Supporting POP and IMAP Clients


Topic Last Modified: 2005-05-24

When you use a front-end server, the names of the servers that host the mailboxes are hidden from the users. Client computers connect to one host name shared by the front-end servers. As a result, moving users between servers is transparent to the users and requires no reconfiguration of client computers.

To log on, a POP or IMAP client sends the front-end server a logon request that contains the name of the mailbox to be accessed. The front-end server authenticates the user and uses Active Directory to determine which back-end server contains the user's mailbox. The front-end server then proxies the logon request to the appropriate back-end server. The back-end server then sends the results of the logon operation back to the front-end server, which returns the results of the operation back to the client. Subsequent POP or IMAP commands are similarly handled.

SMTP must be available to allow POP and IMAP clients to submit e-mail. You can install SMTP on the front-end server or set up a separate SMTP server. E-mail submission through SMTP on the front-end server works the same as it does on any other server running Exchange. For more information about how to configure SMTP on a front-end server, see Configuring Exchange Front-End Servers.

POP and IMAP e-mail clients send user and password information in clear text. If the front-end server is accessible from the Internet, you should configure SSL so that user authentication information and data is not passed over the Internet in clear text.

When a non referral-enabled IMAP client connects to a back-end server, it can access only public folders that have a replica on the user's home server. To access public folders that have replicas on other servers, an IMAP client must be referral-enabled. A referral-enabled client issues special commands to an IMAP server to create a list of the public folders available to the client. When the client computer requests a public folder that does not have a local replica, the server responds to the client request with a referral URL that contains the name of the server that has the public folder. The referral-enabled IMAP client computer then creates a new connection to that server to retrieve the appropriate information.

In a front-end and back-end topology, however, the front-end server acts as a referral-enabled client, so IMAP clients connecting to the front-end server do not need to support referrals; the front-end server handles referrals for them. It transparently maps non referral-enabled client requests to their referral counterparts, making the entire list of public folders available to a non referral-enabled client. When the front-end server receives a referral response from the back-end server, it does not pass this response back to the client. Instead it follows the referral for the client and makes a connection to the appropriate back-end server that has the data. The back-end server then responds with the requested item, which the front-end server relays back to the client.