Solved

Exchange 2007 POP3 Login Failur

Posted on 2009-05-15
2
753 Views
Last Modified: 2013-11-29
We have a new Exchange 2007 install.  It is 20007 w/ SP1 on a 64bit Windows 2008 server.  I am unable to get users logged in via POP3.  All other functionality is working, meaning connecting via Outlook with an exchange profile via rpc and rpc over https (outlook anywhere) both 2003 and 2007 outlook clients, sending and receiving with these profiles.  Owa works fine.  I am even able to send smtp mail from outlook (not using exchange profile), authenticatre to the server (no ssl/tls, using basic) to send via smtp direct from outlook.  A little more about our setup.  Our exchange server is part of an internal domain.  One of our two domain controllers is on the same subnet as the exchange server.  We use a certficate we created using our own CA server and have that CA root in all users systems.  POP3 service is turned on and it is enabled at the mailbox level.  The outlook error we recive is:  LOG ONTO INCOMING MAIL SERVER (POP3): OUTLOOK COULD NOT CONNECT OT HTE INCOMING POP3 MAIL SERVER BECAUSE THE SERVER DID NOT ACCEPT YOU USERNAME OR PASSWORD.  I know the usernams and password are good since I am able to use SMTP.
When I start the pop3 service after a reboot, or manually restart the service, the following eror appears in the event logs:
Log Name:      Application
Source:        MSExchangePOP3
Date:          5/14/2009 10:35:31 PM
Event ID:      2007
Task Category: (1)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      host.localdomain.local
Description:
A certificate for the host name "mailhost.externaldomain.com" could not be found. SSL or TLS encryption cannot be made to the POP3 service.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangePOP3" />
    <EventID Qualifiers="49156">2007</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2009-05-15T04:35:31.000Z" />
    <EventRecordID>3762</EventRecordID>
    <Channel>Application</Channel>
    <Computer>host1.localdomainname.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>mailhost.externaldomain.com</Data>
  </EventData>
</Event>
(obviosly I have changed the internal and external FQDN)

After a pop3 login fails, the following entry is found in the event logs:

Log Name:      Application
Source:        MSExchangeTransport
Date:          5/15/2009 8:43:04 AM
Event ID:      1035
Task Category: SmtpReceive
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      host1.localdomain.local
Description:
Inbound authentication failed with error LogonDenied for Receive connector Default host1. The authentication mechanism is Login. The source IP address of the client who tried to authenticate to Microsoft Exchange is [x.x.x.125].
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangeTransport" />
    <EventID Qualifiers="32772">1035</EventID>
    <Level>3</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2009-05-15T14:43:04.000Z" />
    <EventRecordID>3878</EventRecordID>
    <Channel>Application</Channel>
    <Computer>host1.localdomain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>LogonDenied</Data>
    <Data>Default host1</Data>
    <Data>Login</Data>
    <Data>X.X.X.125</Data>
  </EventData>
</Event>

Here are ouputs of some shell commands:
POP3 Settings:
UnencryptedOrTLSBindings  SSLBindings   LoginType     X509CertificateName
------------------------  -----------   ---------     -------------------
{:::110, 0.0.0.0:110}     {:::995, 0... PlainTextL... mailhost.externaldomain.com

Get-ExchagneCertifiacate:

Thumbprint                                Services   Subject
----------                                --------   -------
xxxxxxxxxxxxxxxxxxxxxxx  IP.WS      CN=mailhost.externaldomain.com, OU...

Assistance Apreciated

0
Comment
Question by:jtmoske
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Accepted Solution

by:
jtmoske earned 0 total points
ID: 24432786
This was resolved w/o experts-exchange help.
0
 

Expert Comment

by:kedarroy
ID: 24434123
what was the solution?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question