Chapter 07: Configuring Client Access (Part3)

Post Office Protocol (POP3) Clients

Post Office Protocol version 3 (POP3) enables a client to retrieve mail from a remote server mailbox. A user who is not always attached to their network can have their mailbox on a server that is permanently attached to the network. Mail sent to that user would be delivered to the server-based mailbox, and the server would act as a sort of mail drop. Clients can remotely connect to the server and download their mail to their computer. The protocol used both to store the mail on the server and to download the mail to the client is POP3. In this capacity, the server is referred to as a POP server and the client as a POP client. POP3 cannot be used to send mail; it is only a retrieval protocol. Simple Mail Transfer Protocol (SMTP) is still used to transfer mail between mailboxes.

The remainder of this section covers these POP-related topics:

• POP3 architecture

• An overview of Exchange Server POP3 (including server and mailbox configuration)

• POP3 client configuration

POP3 Architecture

POP works through a simple request-response mechanism. A POP client sends request commands, and a POP server sends responses back to the POP client. These client-server interactions can be divided into three main states:

• Authorization

• Transaction

• Update

Authorization, also called greeting, is the client logon to the POP server. The POP username and password are sent to the POP server. After a successful authorization, transactions can take place between the POP client and server. The POP client can request the number and size of messages in its mailbox, and messages can be downloaded and deleted. After the POP server has responded and the POP client is finished, the POP client issues a Quit command. This ends the POP session and causes the POP server to enter the update state for the user’s mailbox. Messages can be deleted during the update state.

POP uses TCP/IP as its transport protocol. The session, or conversation, between the POP client and server takes place on TCP port 110. If Secure Sockets Layer (SSL) is being used to create an encrypted channel, port 995 is used instead. A port is a numeric identifier assigned to an application or protocol and is used to route incoming packets to the correct application. Although a packet has arrived at the correct computer, it still has to be delivered to the correct application on that computer. POP clients address the requests to port 110 on the POP server. The POP server listens to port 110 for those requests (this same principle is applicable to LDAP, HTTP, and other Internet protocols). The third revision of the POP standard, POP3, is documented in RFC 1939.

Note

You may be familiar with Ethernet or Token Ring addresses, which are used to deliver a frame to a specific computer. You may even be familiar with network addresses, such as IP addresses, which are used to route packets to the correct networks and computers. Ports are yet another type of address that is used to route packets to the correct applications on a machine.

---

Connecting Clients to Exchange Server 2003

The decision of how you will allow remote and non-Windows clients to connect to your Exchange Server 2003 messaging infrastructure is not an easy one, nor is it one that you should take lightly or make without giving due consideration to the benefits and drawbacks of everything involved. Will you use Outlook, taking advantage of the new RPC over HTTP feature, will you use the improved Outlook Web Access in Exchange Server 2003, or will you force these users to use an industry standard POP3 or IMAP4 application?

Several factors should influence your decision:

• Which operating systems are in use by your clients?

• Which operating systems are in use by your Exchange servers, domain controllers, and global catalog servers?

• Are there existing means to securely connect users remotely over the Internet, such as VPN servers and so forth?

• What is the company’s willingness to try new, cutting-edge features?

  These questions are just a few of the many that you must take into consideration when determining how you will allow remote and non-Windows clients to connect to the Exchange organization. As an example of how you might solve this problem, consider the following:

• You have several Unix and Linux hosts on your network that will connect to the Exchange organization using Outlook Web Access.

• You have some traveling salespeople who use Windows XP Professional computers. These users require full Outlook functionality and will connect using RPC over HTTP.

• You have some other users who frequently travel and need access only to their Inboxes. When they travel, they keep all messages on their local computers in PST files. If needed, they move any messages back into their Exchange mailbox when they return to the company. These users connect to the Exchange organization using POP3 or IMAP4.

