Setting up Thunderbird and Exchange 2007 server

authenticationexchangeexchange-2007smtpthunderbird

I want to use Thunderbird with Exchange 2007. Before I used Outlook and everything worked fine. Now I set up the following settings in Thunderbird:

Inbox
IMAP
Server Address: 192.168.0.1
Port: 143
SSL: STARTTLS
Authentication: Password, normal

Outbox
SMTP
Server Address: 192.168.0.1
Port: 587
SSL: No
Authentication: No

The user can send and receive emails from inside the organization. Now the user should also send and receive emails outside the organization. If the user tries it he gets Unable to relay and no message is sent. This is an authentication problem.

How should the Exchange 2007 server be configured?

I tried other settings for the outbox within Thunderbird but they didn't worked. In the Exchange management consonsole I go to server configuration, client access, POP3 and IMAP4, click on the properties of POP3 and I have the following settings:

Binding:
TLS: Port 110
SSL: Port 995

Authentication:
Secure login and the name of the X.509 certificate

Under server configuration, Hub-Transport, properties of the default connector, tab authentication TLS, basic authentication and integrated Windows authentication is checked. Under authorisation group anonym user, exchange user, exchange server and legacy exchange server is checked.

Best Answer

SMTP should be configured to require authentication if you are publicly exposing the ports. Most default configs only allow relaying as authenticated users.

By "outside the org" are you leaving the network? Are you using VPN to connect to 192.168.0.1? mail.yourdomain.com is probably resolving to a public IP address, which would be unreachable while you are inside the network, and would only work outside the firewall if you had your IMAP/SMTP ports open to the Exchange server.

I think that if you were to configure your client to authenticate against both IMAP and SMTP, you would at minimum be working inside your firewall, pointed at 192.168.0.1.

To get it working outside the firewall with a local address, you would need to VPN.

If you don't want to VPN, and want to use mail.yourdomain.com, you could setup the yourdomain.com zone on an internal DNS server (assigned to clients with DHCP) and have it resolve mail.yourdomain.com to 192.168.0.1, and when you are outside the firewall, public DNS would resolve it to the correct public IP.

Related Topic