Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2009-10-08
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) can be used to secure connections between your users and your Microsoft Exchange Server 2010 computers. TLS and SSL are cryptographic protocols that provide security for communications over the Internet. We strongly recommend that you use TLS and SSL to help secure communications between your POP3 and IMAP4 clients and the Exchange Server 2010 Client Access server.
You can use the Exchange Management Console and the Exchange Management Shell to configure TLS and SSL on the Exchange Server 2010 server that has the POP3 and IMAP4 services enabled.
Looking for more information about securing Client Access servers? See Securing Client Access Servers.
Configuring TLS and SSL
Before you configure TLS and SSL to help secure POP3 and IMAP4 access, make sure that you understand the process for configuring TLS and SSL for the Exchange 2010 Client Access server. For more information about how to help secure communications, see the following topics:
Securing Client Access Servers
Managing SSL for a Client Access Server
Install an SSL Certificate on a Client Access Server
Understanding TLS Certificates
Configuring TLS and SSL for POP3 and IMAP4
You can use either the EMC or the Shell to configure SSL or TLS for POP3 and IMAP4 on an Exchange 2010 Client Access server.
For more information about how to configure SSL and TLS for POP3 and IMAP4, see the following topics:
Configuring Ports for POP3 and IMAP4 When Using TLS and SSL
When you use TLS and SSL for POP3 and IMAP4 access, the Exchange 2010 Client Access server uses the ports listed in the following table to communicate with clients.
Ports for POP3 and IMAP4 access when using TLS and SSL
Protocol | Default port |
---|---|
IMAP4/SSL |
993 (TCP) |
IMAP4 with or without TLS |
143 (TCP) |
POP3/SSL |
995 (TCP) |
POP3 with or without TLS |
110 (TCP) |
By default, the values in this table are used for communicating with clients. You can specify other ports to use with POP3 and IMAP4 clients if you want to disable communication through the default ports. For more information about how to configure ports for Exchange 2010 POP3 and IMAP4 clients, read Configure IP Addresses and Ports for POP3 and IMAP4 Access.