Re: OK, I must be retarded or something...

Thanks for your help so far Ben. Here is what I have now in my settings now
that I read your post:

In Exchange Manager:

[Access] Tab

[Authentication] Button:

Anonymous=checked
Basic=unchecked
Integrated Windows Authentication=checked

[Relay] Button:
Only the list below=checked
Allow all computers that successfully authenticate...=checked

No other changes have been made. Do I need to do something under the
[Delivery] tab?

Stop and start SMTP. Do I need to stop and restart any other services?

In Outlook I enabled SPA checkbox, and did a "Test Account Settings" that
came back with a dialog asking for username, password, & domain (not just
username and password).
I put in internal domain (fqdn) user and password, but it kept popping up. I
finally clicked [Cancel] and it returned an error message in Outlook
stating: "The POP3 email account you created does not support SPA..."

Do I need to do something with POP3 Virtual Server?

That you in advance for your help.

-Harry










"Ben Winzenz [Exchange MVP]" <ben_winzenz@NOSPAMdotmessageonedotcom> wrote
in message news:eBlYcRbdFHA.384@xxxxxxxxxxxxxxxxxxxxxxx
> 1. You can't disable anonymous authentication, as that is what all other
> mail servers will use to send mail to your server. This would result in
all
> inbound mail being halted, as you experienced. Requiring TLS will result
in
> the same experience of inbound mail being halted.
>
> 2. For POP3 clients (that relay via SMTP), you should leave the relay
> defaults enabled, which are "Only the list below", and "allow computer
that
> authenticate" check box checked. This allows clients that authenticate to
> send via your server without opening relaying to anyone. If you want
> additional security, you can try enabling Windows Authentication on the
SMTP
> server, and then setting the Outlook clients to use Secure Password
> Authentication (SPA). You can also set up SSL on the POP3 virtual server
> and the SMTP Virtual Server, but you won't want to require SSL on the SMTP
> VS unless you create a separate one specifically for your POP3 clients.
>
> --
> Ben Winzenz
> Exchange MVP
> MessageOne
>
>
> "Harry Bates" <None> wrote in message
> news:OlrmwfadFHA.1292@xxxxxxxxxxxxxxxxxxxxxxx
> > OK, I must be retarded or something. I am having the hardest time
setting
> > up
> > POP3 mail for external users. When I do, eithe it halts all mail with no
> > immediate return messages or it only allows delivery from an internal
user
> > to an internal user. I obviously do not want to have the relay open.
That
> > is
> > understood. Here are the latest sub-genius steps I have done with no
> > avail.
> >
> > Exchange 2003 over 2003 native\native AD domain
> >
> > All done under properties of <Server>\SMTP:
> > 1. Accesss tab, Authentication button. Anonymous unchecked, Basic
> > Authentication checked, and the default domain is listed correctly. Just
> > for
> > testing I did not use TLS encryption. (is this absolutely necessary to
> > make
> > it work?)
> >
> > 2. Click OK, then go to the Relay button. Click the radio button ON for
> > "All
> > except the list below" and obviously radio button OFF for "Only the list
> > below".
> >
> > 3. Stop and restart SMTP service to make sure seetings take effect.
> >
> > 4. On the Outlook clients I set "Server requires Auth..." & "Use same
> > username and password..."
> >
> > At this point no mail travels. What am I doing wrong. All of the other
> > settings are basically default, and there are no connnectors set up.
> > Thanks
> > for your anticipated help because I am new to the whole Exchange and
mail
> > server thing.
> >
> >
> >
> > -Harry Bates
> >
> >
> >
>
>


.