POP3 vague error on login....

If you have Exchange 2013 and try to connect using POP3 you are more than good to connect with the alias name, but you get a vague "incorrect username and password" which is NOT the case.

This is how I am connecting using OpenSSL....

openssl s_client -crlf -connect :110 -starttls pop3

Then when I get to the login this happens:

+OK The Microsoft Exchange POP3 service is ready.
USER
+OK
PASS
-ERR Logon failure: unknown user name or bad password.
-ERR Connection is closed. 12

Whats in the blue blazes is going on.......

So, firstly lets check the obvious that the server component health is OK using this:

Get-ServerComponentstate -Identity

I am interested in this line the component called PopProxy if this is inactive as below POP3 will not work:

PopProxy Inactive

If you have an "inactive" one then run this to get it active:

Set-ServerComponentState -Identity -Component PopProxy -Requester HealthAPI -State Active

This was not the case for me, my POPProxy was already active, ok moving on....

I have confirmed that the password is fine and the account is not disabled or the account is not locked out, so now we need some logging on the POP3 protocol.

Turn on logging: 
Set-PopSettings -Server "CAS01" -ProtocolLogEnabled $true -LogFileLocation "C:\Pop3Logging"

Turn off logging:
Set-PopSettings -Server "CAS01" -ProtocolLogEnabled $false

Lets look at the logs, this is the failed connection attempt:

2017-09-08T11:57:41.337Z,0000000000000003,3,:43321,,1967,10,56,pass,*****,"R=""-ERR Logon failure: unknown user name or badpassword."";Msg=Proxy::9955:SSL;ErrMsg=ProxyFailed;Excpt=""No connection could be made because the target machine actively refused it :9955-error

Right so this is saying it cannot connect the backend POP3 service on the server in the logs, so when I check the backend POP3 service on the target services is stopped in manual.

Right that's the problem, so lets start it and try the command again:

2017-09-08T12:00:09.540Z,0000000000000007,4,:110,10.242.8.171:43436,,0,0,0,CloseSession,,
2017-09-08T12:00:54.163Z,000000000000000A,0,127.0.0.1:995,127.0.0.1:27074,,59,0,51,OpenSession,,
2017-09-08T12:00:54.226Z,000000000000000A,1,127.0.0.1:995,127.0.0.1:27074,,21,4,37,capa,,R=ok
2017-09-08T12:00:54.226Z,000000000000000A,2,127.0.0.1:995,127.0.0.1:27074,,0,0,0,CloseSession,,
2017-09-08T12:01:45.507Z,000000000000000B,0,:110,10.242.1.61:3971,,1,0,51,OpenSession,,
2017-09-08T12:01:45.523Z,000000000000000B,1,:110,10.242.1.61:3971,,16,4,28,stls,,
2017-09-08T12:01:47.554Z,000000000000000C,0,:110,:59509,,1,0,51,OpenSession,,
2017-09-08T12:01:47.617Z,000000000000000C,1,:110,:59509,,58,4,28,stls,,
2017-09-08T12:01:50.445Z,000000000000000B,2,:110,10.242.1.61:3971,,1,13,5,user,,R=ok
2017-09-08T12:01:51.632Z,000000000000000C,2,:110,:59509,,1,13,5,user,,R=ok

Bingo we are back online, in this case the mailboxes were moved from a databases with the POP3 backend server running to a server with the POP3 backend service not running.

Thats all now sorted and working.




Previous Post Next Post

نموذج الاتصال