Supporting Messaging Clients

Restrict Access by IP Address, Subnet, or Domain

If you have a small number of clients who do not use the IMAP4 service, you can create a group of restricted computers that cannot access the IMAP4 virtual server. Limiting access to server resources enhances security and can improve performance by reducing the load on a server. By default, all computers can access the IMAP4 virtual server until you identify a group of restricted IP addresses, subnets, or domains.

Warning   Identify a restricted computer by IP address only if you assign IP addresses statically. If a DHCP server assigns temporary IP addresses to computers, you cannot ensure a computer will always use the same IP address.

To restrict access by IP address, subnet, or domain:

  1. Start System Manager
    on the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
  2. Navigate to IMAP4.

    System Manager

    1. Administrative Groups
    2. Administrative group
    3. Servers
    4. Server
    5. Protocols
    6. IMAP4
  3. In the console tree, right-click a virtual server, and then click Properties.
  4. On the Access tab, click Connection.
  5. By default, All except the list below is selected.
  6. Click Add.
  7. Select one of the following options:
  8. To add the user, subnet, or domain to the list of restricted users, click OK .

Note  Restricting a computer's access to one IMAP4 virtual server does not necessarily restrict access to all instances of IMAP4 virtual servers. You must restrict the computer's access to each IMAP4 virtual server if you do not want that computer to access any IMAP4 service. Otherwise, if you restrict a computer from accessing only one instance of an IMAP4 virtual server, depending on how you configure access to the other instances, the computer might still have access to another IMAP4 virtual server.