Confirmation of Blackberry message flow

Posted on 2008-10-01
Last Modified: 2013-12-09
Hi there

I was just hoping someone could help with a query I had about how Blackberry Enterprise Server works in a corporate environment;

Let's say we have;

We have two BES servers, BES1 and BES2. BES1 holds the account for User1 and BES2 for User2.

Likewise, we have two Exchange servers, Exch1 and Exch2. User1's account is on Exch1 and User2's on Exch2.

Our mail domain is

Am I correct in thinking that the message flow works like this;

BES1 and BES2 make a connection on port 3101 to the RIM server on the Internet. They authenticate themselves with the SRP Authentication key that is held on each BES server, and identifiy themselves with the SRP Identifier, also held on each server, and which is globally unique. This way, the RIM server has an identifier for each BES server and its corresponding mail domain that is connected to it. Both BES servers transfer information such as who has an account on which server, what the mail domain is etc etc.

We create an account for User1 on BES1. We also wirelessly activate User1's handheld. When we enter User1's mail address,, the handheld talks to the RIM server. The RIM server checks its table of mail domain names and finds out that is registered to BES1 and BES2. It then finds out which server holds the account for User1 and tells BES1 that User1 has a handheld with a PIN of #### and an IP of xxxxx (the device has an IP since it is on a GPRS network).

The same process occurs for User2.

The BES servers then communicate with Exch1 and Exch2 and pull information relating to User1 and User2 (e.g mails) and sends this information, via the RIM server, to the handheld devices.

If User1 sends a mail from his Blackberry, then the handheld device connects to the RIM server to state that a mail has been sent. The RIM server sends this information to BES1, and BES1 connects to Exch1 and sends a mail - on behalf of that user - using the BESAdmin account.

Am I correct in my thinking above?

Just a couple of questions;

a) Where do Service Books fit in with this?
b) How does encryption work with mails?
c) Do the BES servers connect to all Exchange servers in an organisation, or just one?

Hope someone can help! I would prefer an answer to my questions rather than a link to the Blackberry site, since it's from the Blackberry site that I'm getting my basic information.


Question by:bruce_77
  • 3
  • 2
LVL 12

Accepted Solution

Kurt_Braeckmans earned 400 total points
ID: 22613724
You're correct in your thinking.

Some answers on your questions:
a) the service books holds track of the SRP key. So the BB gives this key at RIM, and then they know were to send the message.
b)the BES encrypts the message
c)On the BES you have messaging agents who connects to the specific exchange servers.
Users on the BES are assigned to an messaging agent.  This means that the BES can connect to all exchange servers.

Author Comment

ID: 22613770
Hi Kurt

Ok, thanks...just some quick questions;

a) The service books are sent to the handhelds, correct? Why do the handhelds need to know the SRP key, or is this so that when they connect to the RIM server, the RIM server does not need to keep doing a lookup on the mail domain name?

b) Is the encryption data held in the service book as well?

c) What is a messaging agent exactly? Is it a user account?

LVL 12

Expert Comment

ID: 22614273
a) the service books are indeed send to the handhelds.  probably to make the lookup easier when mail is  transferred from handheld to BES.

b) here you find a good explanation when encryption is used when activating a BB:

c)the agents looks in the exchange mailbox that there are new changed items and gives this at the BES.  This is taken care of by a service

I also found a good link what the service books do:
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.


Author Comment

ID: 22616649
Thanks Kurt, just one final question and that will be all!

What information do the Service Books actually contain, apart from SRP keys?
LVL 11

Assisted Solution

ALogvin earned 100 total points
ID: 22620774
Think of a Service Book like a device driver for your computer mouse. It contains the data that allows the device to use advanced features of the hardware. For example, the Desktop [CICAL] service book can contains information that allows your device to be syncronized wirelessly. If you were to plug your device into Desktop Manager, it woudlnt sync it over the wire, as it knows that you sync wirelessly.
LVL 12

Expert Comment

ID: 22621816
Alogvin is right.  That's the most simple explanation.

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DHCP setup on wired and wireless 10 76
Connect to wifi using GPO 6 76
Auto channel for WiFi (Access Point) 3 100
Aruba Controller and access point 9 114
Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now.  But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this …
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question