Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-11-01

This topic describes how to use the Exchange Management Console and the Exchange Management Shell to configure authentication options on the Microsoft Exchange Server 2007 computer that has the Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4rev1 (IMAP4) services enabled.

Before You Begin

Before you configure the authentication options to use with POP3 and IMAP4, make sure that you understand the process for configuring Secure Sockets Layer (SSL) for the server that is running Microsoft Exchange that has the Client Access server role installed. For more information about how to help secure communications, read the following topics:

To perform the following procedures on a computer that has the POP3 service enabled, the account you use must be delegated the Exchange Server Administrators role and membership in the local Administrators group on the target server.

For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.

Authentication Options for POP3 and IMAP4

There are three authentication options that you can use with POP3 and IMAP4. These options are configured when you use the Exchange Management Console or the Set-PopSettings and Set ImapSettings cmdlets in the Exchange Management Shell. Additionally, there are default ports that are used, depending on the authentication setting that you are using.

The following table describes the default ports that are used with different authentication settings.

Authentication options for POP3 and IMAP4

Authentication Method	Value	Default Port	Description
PlainTextLogin	1	110 (POP3) 995 (POP3 SSL) 143 (IMAP4) 993 (IMAP4 SSL)	TLS encryption is not required on port 110. User name and password are sent not encrypted unless the underlying connection is encrypted by using TLS or SSL. For IMAP4, this corresponds to using the "login" command to authenticate to the Exchange 2007 computer that has the Mailbox server role installed.
PlainTextAuthentication	2	110 (POP3) 995 (POP3 SSL) 143 (IMAP4) 993 (IMAP4 SSL)	TLS encryption is not required on port 110 and port 143. However, Basic authentication is permitted only on a port that uses TLS or SSL encryption. For IMAP4, this corresponds to using the "authenticate" command to authenticate to the Mailbox server.
SecureLogin	3	110 (POP3) 995 (POP3 SSL) 143 (IMAP4) 993 (IMAP4 SSL)	Connection on port 110 and port 143 must use TLS encryption before authenticating.

Authentication Method

Value

Default Port

Description

PlainTextLogin

110 (POP3)

995 (POP3 SSL)

143 (IMAP4)

993 (IMAP4 SSL)

TLS encryption is not required on port 110.

User name and password are sent not encrypted unless the underlying connection is encrypted by using TLS or SSL.

For IMAP4, this corresponds to using the "login" command to authenticate to the Exchange 2007 computer that has the Mailbox server role installed.

PlainTextAuthentication

110 (POP3)

995 (POP3 SSL)

143 (IMAP4)

993 (IMAP4 SSL)

TLS encryption is not required on port 110 and port 143. However, Basic authentication is permitted only on a port that uses TLS or SSL encryption.

For IMAP4, this corresponds to using the "authenticate" command to authenticate to the Mailbox server.

SecureLogin

110 (POP3)

995 (POP3 SSL)

143 (IMAP4)

993 (IMAP4 SSL)

Connection on port 110 and port 143 must use TLS encryption before authenticating.

You can use the Exchange Management Console or the Exchange Management Shell to configure the ports that you want to use, depending on the authentication setting that you are using for POP3 and IMAP4 on an Exchange 2007 server. You can also specify connection time-out limits for users.

For more information about how to use the Exchange Management Shell and the Exchange Management Console to configure authentication options for POP3 and IMAP4, see the following topics: