|
|
|
date: Mon, 17 Mar 2008 14:43:31 -0000,
group: microsoft.public.exchange.connectivity
back
Re: IPhone connectivity to exchange & POP3 port 110
"Fred" wrote in message
news:43145380-0202-4C69-9546-F8C30A7D92C3@microsoft.com...
> Hi,
> I've had a bit of a can of worms opened at work, in that the directors (3)
> have all gone out and bought IPhones.
> Needless to say they want their corporate exchange mail sent to the
> handsets, the can of worms is how to do it securely.
>
> My initial research shows that a lot of people have done this by opening
> up port 110 on their firewalls and then using the pop3 connector.
>
> My gut feeling is that this is not secure, and in theory if a hacker
> scaned our ip range for open ports, they will see 110 open and then assume
> that there is a mailserver sat behind the port. Our exchange server is not
> in a DMZ so if it was compromised, so would the entire network!
>
> Has anyone else tried this or is it a big no no?
>
> TIA
I think iPhones only use IMAP, although I've not seen one and can't confirm
it. Email servers are easy enough to locate, since all that is required is
a response on port 25, and MX records are, of course, in the public domain.
Opening port 110 (or 143 for IMAP) is unlikely to make the situation much
worse. One thing to consider, though, is that usernames and passwords will
be transmitted during a POP or IMAP session - you should consider using SSL
if possible, but I hear many stories of the difficulty of setting up SSL
protected IMAP accounts on the iPhone.
Lee.
--
______________________________________
Outlook Web Access For PDA , OWA For WAP
www.leederbyshire.com
email a@t leederbyshire d.0.t c.0.m
______________________________________
date: Mon, 17 Mar 2008 15:00:40 -0000
author: Lee Derbyshire [MVP] email a@t leederbyshire d.0.t c.0.m
Re: IPhone connectivity to exchange & POP3 port 110
Thanks for that Lee.
The Iphone does come with a pop connector, however i've just found out that
they also come with an e mail account from O2.
What i think i will do is get SMTP traffic forwarded to the O2 account from
exchange, and then get them to reply via our ISP directly.
Cheers
"Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
message news:OLYFs%23DiIHA.5780@TK2MSFTNGP06.phx.gbl...
> "Fred" wrote in message
> news:43145380-0202-4C69-9546-F8C30A7D92C3@microsoft.com...
>> Hi,
>> I've had a bit of a can of worms opened at work, in that the directors
>> (3) have all gone out and bought IPhones.
>> Needless to say they want their corporate exchange mail sent to the
>> handsets, the can of worms is how to do it securely.
>>
>> My initial research shows that a lot of people have done this by opening
>> up port 110 on their firewalls and then using the pop3 connector.
>>
>> My gut feeling is that this is not secure, and in theory if a hacker
>> scaned our ip range for open ports, they will see 110 open and then
>> assume that there is a mailserver sat behind the port. Our exchange
>> server is not in a DMZ so if it was compromised, so would the entire
>> network!
>>
>> Has anyone else tried this or is it a big no no?
>>
>> TIA
>
> I think iPhones only use IMAP, although I've not seen one and can't
> confirm it. Email servers are easy enough to locate, since all that is
> required is a response on port 25, and MX records are, of course, in the
> public domain. Opening port 110 (or 143 for IMAP) is unlikely to make the
> situation much worse. One thing to consider, though, is that usernames
> and passwords will be transmitted during a POP or IMAP session - you
> should consider using SSL if possible, but I hear many stories of the
> difficulty of setting up SSL protected IMAP accounts on the iPhone.
>
> Lee.
>
> --
> ______________________________________
>
> Outlook Web Access For PDA , OWA For WAP
> www.leederbyshire.com
> email a@t leederbyshire d.0.t c.0.m
> ______________________________________
>
>
date: Mon, 17 Mar 2008 15:19:05 -0000
author: Fred
Re: IPhone connectivity to exchange & POP3 port 110
FYI, iPhone will support EAS this summer when iPhone 2.0 update is released.
http://www.apple.com/iphone/enterprise/
--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner
"Fred" wrote in message
news:0E3D86BC-7FEE-46EE-AD3D-433E433EA727@microsoft.com...
> Thanks for that Lee.
> The Iphone does come with a pop connector, however i've just found out
> that they also come with an e mail account from O2.
> What i think i will do is get SMTP traffic forwarded to the O2 account
> from exchange, and then get them to reply via our ISP directly.
>
> Cheers
>
>
>
> "Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
> message news:OLYFs%23DiIHA.5780@TK2MSFTNGP06.phx.gbl...
>> "Fred" wrote in message
>> news:43145380-0202-4C69-9546-F8C30A7D92C3@microsoft.com...
>>> Hi,
>>> I've had a bit of a can of worms opened at work, in that the directors
>>> (3) have all gone out and bought IPhones.
>>> Needless to say they want their corporate exchange mail sent to the
>>> handsets, the can of worms is how to do it securely.
>>>
>>> My initial research shows that a lot of people have done this by opening
>>> up port 110 on their firewalls and then using the pop3 connector.
>>>
>>> My gut feeling is that this is not secure, and in theory if a hacker
>>> scaned our ip range for open ports, they will see 110 open and then
>>> assume that there is a mailserver sat behind the port. Our exchange
>>> server is not in a DMZ so if it was compromised, so would the entire
>>> network!
>>>
>>> Has anyone else tried this or is it a big no no?
>>>
>>> TIA
>>
>> I think iPhones only use IMAP, although I've not seen one and can't
>> confirm it. Email servers are easy enough to locate, since all that is
>> required is a response on port 25, and MX records are, of course, in the
>> public domain. Opening port 110 (or 143 for IMAP) is unlikely to make the
>> situation much worse. One thing to consider, though, is that usernames
>> and passwords will be transmitted during a POP or IMAP session - you
>> should consider using SSL if possible, but I hear many stories of the
>> difficulty of setting up SSL protected IMAP accounts on the iPhone.
>>
>> Lee.
>>
>> --
>> ______________________________________
>>
>> Outlook Web Access For PDA , OWA For WAP
>> www.leederbyshire.com
>> email a@t leederbyshire d.0.t c.0.m
>> ______________________________________
>>
>>
>
date: Mon, 17 Mar 2008 11:31:08 -0400
author: John Oliver, Jr. [MVP]
|
|
