Use the EAC to configure the FQDN for authenticated SMTP clients Regardless of the FQDN value, if you want external POP3 or IMAP4 clients to use this connector to send email, the FQDN needs to have a corresponding record in your public DNS, and the TCP port (587) needs to be allowed through your firewall to the Exchange server. If you change the FQDN value, and you want internal POP3 or IMAP4 clients to use this connector to send email, the new FQDN needs to have a corresponding record in your internal DNS.
Or, you can specify an FQDN value that's more compatible with your Internet naming convention or a TLS certificate that you want to use. You can skip this step if you want to keep the default server FQDN value (for example, ). Step 1: Configure the FQDN on the "Client Frontend " Receive connector Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection. Having problems? Ask for help in the Exchange forums. To see what permissions you need, see the "Receive connectors" entry in the Mail flow permissions topic.įor information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center. You need to be assigned permissions before you can perform this procedure or procedures. For more information, see Receive connector local address bindings. However, because port 25 is also configured on the "Client Frontend " Receive connector for email from external SMTP servers, you'll need to modify the local IP addresses that are used to listen on port 25 on one or both of the connectors. If you have POP3 or IMAP4 clients that can only send SMTP email on port 25, you can configure port 25 on the "Client Frontend " Receive connector to allow clients to send authenticated SMTP email. To find out why you should disable the SSL protocol and switch to TLS, check out Protecting you against the SSL 3.0 vulnerability. Typically, "SSL" refers to the actual SSL protocol only when a version is also provided (for example, SSL 3.0). Because of this similarity, references to "SSL" in Exchange topics, the Exchange admin center, and the Exchange Management Shell have often been used to encompass both the SSL and TLS protocols. They're so closely related that the terms "SSL" and "TLS" (without versions) are often used interchangeably. Secure Sockets Layer (SSL) is being replaced by Transport Layer Security (TLS) as the protocol that's used to encrypt data sent between computer systems.
What do you need to know before you begin? Specify the certificate that's used to encrypt authenticated SMTP client connections.Ĭonfigure Outlook on the web (formerly known as Outlook Web App) to display the SMTP settings for authenticated SMTP clients at Settings > Options > Mail > Accounts > POP and IMAP.įor more information about POP3 and IMAP4, see POP3 and IMAP4 in Exchange Server.
To configure the authenticated SMTP settings that are used by POP3 and IMAP4 clients, perform the following steps:Ĭonfigure the FQDN on the "Client Frontend " Receive connector. Note that this is opportunistic TLS ( STARTTLS) that results in an encrypted connection after the initial plain text protocol handshake.įor more information, see Default Receive connectors created during setup and Client access protocol architecture. By default, this connector uses the following settings for internal and external client (authenticated) SMTP connections: The default Receive connector named "Client Frontend " in the Client Access services on the Mailbox server listens for authenticated SMTP client submissions on port 587. After you enable and configure POP3 or IMAP4 on an Exchange server as described in Enable and configure POP3 on an Exchange server and Enable and configure IMAP4 on an Exchange server, you need to configure the authenticated SMTP settings for POP3 and IMAP4 clients so they can send email messages.