最近接了一个CASE，搞定有点郁闷，研究了2天才找到问题原因，今天就给大家分享下：

Exchange版本：Exhange2013 CU7

操作系统版本：WindowsServer 2008 R2企业版 SP1

问题描述：部分POP3客户端无法连接到Exchange邮件服务器

症状

======

特定CAS服务器无法完成POP3连接

1.TELNET 110 端口服务无响应

2.配置账户失败

 

抓包分析

==========

根据抓包，我发现TELNET的包，到CAS-01都是有被收到的。但是SESSION直接被finished。

 

10384   3:39:10 PM 5/6/2015    10.0902274             BJ-DC-02      bj-cas-01     TCP    TCP:Flags=CE....S., SrcPort=51371, DstPort=POP 3(110), PayloadLen=0,Seq=1885023159, Ack=0, Win=8192 ( Negotiating scale factor 0x8 ) =8192    {TCP:5238, IPv4:2189}

10385   3:39:10 PM 5/6/2015    10.0905016             bj-cas-01    BJ-DC-02      TCP    TCP:Flags=...A..S., SrcPort=POP 3(110), DstPort=51371, PayloadLen=0,Seq=895363624, Ack=1885023160, Win=8192 ( Negotiated scale factor 0x8 ) =2097152  {TCP:5238, IPv4:2189}

10386   3:39:10 PM 5/6/2015    10.0908833             BJ-DC-02      bj-cas-01    TCP    TCP:Flags=...A...., SrcPort=51371, DstPort=POP 3(110), PayloadLen=0,Seq=1885023160, Ack=895363625, Win=256 (scale factor 0x8) = 65536 {TCP:5238, IPv4:2189}

10387   3:39:10 PM 5/6/2015    10.0922646             bj-cas-01     BJ-DC-02      TCP    TCP:Flags=...A...F, SrcPort=POP 3(110), DstPort=51371, PayloadLen=0,Seq=895363625, Ack=1885023160, Win=256 (scale factor 0x8) = 65536 {TCP:5238, IPv4:2189}

10388   3:39:10 PM 5/6/2015    10.0923369             BJ-DC-02      bj-cas-01     TCP    TCP:Flags=...A...., SrcPort=51371, DstPort=POP 3(110), PayloadLen=0,Seq=1885023160, Ack=895363626, Win=256 (scale factor 0x8) = 65536 {TCP:5238, IPv4:2189}

10389   3:39:10 PM 5/6/2015    10.0947774             BJ-DC-02      bj-cas-01     TCP    TCP:Flags=...A...F, SrcPort=51371, DstPort=POP 3(110), PayloadLen=0,Seq=1885023160, Ack=895363626, Win=256 (scale factor 0x8) = 65536 {TCP:5238, IPv4:2189}

10390   3:39:10 PM 5/6/2015    10.0949663             bj-cas-01     BJ-DC-02      TCP    TCP:Flags=...A...., SrcPort=POP 3(110), DstPort=51371, PayloadLen=0,Seq=895363626, Ack=1885023161, Win=256 (scale factor 0x8) = 65536 {TCP:5238, IPv4:2189}

 

因此，建议客户检查

 

1.确保POP3 LOGGING 已经开启，需要准备一台测试用CLIENT  配合我们做账号配置

 

2.收集POP3 SETTING      

Get-PopSettings  |fl >>C:\pop3.txt        ；请提供MBX-02 的IP 地址

 

收集ComponentState信息

Get-ServerComponentState   -identity “bj-cas-01”  >>C:\comp.txt

 

3.收集SDP日志包:

 

在CAS01服务器端收集SDP

1. Click on the link below.

2. Click on the Run button (recommended) to start the diagnosticprocess.

3. Follow the onscreen instructions to run the diagnostic on thiscomputer, or on a different computer.

 

Please note that you can submit diagnostics results back toMicrosoft 10 time(s) until: 2015-06-05.

 

For frequently asked questions about diagnostic data collection anduploading tools click the link below:

问题原因

==========

1.前端服务器 POPPROXY 组件处于INACTIVE状态

2.认证模式处于SecureLogin 需要加密再完成认证

 

解决办法

==========

1.将Requester 设为HealthAPI  运行   Set-ServerComponentState -IdentityBJ-CAS-01  -Component PopProxy -Requester HealthAPI -State Active

2.使用PlainTextLogin  模式    set-popsettings -server BJ-CAS-01-LoginType PlainTextLogin  

本文出自 “Juck Zhang” 博客，谢绝转载！