[Today's post comes to us courtesy of Shawn Sullivan from Commercial Technical Support]

If you wish to connect to your Exchange mailbox on SBS with a remote Outlook client, we recommend that you use Outlook Anywhere. However, if you choose to use POP3 or IMAP instead, then use this post to determine which settings to select on the Outlook client for connectivity to these services. As a result of following these steps, your connections for both the submission and the retrieval of email to and from the SBS server will be encrypted, ensuring no personal information is transmitted over the network in an insecure fashion. The complimentary server-side configuration steps are found here:

http://blogs.technet.com/b/sbs/archive/2008/09/19/how-to-configure-sbs-2008-to-host-pop3-imap4.aspx
http://blogs.technet.com/b/sbs/archive/2008/09/18/how-to-configure-trusted-smtp-relay-in-exchange-on-sbs-2008.aspx

The key points to understand in this particular configuration are:

  • POP3 connections will require SSL and use port 995.
  • IMAP connections will require SSL and use port 993.
  • SMTP connections will require authentication and use TLS on port 587.
  • The client must trust the certificate used to secure these connections.
    • If you are not using a trusted 3rd party certificate, you must use the certificate distribution package to install the SBS CA certificate on the client.
  • Make sure you port-forward (pinhole) the above ports through your firewall with the SBS server’s internal IP address as the destination.

Note: We are demonstrating with Outlook 2010 in this post, but these settings need to be the same for any client software that you are using.

After selecting Internet E-mail for your new email account, you are presented with the screen where you choose either POP3 or IMAP for mail retrieval. Other than “Account Type”, much of the configuration will be identical between the two; for instance “Your Name”, “Email Address”, “Incoming mail server”, “Outgoing mail server (SMTP)”, “User Name”, and “Password”.

clip_image002

After completing this page select More Settings. For either client type, click the Outgoing server tab and choose Use same settings as my incoming mail server.

clip_image003

The settings will differ between client types after you select the Advanced tab. For POP3 clients you need to select This server requires an encrypted connection (SSL). Make sure the port changes to 995.

clip_image004

For IMAP clients, select SSL from the dropdown next to Use the following type of encrypted connection. Make sure the port changes to 993.

clip_image005

For either, enter 587 next to Outgoing server (SMTP) and choose TLS from the dropdown next to Use the following type of encrypted connection.

At this point you are ready to test account settings. If they fail, double-check the settings on both the server and the client. Also, make sure the client trusts the certificate presented by the server and that all the necessary ports are being forwarded properly through your firewall.