Outlook 2007 with SMTP/Exchange accounts in SBS 2011 environment

A client has a goofy configuration and this type of config is how is HAS to be unfortunately.
 - MS SBS 2011 Std
 - Mixed LAN clients of XP, 7
 - Office 2007 on all clients

Client is "cost effective" in terms of IT.  There is no static IP, only DHCP for WAN address.  Further, they also have POP3 accounts at FatCow which can not be managed by the SBS server.  Due to that, their user profile MSO has a primary SMTP/POP3 account with a secondary internal Exchange account.  Mail is POP'd down and delivered to Exchange store.  This setup works ok but they get a certificate mismatch error from FatCow when MSO is first opened up.  Internal DNS has all of the correct records in place (autodiscover., mail., etc) to match the self signed internal certificate.  I'm not sure what is triggering the certificate mismatch error from FatCow.  Internal pings show all the records are hitting the correct server IP address.  We've tried shutting down autodiscover on the clients and that causes GAL sync issues but does not eliminate the mismatch error.

Thoughts?  TIA!

Steve
sdeblockAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
Are you sure the certificate mismatch when you open Outlook up is from Fatcow.  You don't need SSL for a POP3 / SMTP account.  It would be more likely your SBS 2011 server with the wrong cert on it.

When it was purchased / configured, did anyone buy a 3rd party SAN / UCC (Multi-Name) SSL Certificate?  If not - this is why you are getting the errors.

You will need the following names included on your SSL cert:

remote.externaldomain.com (or whatever SBS was configured as - e.g., mail.externaldomain.com)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername
sites

Internal DNS does not need DNS records created.  You DO need an External DNS record configured for Autodiscover to work and that has to be an A record and it needs to point to the IP Address of your server, which will be tricky with a dynamic IP Address!

Any reason you can't get a fixed IP Address?
0
 
dahesiConnect With a Mentor Commented:
normally pop3 doesnt use ssl, except port 995.
Does your fatcow account uses secured pop or just pop port 110?

maybe it will help if you install the latest "rootupdates" from ms:
http://www.microsoft.com/download/en/details.aspx?id=6149
we have sometimes cert issues behind a wsus environment.

if this doesnt help: if you use port 995 and if you have to.. contact fatcow for that issue
0
 
jaredr80Commented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.