Configurer les paramètres SMTP authentifiés pour les clients POP3 et IMAP4 dans Exchange 2016

[Cette rubrique est une documentation préliminaire et peut être modifiée dans les versions ultérieures. Des rubriques vides sont incluses comme espaces réservés. N’hésitez pas à nous transmettre vos commentaires. Envoyez-nous un e-mail à l’adresse ExchangeHelpFeedback@microsoft.com.]  

S’applique à :Exchange Server 2016

Learn how to configure the authenticated SMTP settings on an Exchange 2016 server that are required by POP3 or IMAP4 clients to send email messages.

After you enable and configure POP3 or IMAP4 on an Exchange 2016 server as described in Activer et configurer POP3 sur un serveur Exchange 2016 and Activer et configurer IMAP4 sur un serveur Exchange 2016, you need to configure the authenticated SMTP settings for POP3 and IMAP4 clients so they can send email messages.

The default Receive connector named "Client Frontend <Server name>" in the Client Access services on the Mailbox server listens for authenticated SMTP client submissions on port 587. By default, this connector uses the following settings for internal and external client (authenticated) SMTP connections:

  • SMTP server   <ServerFQDN>. For example, mailbox01.contoso.com.

  • TCP port   587

  • Encryption method   TLS. Note that this is opportunistic TLS (STARTTLS) that results in an encrypted connection after the initial plain text protocol handshake.

For more information, see Default Receive connectors created during setup and Client access protocol architecture.

To configure the authenticated SMTP settings that are used by POP3 and IMAP4 clients, perform the following steps:

  1. Configure the FQDN on the "Client Frontend <Server name>" Receive connector.

  2. Specify the certificate that's used to encrypt authenticated SMTP client connections.

  3. Configure Outlook sur le web (formerly known as Outlook Web App) to display the SMTP settings for authenticated SMTP clients at Settings > Options > Mail > Accounts > POP and IMAP.

    Paramètres SMTP dans Outlook sur le web

For more information about POP3 and IMAP4, see POP3 et IMAP4 dans Exchange 2016.

  • Estimated time to complete: 5 minutes.

  • Le protocole SSL (Secure Sockets Layer) est remplacé par le protocole TLS (Transport Layer Security) comme protocole utilisé pour chiffrer les données envoyées entre des systèmes informatiques. Ils sont si étroitement liés que les termes « SSL » et « TLS » (sans versions) sont souvent utilisés indifféremment. En raison de cette similitude, les références à « SSL » dans les rubriques concernant Exchange, dans le Centre d’administration Exchange et dans l’Environnement de ligne de commande Exchange Management Shell recouvrent souvent les protocoles SSL et TLS. En règle générale, « SSL » fait référence au véritable protocole SSL uniquement lorsqu’une version est également fournie (par exemple, SSL 3.0). Pour savoir pourquoi vous devez désactiver le protocole SSL et passer au protocole TLS, consultez l’article relatif à la protection contre la vulnérabilité du protocole SSL 3.0.

  • If you have POP3 or IMAP4 clients that can only send SMTP email on port 25, you can configure port 25 on the "Client Frontend <Server name>" Receive connector to allow clients to send authenticated SMTP email. However, because port 25 is also configured on the "Client Frontend <Server name>" Receive connector for email from external SMTP servers, you'll need to modify the local IP addresses that are used to listen on port 25 on one or both of the connectors. For more information, see Receive connector local address bindings.

  • Des autorisations doivent vous être attribuées avant de pouvoir exécuter cette procédure. Pour voir les autorisations qui vous sont nécessaires, consultez "Receive connectors" entry in the Autorisations de flux de messagerie topic.

  • Pour des informations sur les raccourcis clavier applicables aux procédures de cette rubrique, voir Raccourcis clavier dans Exchange 2013Raccourcis clavier dans le Centre d’administration Exchange.

tipConseil :
Vous rencontrez des difficultés ? Demandez de l’aide en participant aux forums Exchange. Visitez le forum à l’adresse : Exchange Server, Exchange Online ou Exchange Online Protection..

You can skip this step if you want to keep the default server FQDN value (for example, mailbox01.contoso.com). Or, you can specify an FQDN value that's more compatible with your Internet naming convention or a TLS certificate that you want to use.

If you change the FQDN value, and you want internal POP3 or IMAP4 clients to use this connector to send email, the new FQDN needs to have a corresponding record in your internal DNS.

Regardless of the FQDN value, if you want external POP3 or IMAP4 clients to use this connector to send email, the FQDN needs to have a corresponding record in your public DNS, and the TCP port (587) needs to be allowed through your firewall to the Exchange server.

