Solved

Outlook 2007 with SMTP/Exchange accounts in SBS 2011 environment

Posted on 2011-09-14
4
677 Views
Last Modified: 2012-05-12
A client has a goofy configuration and this type of config is how is HAS to be unfortunately.
 - MS SBS 2011 Std
 - Mixed LAN clients of XP, 7
 - Office 2007 on all clients

Client is "cost effective" in terms of IT.  There is no static IP, only DHCP for WAN address.  Further, they also have POP3 accounts at FatCow which can not be managed by the SBS server.  Due to that, their user profile MSO has a primary SMTP/POP3 account with a secondary internal Exchange account.  Mail is POP'd down and delivered to Exchange store.  This setup works ok but they get a certificate mismatch error from FatCow when MSO is first opened up.  Internal DNS has all of the correct records in place (autodiscover., mail., etc) to match the self signed internal certificate.  I'm not sure what is triggering the certificate mismatch error from FatCow.  Internal pings show all the records are hitting the correct server IP address.  We've tried shutting down autodiscover on the clients and that causes GAL sync issues but does not eliminate the mismatch error.

Thoughts?  TIA!

Steve
0
Comment
Question by:sdeblock
4 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
Comment Utility
Are you sure the certificate mismatch when you open Outlook up is from Fatcow.  You don't need SSL for a POP3 / SMTP account.  It would be more likely your SBS 2011 server with the wrong cert on it.

When it was purchased / configured, did anyone buy a 3rd party SAN / UCC (Multi-Name) SSL Certificate?  If not - this is why you are getting the errors.

You will need the following names included on your SSL cert:

remote.externaldomain.com (or whatever SBS was configured as - e.g., mail.externaldomain.com)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername
sites

Internal DNS does not need DNS records created.  You DO need an External DNS record configured for Autodiscover to work and that has to be an A record and it needs to point to the IP Address of your server, which will be tricky with a dynamic IP Address!

Any reason you can't get a fixed IP Address?
0
 
LVL 3

Assisted Solution

by:dahesi
dahesi earned 250 total points
Comment Utility
normally pop3 doesnt use ssl, except port 995.
Does your fatcow account uses secured pop or just pop port 110?

maybe it will help if you install the latest "rootupdates" from ms:
http://www.microsoft.com/download/en/details.aspx?id=6149
we have sometimes cert issues behind a wsus environment.

if this doesnt help: if you use port 995 and if you have to.. contact fatcow for that issue
0
 
LVL 6

Expert Comment

by:jaredr80
Comment Utility
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Outlook Free & Paid Tools
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now