SolarWinds® Flow Tool Bundle combines three easy-to-download, easy-to-use flow analysis tools that can help you quickly distribute, test, and configure your flow traffic.
Exchange 2016 POP3 configuration
I have a Client that uses Reynolds & Reynolds to send and receive emails to/from customers with the program. They are able to send but not receive. Spoke with R&R support and they use POP3/port 995 to receive emails to the program. I'm trying to configure POP3 and think I have everything set but I'd rather be 120% sure rather than leave a security risk open.
In Management Shell I ran the >Set-PopSettings to configure everything and when i run Get-PopSettings I get
InternalConnectionSettings
ExternalConnectionSettings
UnencryptedOrTLSBindings: {x.x.x.x:110} (x.x.x.x = external exchange IP)
SSLBindings: {x.x.x.x:995} (x.x.x.x = external exchange IP)
Cert Name email.domain.com
Does this look correct? Should the Binding be the External IP or Internal? Testing using Microsoft Analyzer (https://go.microsoft.com/fwlink/p/?LinkID=313839) fails with
Test TCP port 995 on host email.domain.com to ensure its listening and open. The specified port is either blocked, not listening, or not producing the expected response.
Any help is appreciated and if you need more info let me know.
Thank you!
In Management Shell I ran the >Set-PopSettings to configure everything and when i run Get-PopSettings I get
InternalConnectionSettings
ExternalConnectionSettings
UnencryptedOrTLSBindings: {x.x.x.x:110} (x.x.x.x = external exchange IP)
SSLBindings: {x.x.x.x:995} (x.x.x.x = external exchange IP)
Cert Name email.domain.com
Does this look correct? Should the Binding be the External IP or Internal? Testing using Microsoft Analyzer (https://go.microsoft.com/fwlink/p/?LinkID=313839) fails with
Test TCP port 995 on host email.domain.com to ensure its listening and open. The specified port is either blocked, not listening, or not producing the expected response.
Any help is appreciated and if you need more info let me know.
Thank you!
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
LVL 26
Make sure that pop is enabled on all your exchange servers, and make sure the firewall isn't blocking those ports and forwards traffic on those ports to your exchange servers. Your settings look fine check firewall.
Are the pop3 frontend- and backend services running?
In a default Exchange Installation the pop3 services are configured as manual start, not automatic. You should reconfigure them as automatic and start the services, if you want to use pop3
In a default Exchange Installation the pop3 services are configured as manual start, not automatic. You should reconfigure them as automatic and start the services, if you want to use pop3
I will check Firewall but i think Sebastian may be onto something. Both Services are set to automatic but only POP3 Backend is running. When i try to start POP3 i get
"The Microsoft Exchange POP3 service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs."
Quick google search suggested checking receive connector bindings but nothing came back on 995 or 110 ... i did notice that the bindings that were returned to me all looked like {[::]:587, 0.0.0.0:587} and when i look at the bindings for POP3 i have
UnencryptedOrTLSBindings: {1.2.3.4:110}
SSLBindings: {1.2.3.4:995}
where 1.2.3.4 = my external IP. Should this not be configured? Should it instead return back {0.0.0.0:995} ?
"The Microsoft Exchange POP3 service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs."
Quick google search suggested checking receive connector bindings but nothing came back on 995 or 110 ... i did notice that the bindings that were returned to me all looked like {[::]:587, 0.0.0.0:587} and when i look at the bindings for POP3 i have
UnencryptedOrTLSBindings: {1.2.3.4:110}
SSLBindings: {1.2.3.4:995}
where 1.2.3.4 = my external IP. Should this not be configured? Should it instead return back {0.0.0.0:995} ?
is the external IP directly on one of the network interfaces? Or only through NAT or proxy routed to the Exchange Server?
If there is no need to restrict pop3 access, I would set it back to 0.0.0.0
If there is no need to restrict pop3 access, I would set it back to 0.0.0.0
It's set through a sonicwall nat policy. I would use the same Set-PopSettings [-SSLBindings 0.0.0.0:995] correct?
This won't open us up to anything undesirable will it? Spoofing/hacking, etc? That is my main concern
This won't open us up to anything undesirable will it? Spoofing/hacking, etc? That is my main concern
I think that is the reason why the service is not starting - it can not bind to an IP that is not registered on the host itself.
Binding of a protocol / port to one IP has nothing to do with authentification / security. It is only relevant if your Exchange Server has multiple IP Addresses, and you want to limit this protocol to one of the IP Adresses.
https://docs.microsoft.com/en-us/exchange/clients/pop3-and-imap4/configure-pop3?view=exchserver-2016
Binding of a protocol / port to one IP has nothing to do with authentification / security. It is only relevant if your Exchange Server has multiple IP Addresses, and you want to limit this protocol to one of the IP Adresses.
https://docs.microsoft.com/en-us/exchange/clients/pop3-and-imap4/configure-pop3?view=exchserver-2016
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.