessly.
LVL 12

Expert Comment

ID: 22621816
Alogvin is right.  That's the most simple explanation.

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A little while ago I had a need to reinstall a Blackberry Enterprise server in order to fix a particular problem.  As I did not know the existing certificate password I entered a new one which resulted in the Administration page displaying that it "…
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question