  1. In the EAC, go to Mail flow > Receive connectors.

  2. In the list of Receive connectors, select Client Frontend <Server name>, and then click Edit (Icône Modifier).

  3. In the Exchange Receive Connector page that opens, click Scoping.

  4. In the FQDN field, enter the SMTP server FQDN that you want to use for authenticated SMTP client connections (for example, mail.contoso.com) and then click Save.

Onglet Étendue pour le connecteur de réception frontal de client

To configure the FQDN for authenticated SMTP clients, use the following syntax:

Get-ReceiveConnector -Identity "Client Frontend*" | Set-ReceiveConnector -Fqdn <FQDN>

This example configures the FQDN value mail.contoso.com.

Get-ReceiveConnector -Identity "Client Frontend*" | Set-ReceiveConnector -Fqdn mail.contoso.com

To verify that you've successfully the FQDN on the "Client Frontend <Server name>" Receive connector, use either of the following procedures:

  • the EAC, go to Mail flow > Receive connectors > select Client Frontend <Server name>, click Edit (Icône Modifier) > Scoping, and verify the value in the FQDN field.

  • In the Environnement de ligne de commande Exchange Management Shell, run the following command:

    Get-ReceiveConnector -Identity "Client Frontend*" |  Format-List Name,Fqdn
    

The certificate needs to match or contain the FQDN value that you specified in the previous step, and the POP3 and SMTP clients need to trust the certificate, which likely means a certificate from a commercial certification authority. For more information, see Certificate requirements for.

Also, you need to assign the certificate to the Exchange SMTP service. For more information, see Délivrer des certificats aux services Exchange 2016.

To specify the certificate that's used for authenticated SMTP client connections, use the following syntax:

$TLSCert = Get-ExchangeCertificate -Thumbprint <ThumbprintValue>
$TLSCertName = "<I>$($TLSCert.Issuer)<S>$($TLSCert.Subject)"
Get-ReceiveConnector -Identity "Client Frontend*" | Set-ReceiveConnector -TlsCertificateName $TLSCertName

This example uses the certificate that has the thumbprint value 434AC224C8459924B26521298CE8834C514856AB.

$TLSCert = Get-ExchangeCertificate -Thumbprint 434AC224C8459924B26521298CE8834C514856AB
$TLSCertName = "<I>$($TLSCert.Issuer)<S>$($TLSCert.Subject)"
Get-ReceiveConnector -Identity "Client Frontend*" | Set-ReceiveConnector -TlsCertificateName $TLSCertName

To verify that you've specified the certificate that's used to encrypt authenticated SMTP client connections, perform the following steps:

  1. Run the following command in the Environnement de ligne de commande Exchange Management Shell:

    Get-ReceiveConnector -Identity "Client Frontend*" |  Format-List Name,Fqdn,TlsCertificateName
    
  2. Run the following command in the Environnement de ligne de commande Exchange Management Shell:

    Get-ExchangeCertificate | Format-List Thumbprint,Issuer,Subject,CertificateDomains,Services
    
  3. Verify the Subject or CertificateDomains field of the certificate that you specified on the Receive connector contains the Fqdn value of the Receive connector (exact match or wildcard match).

To configure Outlook sur le web to display the SMTP settings server for authenticated SMTP clients, run the following command:

Get-ReceiveConnector -Identity "Client Frontend*" | Set-ReceiveConnector -AdvertiseClientSettings $true

Note: To prevent the SMTP settings from being displayed in Outlook sur le web, change the value from $true to $false.

To verify that you've configured Outlook sur le web to display the SMTP settings for authenticated SMTP clients, perform the following steps:

  1. Open a mailbox in Outlook sur le web, and then click Settings > Options.

    Options de l’emplacement du menu dans Outlook sur le web
  2. Click Mail > Accounts > POP and IMAP and verify the correct SMTP settings are displayed.

    Paramètres SMTP dans Outlook sur le web

    Note: If the SMTP settings that you configured don't appear as expected in Outlook sur le web, run the command iisreset.exe /noforce to restart Services Internet (IIS) (IIS).

To verify that you've configured the authenticated SMTP settings on the Exchange server, perform one or more following procedures:

  • Use the Test-PopConnectivity or Test-ImapConnectivity cmdlets, which use authenticated SMTP to send test messages. For more information, see Test-PopConnectivity and Test-ImapConnectivity.

  • Enable protocol logging on the "Client Frontend <Server name>" Receive connector, configure a POP3 or IMAP4 client to connect to a mailbox, send a test message from an internal network connection and/or an external Internet connection, and view the results in the protocol log. For more information, see Enregistrement dans le journal de protocole.

    Note: You can't use POP3 or IMAP4 to connect to the Administrator mailbox. This limitation was intentionally included in Exchange 2016 to enhance the security of the Administrator mailbox.

 
Afficher: