If you missed the first part in this article series please read Using POP3 and IMAP4 to Access Exchange 2007 (Part 1)
In the first part of this two article series, I looked at how to configure IMAP4 and POP3 for use with Exchange 2007 and then set up a client to connect. In this final part I will touch on some more advanced features and configuration of IMAP4 and POP3 and also take a look at the new GUI administration capabilities which will arrive with SP1.
Note that as the SP1 features are still in beta they are subject to change before release.
Advanced Configuration
In this section I am going to run through a few of the options you have when setting up Exchange for access via POP3 or IMAP4. I will start with a look at calendaring.
Obviously when using Outlook and MAPI, appointments come through as usable items which can be accepted and automatically placed in your calendar, however, with POP3 or IMAP4 access things can be a little different. The following options are provided as shown in Table 1.
|
Setting |
Value |
Description |
|
iCalendar |
0 |
This setting lets users use the iCalendar standard for calendar items. The iCalendar standard is a standard for exchanging calendar information. |
|
IntranetUrl |
1 |
This setting lets you specify an internal URL for users to access their calendar information. |
|
InternetUrl |
2 |
This setting lets you specify an external URL for users to access their calendar information. |
|
Custom |
3 |
This setting lets you specify a Microsoft Office Outlook Web Access server for users to access their calendar information. |
Table 1: Different calendaring options for POP3 and IMAP4
By default, the iCalendar option is selected. This can be seen using the command in Figure 1 below:
Figure 1: The default Calendar settings
Note the use of the wildcard to show only entries including Cal
This option allows all the usual functionality for calendar/meeting requests. Using the other options gives you the ability to point users to a website either internal, external or OWA to gather meeting information. To implement such a system, first put together the website and then use the syntax below:
Set-ImapSettings –CalendarItemRetrievalOption 1 –IntranetURL “intserver”
Set-ImapSettings –CalendarItemRetrievalOption 3 –InternetURL “https://extserver.com”
Set-ImapSettings –CalendarItemRetrievalOption 3 –OwaServerURL “https://owa.server.com/owa”
Note:
As mentioned in part one, for POP3 use the Set-PopSettings command
Another thing that might be useful to those still in the process of migrating to Exchange 2007 from Exchange 2000 or 2003 is using Exchange 2007 CAS servers to proxy POP3 or IMAP4 access to mailboxes on Exchange 2000/3. To do this, there are a couple of important things to check on the Exchange 2003 server;
First ensure that SSL/TLS is disabled and basic authentication is enabled on the IMAP (or POP3) virtual server. This can be found under the “Protocols” section of the relevant server where the mailbox is held. See Figure 2
Figure 2: Disabling SSL
Having done that, it is important to realise that the user name and password are sent in clear text when Basic authentication is used without encryption. Therefore, I suggest securing the traffic between the Client Access server and Exchange Server 2003 server by using Internet Protocol security (IPsec).
On the Exchange 2007 CAS server you must then configure the proxy port using the command shown below:
Figure 3: Setting the proxy port
To enable basic authentication use the command:
Set-ImapSettings –LoginType plaintext
Finally restart the msexchangeimap service
Having done all that, point the IMAP client at the CAS server, remembering that if you want to send mail, unless you have changed the default settings, you will still need to use TLS/SSL by clicking the box shown in figure 4.
Figure 4: The checkbox to use SMTP over SSL
Note:
It is also possible to disable access to Exchange 2003 servers by using the command: Set-ImapSettings – ProxyTargetPort 0
Another area where extra configuration is required is if you want to listen for IMAP traffic on anything other than the default IP address or port.
Should you wish to configure ports use the commands below;
Set-PopSettings -SSLBindings: IPaddress:Port
Set-PopSettings -UnencryptedOrTLSBindings IPaddress:Port
The first command sets the port for the encrypted session (by default 993 and 995) and the second command is for the unencrypted session, by default 143 and 110.
