From time to time we get customers that need to use Pop3 or IMAP to send email. Typically it’s for their remote users that are using Outlook or Thunderbird email clients. First I would like to say, I highly recommend you use Outlook Anywhere instead of pop3 and imap and for increased security disable Pop3/IMAP . However, sometimes under certain circumstances you may need to use pop3 or imap.

So if you’re getting one of these errors when trying to send email or setting up a email client:

  • “Client does not have permissions to send as this sender”
  • “Server does not support the selected authentication”

To fix we do the following:

  • Make sure you have a valid SSL certificate, we sell single or UCC certificates if you need one.
  • Add firewall rule to allow incoming traffic on port 587 to forward to the Exchange Server
  • Get-ReceiveConnector “Client” | Add-ADPermission –User “authenticated users”  -ExtendedRights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
    This allows all “authenticated users” (users that have correct domain username and pw) to send email to the Exchange Server.
  • Restart Hub Transport

You will be performing this on the “Client” transport connector and not the “Default”, so you’re settings should look like this: