Re: Enabling STARTTLS in Exchange 2003 IMAP service?
From: Ben Winzenz [Exchange MVP] (ben_winzenz_at_NOSPAMdotmessageonedotcom)
Date: 01/11/05
- Next message: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Previous message: Andrew Biggs: "Enabling STARTTLS in Exchange 2003 IMAP service?"
- In reply to: Andrew Biggs: "Enabling STARTTLS in Exchange 2003 IMAP service?"
- Next in thread: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Reply: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 11 Jan 2005 11:34:40 -0600
I think you may be misunderstanding what IMAP is used for. IMAP is a
mailbox viewing protocol. It stands for Internet Message Access Protocol.
The STARTTLS command is an SMTP verb, not an IMAP command. What you are
looking at is simply the ability to connect to the IMAP server via an SSL
port. The standard (non-SSL) IMAP port is 143. If you enable SSL, then the
port is 993, not 143.
Since the STARTTLS command is an SMTP verb, this would be enabled on your
SMTP Virtual server. Enabling TLS here would allow outgoing SMTP messages
to be encrypted, but would also require that the host you are sending to
accept them. TLS is not an extremely common implementation in mail servers.
Meaning, although Exchange supports TLS, both the sending server and
receiving server must be configured to enable it. If you want to see if
your server supports it, simply telnet on port 25 and issue an EHLO command.
-- Ben Winzenz Exchange MVP "Andrew Biggs" <dreamcoder@yahoo.com> wrote in message news:41E40035.1030200@yahoo.com... > Hello, > > I'm hoping someone with experience setting up IMAP on Exchange 2003 might > be able to advise me on getting it correctly administered to support the > STARTTLS capability. I have E2K3 installed on a W2K3 server, which it > itself administered as the (only) domain controller. Here is what I have > done so far: > > 1) Created a certificate request using the Exchange System Manager's "Web > Server Certificate Wizard" in the IMAP4 virtual server properties. > > 2) Used the Windows CA on the same server to issue a certificate based on > the request. Exported the binary certificate. > > 3) Went back to the "Web Server Certificate Wizard" in the IMAP4 virtual > server properties to import the binary certificate. > > 4) Checked the "Require SSL/TLS encryption" box under "Authentication" in > the IMAP4 virtual server properties. > > 5) Stopped/Started the IMAP4 virtual server. > > At this point, I was expecting to be able to connect to port 143 on the > server, submit a CAPABILITY command, and get something back that would at > least include STARTTLS. Unfortunately, it still doesn't. > > Any thoughts on what I may be missing here? I'd appreciate any > suggestions at all, even sketchy ones :-). > > Thanks! > Andrew
- Next message: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Previous message: Andrew Biggs: "Enabling STARTTLS in Exchange 2003 IMAP service?"
- In reply to: Andrew Biggs: "Enabling STARTTLS in Exchange 2003 IMAP service?"
- Next in thread: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Reply: Andrew Biggs: "Re: Enabling STARTTLS in Exchange 2003 IMAP service?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