---

Exchange Server POP3 Overview

POP3 is integrated into the Internet Information Services (IIS) component of Windows Server 2003. Although it is not a separate service, the POP3 functionality is sometimes referred to as the POP3 Service. It permits any POP3-enabled e-mail program to connect to an Exchange server via IIS and retrieve mail (see Figure 7.22). Only messages in the Inbox folder of a mailbox can be accessed. The POP3 Service does not permit access to encrypted messages.

Figure 7.22: Exchange and POP3

As mentioned previously, POP3 retrieves mail but does not send it. The Simple Mail Transfer Protocol (SMTP) is used to send mail. SMTP functionality is also provided by IIS and uses TCP port 25.

POP3 Server Configuration

The configuration options available for a POP3 virtual server in Exchange Server 2003 are described in Table 7.5.

POP3 Mailbox Configuration

An administrator can override server-level settings at the mailbox level using the Protocols button on the Exchange Advanced page of a mailbox object. A mailbox can independently have POP3 enabled or disabled or have unique POP3 settings. As mentioned earlier, if a protocol is disabled at the server level, the settings at the mailbox level have no effect.

Table 7.5: Property Pages for the Site and Server POP3 Objects

Property Page	Description
General	This page is used to assign an IP address to the virtual server. The default is for the server to have access to all IP interfaces configured on the server. You can select a specific IP address or use the Advanced button to configure IP address and TCP port information. This page is used to configure how long an idle POP3 connection will be held open before automatically closing and to limit the number of connections that the virtual server will allow.
Access	The Authentication section of this page is used to select the authentication protocols that POP3 clients must use to log on to the Exchange server with the POP protocol. The options are Basic, which works using an unencrypted username and password, and Windows Integrated Authentication, which works using Windows Server 2003 network security and an encrypted password. The Secure Communication section of the Access page is used to configure a certificate server to provide POP3 security. This type of security is discussed in Chapter 15. The Connection Control section of the Access page is used to grant or deny access to the POP3 virtual server based on computer names or IP addresses.
Message Format	This page sets the encoding method and character set used when converting Exchange messages for retrieval by POP3 clients. The encoding options include MIME and UUENCODE. Selecting UUENCODE makes available the option to use Binhex with Macintosh clients. The default character set used is US-ASCII, but you can choose from many international sets. You can also specify whether Microsoft Exchange rich-text format can be used in POP3 messages.
Calendaring	The options on this page are used to configure URL access to calendaring information by POP3 clients. This allows POP3 clients to use OWA as their calendaring client.

Configuring a POP3 Client

The following information must be configured on a POP3 client in order for it to connect to a POP3 server (in this case, the POP3 server is an Exchange server with the Exchange POP3 Service enabled):

POP3 server name The computer name of the home server of the Exchange mailbox.

SMTP server name The computer name of the Exchange server that is supporting SMTP.

Note

Unless the client is connected to a server on the same network, you may need to indicate a Fully Qualified Domain Name for the POP3 and SMTP server names.

POP3 account name The name the POP3 client must use when being authorized by a POP3 server. The Exchange POP3 Service requires a Windows Server 2003 domain and user account that has read permissions on the Exchange mailbox, followed by the alias name of the mailbox in the format domain\account\alias. If the account name and alias are the same, the alias name can be left off.

POP3 account password The Exchange POP3 Service requires the password of the Windows Server 2003 user account that is specified in the POP3 Account Name field.

POP3 client e-mail address The SMTP address of the POP3 client. For an Exchange mailbox, this is the SMTP address found on the E-mail Addresses property page of the mailbox.

Table 7.6 provides sample information and shows how that information can be used to configure a POP3 client. Exercise 7.2 outlines the steps for configuring Outlook Express as a POP3 client. This exercise assumes that Outlook Express is already installed on your system.

