Understanding Security for POP3 and IMAP4
Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2011-04-28
This topic explains security settings that you can use on the Microsoft Exchange Server 2010 Client Access server that has the POP3 and IMAP4 services installed.
Looking for management tasks related to POP3 and IMAP4? See Managing POP3 and IMAP4.
To help secure communications between POP3 and IMAP4 clients and the Exchange 2010 Client Access server, we strongly recommend that you use Secure Sockets Layer (SSL) or Transport Layer Security (TLS). By default, Exchange Setup provides a self-signed certificate for test environments. However, we recommend that you install a certificate from a certification authority (CA) that's trusted by the client's operating system. For more information, see Managing SSL for a Client Access Server.
You can use the Exchange Management Console or the Exchange Management Shell to configure SSL or TLS for POP3 and IMAP4 on an Exchange 2010 server.
For more information about how to use the EMC or the Shell to configure SSL or TLS for POP3 and IMAP4, see the following topics:
When you use POP3 and IMAP4 clients, you can set authentication options such as the ability to use SSL or TLS encryption and the ability to configure ports to communicate with clients. When you use SSL or TLS for POP3 and IMAP4 access, the Exchange server uses the ports listed in the following table to communicate with clients.
Ports for POP3 and IMAP4 access when using SSL
IMAP4 with SSL
IMAP4 with or without TLS
POP3 with SSL
POP3 with or without TLS
By default, the values in the previous table are used for communicating with clients. You can specify other ports to use with POP3 and IMAP4 clients if you want to disable communication through the default ports.
For more information about how to configure authentication for POP3, see the following topics:
For more information about how to configure authentication for IMAP4, see the following topics: