We are currently allowing access to POP & IMAP through both secure and non-secure methods. Because non-secure traffic is sent in clear text, we need to migrate all users over to secure POP/IMAP, but have many legacy systems that might not be able to move over. With that being said, is there a way to whitelist just the select few systems that need to stay on non-secure POP & IMAP?

Also, anyone have a good way to import the Exchange POP & IMAP log files, filter them, and only show the systems that are connecting via ports 110 and 143, in order to get a list of users that need to move to secure connections?

Thanks!

• Edited by JSKoons Friday, May 01, 2015 10:32 PM

We are currently allowing access to POP & IMAP through both secure and non-secure methods. Because non-secure traffic is sent in clear text, we need to migrate all users over to secure POP/IMAP, but have many legacy systems that might not be able to move over. With that being said, is there a way to whitelist just the select few systems that need to stay on non-secure POP & IMAP?

Hi,

According to your description, I am still not quite sure about your requirement. What's your mail server and mail flow configuration in your environment? How do you achieve accessing Exchange mailbox by using POP & IMAP with both secure and non-secure methids?

Generally, we use Set-POPSettings and Set-IMAPSettings to configure Internal/External POP3 or IMAP4 port number, encryption method in Exchange 2013. Please collect the POP3 IMAP settings information in your environment:

Get-POPSettings | fl

Get-IMAPSettings | fl

Regards,

Hi Winnie,

We are running Exchange 2013 and all traffic accessing our POP & IMAP services is all internal. On these servers, they are configured to allow both unencrypted and SSL connections for POP3 and IMAP4. As far as mail flow, traffic is routed through load balancers and then directed to the servers. We could possibly block or whitelist clients at the load balancer, but if a user knows the actual server names, they can just bypass the load balancers and connect.