Table 7.6: An Example of a POP3 Client Configuration

Sample Information	POP3 Client Configuration
Computer name running the POP3 Service=Education	POP3 server name=Education
Computer name running SMTP=Education	SMTP server name=Education
Window Server 2003 account with read permission on the mailbox=Domain\GeorgeW Alias name of mailbox=GeorgeW	POP3 account name=Domain\GeorgeW\ GeorgeW or simply Domain\GeorgeW
Password of GeorgeW=woodenteeth	POP3 accountpassword=woodenteeth
Domain name=Chicago.com	POP3 client e-mail address=GeorgeW@
Alias name of mailbox=GeorgeW	Chicago.com

EXERCISE 7.2: Configuring Outlook Express As a POP3 Client

---

1. Click Start > Programs > Outlook Express.

2. Under the Tools menu, select the Accounts command.

3. Click the Add button and then click the menu’s Mail command.

4. Enter a display name to appear in the From field of messages you send, and then click Next to continue.

5. Enter an e-mail address in the E-mail Address field and click Next.

6. Select the POP3 protocol from the drop-down menu.

7. In the Incoming Mail field, enter the name of the Exchange server that will service POP3 requests.

8. In the Outgoing Mail field, enter the name of the Exchange server that will service SMTP requests.

9. Click Next to go on.

10. In the Account Name field, enter the username of the mailbox to which you will connect.

11. Enter a password for the user, and then click Next.

12. Click Finish.

Internet Message Access Protocol Version 4 (IMAP4) Clients

As with POP3, IIS provides Internet Message Access Protocol version 4 (IMAP4) support to Exchange. This enables Internet e-mail applications using IMAP4 to retrieve data from an Exchange server. As with POP3, IMAP4 can only retrieve data and must use the SMTP functions of the Exchange Internet Mail Service (IMS) to send data.

One of the main differences between IMAP4 and POP3 is the Exchange folders they can access. As mentioned earlier, POP3 can access only the Inbox folder of a mailbox. IMAP4, however, can also access personal and public folders. IMAP4 also includes other advanced features (and non-POP3 features) such as search capabilities and selective downloading of messages or even only the attachment of a message.

The IMAP4 virtual server has many of the same properties as the POP3 virtual server, such as authentication, message format, and idle timeout. Some of the pages for these properties have additional attributes not present with POP3. IMAP4, for instance, also allows anonymous user access, meaning that an IMAP4 user without a Windows Server 2003 user account could access the server. Table 7.7 lists and describes the property pages and attributes of the IMAP4 object. Exercise 7.3 outlines the steps for configuring Outlook Express as an IMAP4 client.

Table 7.7: Property Pages of the IMAP4 Object

Property Page	Description
General	This page is used to assign an IP address to the virtual server. The default is for the server to have access to all IP interfaces configured on the server. You can select a specific IP address or use the Advanced button to configure IP address and TCP port information. This page is used to configure how long an idle IMAP4 connection will be held open before automatically closing and to limit the number of connections that the virtual server will allow. The Limit Number Of Connections To option allows you to specify a maximum number of simultaneous connections that can be made to the IMAP4 virtual server. The Include All Public Folders When A Folder List Is Requested option, which is enabled by default, permits a complete list of public folders to be sent to an IMAP4 client in response to the IMAP List command. Some IMAP4 client applications, however, encounter poor performance when downloading a large list of public folders. If that is the case, this field can be cleared (i.e., unchecked). The Enable Fast Message Retrieval option, which is enabled by default, permits an Exchange server to approximate the size of messages when reporting to an IMAP4 client application. Approximating message sizes increases the speed of message retrieval. Some IMAP4 client applications, however, require a server to report the exact message size. If that is the case, this field can be cleared (i.e., unchecked).
Access	An Exchange server can allow IMAP4 clients to be authenticated with the same protocols that are available with POP3. While the options are the same for both IMAP4 and POP3, each can be configured with a different set of authentication protocols. This is also true for any of the other attributes IMAP4 and POP3 have in common.
Message Format	This page is used to set the encoding method and character set used when converting Exchange messages for retrieval by IMAP4 clients. The encoding options are as follows: MIME: Both the message body and attachments will be encoded with MIME. Provide Message Body As Plain Text: The message body will be placed in plain text and any attachments in MIME. Provide Message Body As HTML: The message body will be placed in HTML format and any attachments in MIME. If both this option and the Provide Message Body As Plain Text option are selected, Exchange will generate both plain-text and HTML versions of the message body.
Calendaring	The options on this page are used to configure URL access to calendaring information by IMAP4 clients. This allows IMAP4 clients to use OWA as their calendaring client.

