Whilst I’m not trying to suggest that the Apple iPhone is intended for business users (I’d suggest that it’s more of a consumer device and that businesses are wedded to their Blackberries or, more sensibly in my opinion, Windows Mobile devices) it does seem to me that there’s been a lot of talk about how it can’t work with Microsoft Exchange Server – either blaming Apple for not supporting the defacto standard server for corporate e-mail or Microsoft for not being open enough. Well, I’d like to set the record straight – the iPhone does work with Exchange Server (and doesn’t even need the latest version).
My mail server is running Microsoft Exchange Server 2003 SP2 and has nothing unusual about it’s configuration. I have a relatively small number of users on the server, so have a single server for secure Outlook Web Access (OWA, via HTTPS) and Outlook Mobile Access (OMA, via HTTP) and mailbox access (MAPI-RPC for Outlook, IMAP for Apple Mail, WebDAV via OWA for Entourage). I have also enabled HTTP-RPC access (as described by Daniel Petri and Justin Fielding) so that I can use a full Outlook client from outside the firewall.
It’s the IMAP access that’s the critical component of the connection as, whichever configuration is employed, the iPhone uses IMAP for communication with Exchange Server and so two configuration items must be in place:
- The server must have the IMAP service started.
- The user’s mailbox must be enabled for IMAP access.
Many organisations will not allow IMAP access to servers, either due to the load that POP/IMAP access places on the server or for reasons of security (IMAP can be secured using SSL, as I have done – Eriq Neale has written a step by step guide on how to do this for Windows Small Business Server 2003 and the process is identical for Exchange Server 2003).
In addition, firewalls must allow access to the Exchange server on the appropriate TCP ports – IMAP defaults to port 143; however secure IMAP uses TCP port 993. SMTP access will also be required (typically on TCP port 25 or 587). 
You can confirm that the ports are open using telnet servername portnumber.
Note that even if the connection between the iPhone and Exchange Server is secure, there are no real device access controls (or remote wipe capabilities) for an iPhone. Eriq Neale also makes the point that e-mail is generally transmitted across the Internet in the clear and so is not a secure method of communication; however it is worth protecting login credentials (if nothing else) by securing the IMAP connection with SSL.
Interestingly, the iPhone has two mail account setup options that could work with Exchange Server and experiences on the ‘net seem to be varied. IMAP should work for any IMAP server; however there is also an Exchange option, which didn’t seem to work for me until I had HTTP-RPC access properly configured on the server. That fits with the iPhone Topic article on connecting the iPhone to Exchange, which indicates that both OWA (WebDAV) and HTTP-RPC are required (these would not be necessary for pure IMAP access).
The final settings on my iPhone are:
| Settings – Mail – Accounts – accountname | ||
|---|---|---|
| Exchange Account Information | Name | displayname |
| Address | username@domainname.tld | |
| Description | e.g. Work e-mail | |
| Incoming Mail Server | Host Name | servername.domainname.tld |
| User Name | username | |
| Password | password | |
| Outgoing Mail Server | Host Name | servername.domainname.tld |
| User Name | username | |
| Password | password | |
| Advanced – Mailbox Behaviors | Drafts Mailbox | Drafts |
| Sent Mailbox | Sent Items | |
| Deleted Mailbox | Deleted Items | |
| Advanced – Deleted Messages | Remove | Never |
| Advanced – Incoming Settings | Use SSL | On |
| Authentication | NTLM | |
| IMAP Path Prefix | ||
| Server Port | 993 | |
| Advanced – Outgoing Settings | Use SSL | On |
| Authentication | NTLM | |
| Server Port | 25 |
(Advanced settings were auto-configured.)
A few more points worth noting:
- I initially got everything working using a Wi-Fi connection (after making sure that the mail server could be reached using the same name for both internal and external DNS) and then walked down the street (until I lost Wi-Fi connectivity) to test the connection over EDGE.
- Although I’m using Exchange Server 2003, the process is similar for Exchange Server 2007 and has been documented by Chris Dearie at Azaleos.
- This post relates purely to e-mail access (no calendaring, contacts, tasks, etc.) – The Microsoft Exchange Server team have written an informative post about the differences between Exchange ActiveSync (as implemented by many smartphones), IMAP 4 (some desktop mail clients) and IMAP (as implemented on the iPhone).