Enabling a Virtual Server


Topic Last Modified: 2005-05-18

When you install Exchange, the services that are necessary to support clients such as Outlook 2003, Outlook Web Access, and Exchange ActiveSync are enabled by default. For example, Exchange enables the SMTP service because it is the underlying protocol used to route messages internally within an Exchange organization and externally to messaging systems outside an Exchange organization. Similarly, Exchange enables HTTP because it is the underlying protocol for all Internet communication.

Although Outlook Mobile Access uses the HTTP protocol, Outlook Mobile Access is disabled by default and must be enabled by using Exchange System Manager.

However, Exchange installs, but does not enable services for Post Office Protocol version 3 (POP3), IMAP4, and NNTP. If your client access model relies on communications that use POP3, IMAP4, or NTTP, you must manually enable them.

To enable either the POP3 or IMAP4 service, you use the Services snap-in to set the service to start automatically. Then, you start the service by using Exchange System Manager. To enable NNTP, use the Services snap-in to set the NNTP service to start automatically, and then use Exchange System Manager to start the service.

When you create a virtual server for a protocol, you have the option of using the default port assignments and Internet Protocol (IP) address for the server. The following table shows the default port assignments associated with the protocols. The default IP address is (All Unassigned), which means that a specific IP address has not been assigned and the virtual server will use the IP address of the Exchange server that is currently hosting the virtual server. These default values provide a virtual server with automatic discovery—the server can immediately receive incoming connections by using the default IP address and ports.

Default port assignments

Protocols TCP port Secure Sockets Layer (SSL) port



Not available










If you do not use the recommended port assignments, some clients may be not able to connect. You may also have to reconfigure your client software manually to connect to the new port assignments.
To fully enable SSL on the POP3 virtual server, you must request and install a certificate. You must do this even if you leave the default SSL port set at 995 on the POP3 virtual server. For more information about installing certificates, see "Using Secure Sockets Layer" in Securing Your Exchange Messaging Environment.

Although it is highly recommended that you use the default port assignments, you do not have to use the default IP address. You can use the IP address from any available network card as the IP address for the virtual server.

If you plan to create multiple virtual servers, each virtual server must have a unique combination of ports and IP address. Because the port settings are standard and should not be changed, you will need to provide each virtual server with a unique IP address.

Besides creating a unique combination of ports and IP address for each virtual server, you can also configure multiple identities for your virtual server. Multiple identities enable you to associate multiple host or domain names with a single virtual server.

For detailed steps for assign a unique IP address to a virtual server or to assign multiple identities to a virtual server, see How to Assign Ports and IP Addresses to Virtual Servers.

A virtual server can accept an unlimited number of inbound connections and is limited only by the resources of the computer where the virtual server is running. To prevent a computer from becoming overloaded, you can limit the number of connections that can be made to the virtual server at the same time. By default, Exchange does not limit the number of incoming connections.

After users are connected, you can also limit the length of time that idle connections remain logged on to the server. By default, Exchange disconnects idle sessions after 10 minutes.

In topologies that contain Exchange front-end and back-end servers, the connection time-out setting varies based on server role. On back-end servers, the connection time-out setting limits the length of time clients can be connected to the server without performing any activity. However, on front-end servers, the connection time-out setting limits the total length of the client session, regardless of client activity. Therefore, in front-end and back-end server environments, you should configure the time-out value on your front-end servers high enough so that users can download the maximum message size that is permitted over the slowest connection speed that you want to support. Setting this value high enough ensures that clients are not disconnected while they are downloading messages. For more information about configuring your Exchange front-end and back-end server architecture, see the Exchange Server 2003 Deployment Guide.

Setting the connection time-out setting too low can cause clients to be unexpectedly disconnected from the server and possibly receive error messages. Thirty minutes is the lowest recommended connection time-out setting.

For detailed steps about how to configure connection limits, see How to Set Connection Limits.

Managing virtual servers frequently requires you to start, pause, or stop Exchange services. You manage Exchange services through the Computer Management console and Exchange System Manager.

For detailed steps on how to start, pause, or stop a POP3, IMAP4, or NNTP virtual server, see How to Start, Pause, or Stop a Virtual Server.

You can immediately disconnect a single user or all users if they are accessing the virtual server without permission.

For detailed steps on how to disconnect users, see How to Disconnect Users from a Virtual Server.