The final configuration to look at in this section is that of message retrieval format. The options are listed below:
- 0:Text Only
- 1:HTML Only
- 2:HTML and Text
- 3:Rich Text Only
- 4:UUEncode
- 5:UUEncodeBinHex
- 6:Best Body Format
Interestingly the retrieval format options can either be set per user or for everyone as shown in the commands below:
Set-ImapSettings –MessageRetrievalMimeFormat 0
Sets the mail format to Text only
Set-CasSettings –Identity mailboxname –ImapMessagesRetrievalMimeFormat 2
Sets the mail format for user “mailboxname” to “HTML and Text”
Having looked at some of the more advanced configuration options which are available, I will now move on to give some suggestions on how to protect your system serving IMAP4 and POP3 for users.
Best Practises for IMAP & POP3
Before we take a look at the new GUI in SP1 I think it is worth looking some settings which could protect your system.
Connection Limits allow you to prevent the server being overloaded by someone generating a massive number of fake connections, thereby using up all available RAM. Obviously you must set this limit so that it does not hinder the number of concurrent user connections you expect. The default of 2000 is quite high so you could bring this down if you only have a few users using the command below:
Set-ImapSettings -MaxConnections Value
Another settings you may wish to change is that shown below:
Set-ImapSettings –MaxConnectionsFromSingleIP Value
One reason you might change the above value (default 20) is if you have all connections passing through a NAT firewall which makes them all look like they come from the same IP address.
TimeOuts are another way to protect the server. They prevent connections for staying open indefinitely again using up server resources. They can also be the cause of issues when downloading large attachments over a slow link. If the timeout is too short then the connection may drop, interrupting the download.
Finally for this section, protocol logging. In general this should not be left on and it is not on by default. Logging is used when you need to troubleshoot problems with IMAP4 or POP3 and can be enabled as follows:
Open the file Microsoft.Exchange.Imap4.exe.config which by default is found in the location shown below:
Note:
As mentioned before open the substitute POP3 where necessary to change the POP3 config
Figure 5: POP3 and IMAP4 config files location
Right at the bottom of the file in the “appSettings” section change the line highlighted in the screenshot below to a value of “true”
Figure 6: Change this value to “true” to enable logging
Note:
The parameter names in the config file are case sensitive.
A Look at SP1 GUI
If you are a fan of the GUI then you will be pleased to know that SP1 for Exchange 2007 will give you back a GUI for several features. One of these is IMAP4 and POP3. The new interface is found under the Sever Configuration, Client Access node in the bottom pane as shown in Figure 7.
Figure 7: The location for the new IMAP4/POP3 GUI
When you double click either the POP3 or IMAP4 objects, a very similar set of options are available as shown in the screenshots below. The first screenshot shows the “General” tab, giving you a view of when the configuration was last modified and allowing you to change the banner shown to clients who connect.
Figure 8: The General Tab
On the “Binding” tab you get the option to change IP addresses and Ports on which the IMAP or POP3 services will listen.
Figure 9: The Bindings tab
On the Authentication tab you can set the Login Type as discussed in part one.
Figure 10: The Authentication Tab
The connection tab shown in Figure 11 is one area where there are slight differences between the IMAP and POP settings. Although all the fields are the same some values are different.
Figure 11: The Connection Tab
The “Message” tab is the other area where there are differences between POP and IMAP settings. Figure 12 shows the POP3 “Message” tab with its options for “Message Sort Order”. This is compared to Figure 13 which gives an options to ”Display hidden folders”. Other than that, the options are the same giving you the ability to configure calendar item retrieval.
Figure 12: POP3 Settings Message tab
Figure 13: IMAP Settings Message tab
Summary
I hope this second article has given you an idea of the depth of configuration possible and also a taste of what is to come in SP1. From the emails I have received after the first part of this series it is clear that IMAP and POP are still widely used and happily still well supported in by MS in Exchange 2007.
If you missed the first part in this article series please read Using POP3 and IMAP4 to Access Exchange 2007 (Part 1)