EXERCISE 7.3: Configuring Outlook Express as an IMAP4 Client

---

1. Click Start > Programs > Outlook Express.

2. Click the Tools menu, and then choose the Accounts command.

3. Click the Add button, and then choose the Mail command.

4. Enter a display name to appear in the From field of messages you send, and click Next to continue.

5. Enter an e-mail address in the E-mail Address field, and click Next.

6. Select the IMAP protocol from the drop-down menu.

7. In the Incoming Mail field, enter the name of the Exchange server that will service IMAP4 requests.

8. In the Outgoing Mail field, enter the name of the Exchange server that will service SMTP requests, and click Next.

9. In the Account Name field, enter the username of the mailbox to which you will connect.

10. Enter a password for the user, and click Next to go on.

11. Click Finish.

12. Outlook Express displays a dialog asking you whether you would like to download folders from the mail server you just configured. Click Yes to retrieve information on private folders other than your Inbox and any available public folders.

---

Note

Because of Exchange Server’s support of IMAP4 and POP3, many Internet mail programs can be used as clients to Exchange Server.

Network News Transfer Protocol (NNTP)

As with the other Internet protocols, IIS provides support for the Network News Transport Protocol (NNTP). Since the NNTP virtual server is installed and enabled by default when you install Exchange Server 2003, any NNTP-based newsreader application can be used to connect to and use public folders right away. Like the other protocols, the NNTP virtual server is configured using a number of property pages. Table 7.8 provides an overview of the property pages for this object.

Table 7.8: NNTP Property Pages

Property Page	Description
General	This page is used to assign an IP address to the virtual server. The default is for the server to have access to all IP interfaces configured on the server. You can select a specific IP address or use the Advanced button to configure IP address and TCP port information. This page is used to configure how long an idle NNTP connection will be held open before automatically closing and to limit the number of connections that the virtual server will allow. In addition, this page can be used to configure a path header, which is used by other Usenet servers to prevent a situation called “looping,” which can happen when a Usenet server is connected to multiple providers. Finally, this page can be used to enable logging for the NNTP service for troubleshooting purposes.
Access	An Exchange server can allow NNTP clients to be authenticated with the same protocols that were options with POP3. But while the options are the same for both NNTP and POP3, each can be configured with a different set of authentication protocols.
Settings	The Settings page provides a number of options for configuring the NNTP protocol: The Allow Client Posting option controls whether users with NNTPbased newsreaders can post messages using the NNTP protocol. If this option is enabled, you can also control how large of a message, in kilobytes, can be posted and how much data, in megabytes, can be posted during a single user session. The Allow Feed Posting option works the same way as the Allow Client Posting option, but it controls whether or not messages can be automatically posted by newsfeeds, which are discussed later in the chapter. The Allow Server To Pull News Articles From This Server option controls whether other Usenet servers can use the NNTP protocol to pull messages in a public folder to their own server. The Control Messages option is used to allow Usenet servers to govern the traffic between servers. The final three options control the domain and address of moderators for moderated newsgroups. In a moderated newsgroup, a designated moderator must approve messages before they are posted to a folder.

Creating Newsgroups

When NNTP is installed, two virtual directories are created by default:

• The default directory creates new newsgroups and stores them in the Newsgroups public folder.

• The control directory contains three folders for the three primary control commands, as seen in Figure 7.23: Remove Articles, Create Newsgroup, and Remove Newsgroup.

