Solved

Mobile POP Exchange Accounts Unable to send outgoing emails

Posted on 2011-03-03
29
1,291 Views
Last Modified: 2012-05-11
We are currently migrating our mail system from Exchange 2003 to Exchange 2010. Tomorrow is deployment day. Mailbox configuration and everything is fine. The only thing that is still not a 100% is POP / mobile email. We are not using SSL or any secure certificates. For test purpose, i tried configuring a test account on the new server to an iPhone and an Android device. Initially, i was unable to configure POP account on these phones. I would set the incoming mail server address (smtp.xxxx.com) and port (25) and enter the outgoing (same smtp.xxxx.com and port 110) and it would say "unable to authenticate outgoing server". But I was able to finish configuring if I chose "Outgoing does not require authentication". But then I can receive emails, but not send emails. Currently, for our accounts in Exchange 2003, I use the same settings:
Incoming server: smtp.xxxx.com, port:25, outgoing same server and port:110. and they work fine. Is there any additional thing I need to set on Exchange 2010 to be able to authenticate outgoing emails from phones? Please help as tomorrow is deployment day.
0
Comment
Question by:isaackhazi
  • 16
  • 9
  • 4
29 Comments
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
You need to authenticate to be able to send, enter the username in the format of DOMAIN\username or username@domain.com.

Specify the username and password instead of using the "use same as incoming server"

Question though?? Why aren't you using ActiveSync?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
tried domain\username, username@domain.com ... and i tried specifying username and password instead of same as incoming server config....
same result... unable to authenticate...

exchange activesync can be used on all phones? even on blackberries (with no bb enterprise setup)?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
also, i made a mistake in my first post... i meant, i used port 110 for incoming and 25 for outgoing, not the other way around..
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
With a blackberry you would use Blackberry Internet Service.

Most phones apart from the blackberry these days have ActiveSync
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
mainly the problem is, most of our senior staff work in remote branches and its hard for me to reconfigure their phones. their phones are already setup to the old exchange through pop using the settings i mentioned above. I have pointed the router to direct to the new server for pop port and smtp port. i'm configuring a android phone now. after i enter the values for outgoing server details, i get this message:

"you outgoing server does not support authentication. please verify your outgoing server settings."

incoming username is just username (it connected without specifying domain\username or username@domain.com)
outgoing i tried username@domian.com, just username, domain\username... still no use.

any idea why this is happening? why exchange the accounts on exchange 2003 are able to authenticate and not for the accounts in 2010?
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
What authentication settings to you have configured on the default receive connector in Exchange 2010?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
on exchange 2010 management console > server config > client access > pop & imap:

both pop and imap authentication settings are set to: use pain text authentication (integrated windows authentication). No TLS connection required
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
sorry, my mistake, both pop and imap authentication settings are set to: use pain text authentication (basic authentication). No TLS connection required

incoming server config on the phones wont authenticate unless i use basic authentication.
0
 
LVL 31

Expert Comment

by:MegaNuk3
Comment Utility
Have a look at the authentication methods on the Client ReceiveConnector

Create a new test user and mailbox, send the mailbox a few mails, then setup outlook to access that mailbox over POP and see if can send mail, then test from an external Outlook client if you can.
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
Yes but what about the SMTP Receive Connector will be called DEFAULT Servername
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
i tried settings up pop account for the same test account on my outlook here at work, while configuring, outlook tests incoming and outgoing settings, everything completed successfully. there were two or three emails in that inbox, they were downloaded into the inbox. but when i tried sending an external email to my gmail account, i received an undeliverable message saying : Server error: '550 5.7.1 Unable to relay'

as for smtp receive connector in server config and default servername, authentication settings are:

TLS : checked
Enable domain security : unchecked

basic authentication: checked
offer basic authentication only after starting TLS : checked

Exchange server authentication: checked

Integrated windows authentication: checked

external security: unchecked
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
connecting to the same account through OWA, i can send and receive emails successfully.
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
OWA isn't going to help here, and as I said you really should be using ActiveSync.

on the DEFAULT servername connector what do you have listed under the network tab? Is there any restrictions?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
use these ip addresses to receive email:
(all available ipv6) : port 25
(all available ipv4) : port 25

receive emails from remote servers that have IP addresses:

::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
0.0.0.0-255.255.255.255


but for blackberry phones i still need pop right?
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
no, as I already said, for blackberry phones you can use Blackberry Internet Service from your data provider.

Oh wait, hold on you should be using the other connector on port 587, sorry, you need to setup your router/firewall to forward port 587 and use secute SMTP on the devices.  With the authentication methods I mentioned above.
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
i forwarded port 587 to exchange 2010 server. on the outgoing settings on the phone, i specified port 587. now i get a different error:

"cannot connect to the mail server to verify your account information. your  server is not responding."
0
 
LVL 31

Assisted Solution

by:MegaNuk3
MegaNuk3 earned 100 total points
Comment Utility
The blackberry phones can synch mail with Exchange via WebDav, which basically means they talk to the Exchange mailbox through OWA.

I'd setup ActiveSync as it is more feature rich, more secure, quicker and easier to setup on devices than POP/IMAP
0
 
LVL 31

Expert Comment

by:MegaNuk3
Comment Utility
Out of interest on the outlook POP client could you send mail to internal people? Did you set it up so it authenticated with the Outgoing server?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
okay. now in order to setup active sync on the phones, what do i need to do?
do they use vpn to connect? how do they find our mailserver through the internet if no vpn is used?

for example,  for pop: our web hosting company forwards smtp.xxxx.com to our router's static IP address and i've specified port 110 to and other smtp port 25 to be forwarded to our mailserver itnternal IP address.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 400 total points
Comment Utility
to setup ActiveSync you can still use the smtp.domainname.com (as long as this is in your SSL Certificate) you just need to forward port 443 from your router/firewall to your internal IP address of your Exchange server.
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
dear meganuke,

when i set up the test pop account from exchange 2010 server, and tried to send external outgoing email to my gmail account, i received the error:

            Server error: '550 5.7.1 Unable to relay'

but i could send internal email from the very same exchange 2010 pop account to my exchange 2003 account.
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
dear demazter,

we do not have ssl certificate right now. so can i use port 80 instead?
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
You will have a self signed SSL Certificate on your Exchange Server, it's default with Exchange 2010
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
oh ok... got it...
i just setup my exchange 2003 account on this android phone using exchange active sync. it said it cannot trust the ssl cert, i chose continue anyway. i was able to send and receive emails.

lemme try with the echange 2010 account now... will let u know in a few minutes.
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
when trying to configure exchange active sync for the exchange 2010 account, it gives an error:

your microsoft exchange server account does not have permission to sync with your current settings. contact your exchange system admin"
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
under the properties of the user account is ActiveSync Enabled?
Are you logged using a Domain Admin account?
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
sorry about that.

i had unchecked ssl. this time i selected ssl and it worked. now i can send and receive internal and external emails through active sync on the mobile phones.

thanks demazter.

now i'll test the blackberry internet service for the test account on one of the blackberry phones here and will let you know soon.

cheers
0
 
LVL 8

Author Comment

by:isaackhazi
Comment Utility
i've tested exchange activesync on android, iphone and nokia and set up bb internet mail service. they all work!!!

thank you guyz... i've learnt a lot today!

cheers!
0
 
LVL 31

Expert Comment

by:MegaNuk3
Comment Utility
No problem, glad you have seen the advantages of ActiveSync and are going to use it instead of POP.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video discusses moving either the default database or any database to a new volume.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now