I want to configure POP3 mail access for Exchange 2007 using secure ports. DOes anyone have the steps to do this? Seems to only work on the default port assignments.

What do you mean by "secure ports"? By default 2007, is ready to use POP over SSL - (Port 995). If you want to change the default port, I dont see the point. It doesnt make anything more secure as port scanners can easily find it. http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/using-pop3-imap4-access-exchange-2007-part1.html

It seems to only work on port 110 and 25. Also, for encryption do you need another cert - x.509? Thanks, JD

Hi, Exchange 2007 uses X.509 certificates to negotiate secure Transport Layer Security (TLS) and Secure Sockets Layer (SSL) transport channels of communication for protocols, such as HTTPS, SMTP, and POP and IMAP. We recommend that you deploy a certificate issued by a public CA whenever your users are access Exchange components that require authentication and encryption from outside your corporate firewall. For example, all the various clients that the Client Access server role supports, such as Exchange ActiveSync, POP3, IMAP4, and Outlook Anywhere, should be secured with a certificate that is issued by a public CA. http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx Thanks, Richard Your expertise never fails to impress :)

We do have a SAN certificate already, does this mean we need a second cert for POP3? I just want to make sure.

Actually, how about sending, that is on port 25, how do you secure that?

Actually, I have just one final question. I opened the ports in the firewall, yet when not on the corporate network I am having the issue that on the outside it says the email is being rejected from the server. What on Exchange 2007 could be blocking this when it works inside the network. Also using TLS encryption.