  
  Figure 7.23: Viewing newsgroups in System Manager

You can create new newsgroups using either a MAPI client or System Manager. The procedure for creating a newsgroup within a MAPI client varies, but it usually follows a pretty simple procedure of selecting a parent folder and creating a new folder inside of it. In System Manager, you can create a new newsgroup by expanding an NNTP virtual server, right-clicking the Newsgroups container inside it, and selecting the New Newsgroup command from the shortcut menu.

In addition to creating your own newsgroups, you can also configure Exchange to pull newsgroups and their contents from a Usenet server on the Internet. Before you learn to do that, however, a brief overview of Usenet itself is in order.

A Usenet Overview

Usenet is a network within the Internet that is composed of numerous servers containing information on a variety of topics. Each organized topic is called a newsgroup, which can be thought of as a discussion group or a bulletin board. The Usenet servers are also referred to as newsgroup servers. Users access these newsgroups to post information or to read other people’s postings. Users interact with newsgroups through client applications referred to as newsgroup readers.

Clients and servers use the Network News Transfer Protocol (NNTP) to transfer information across Usenet. When a client reads or posts information to a newsgroup server, NNTP is used for this exchange.

NNTP is also used to transfer newsgroup content between servers. This function is referred to as a newsfeed. A newsgroup server can be configured to send all or some of its newsgroups to other servers. When one server actively sends information to another server, it is referred to as a push feed (it is also referred to as publishing). A server also can be configured to request that information be sent to it from another server. This is referred to as a pull feed. Push feeds are usually used with large newsfeeds. A pull feed allows a local administrator to specify which and when newsgroups are received.

Exchange Server 2003 can function as a full Usenet server and exchange newsgroup information with other Usenet servers on the Internet. This is done through the Newsfeed Configuration Wizard. The wizard prompts the installer for such information as the name of the Usenet host; the host’s IP address; and the type of newsfeed, such as inbound (i.e., receiving data), outbound (i.e., publishing data), or inbound and outbound. Newsfeeds basically enable an Exchange server to function as a newsgroup server. It can publish public folder content as newsfeeds to other Usenet servers. It also can receive newsfeeds from the Usenet and place newsgroups in public folders. To receive newsfeeds, it can either pull a newsfeed or receive a push. See Figure 7.24 for an illustration of this process.

Figure 7.24: Newsfeeds and the Usenet

Once a newsfeed is configured, it is represented in the Feeds container of an NNTP virtual server as an object. The property pages of a Newsfeed object can be used to configure the newsfeed after its creation. Much of the information that was entered in the wizard can be later viewed and modified through the Newsfeed object. For example, if the IP address of the Usenet host changes, the new address can be entered in the properties of that newsfeed rather than creating a new newsfeed with the wizard.

Summary

A messaging profile is the collection of configuration information used by a MAPI application, such as Microsoft Outlook. Some of the information contained in a profile indicates the information services to be used, such as Microsoft Exchange Server, Microsoft Fax, or Internet Mail. Other information in the profile relates to information storage, delegate access, and remote mail. Profiles can be created at the time of the client software installation. They can also be created and edited after the installation.

Outlook 2003 is the preferred client for use in an Exchange Server 2003 organization, although several older versions of Outlook can be used with slightly reduced functionality.

Exchange Server also extends support for the IMAP4, POP3, HTTP, and NNTP Internet protocols, thus expanding the number of client applications that can access Exchange.

IMAP4 and POP3 enable an e-mail program to retrieve messages from a remote server mailbox. Internet users who have Exchange mailboxes can use these protocols to retrieve mail.

HTTP is the primary protocol used for client-server interactions on the World Wide Web. Exchange Server supports HTTP using Outlook Web Access and IIS and thereby allows web users to access Exchange resources such as mailboxes, public folders, and calendars using a standard web browser.

Exchange Server supports NNTP and, therefore, can operate as part of the Usenet. Exchange can both publish public folders to the Usenet and receive newsfeeds from the Usenet. Newsgroups received from newsfeeds are published in public folders.