BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 04-06-2005, 01:54 PM   #1 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default BES path of messages via internet

Please Login to Remove!

Ok, so I have to write up the security document on the path of a message from the post office, to the device and back again. From looking at tech white papers and my own observations and all that, I think I've got it. This is for GroupWise specifically, so ignore the post office section, but the rest should apply. So I figured while doing all this work I'd share it with you guys (in a much more condensed format). So here goes...


Quote:
Post office receives an email labeled TEST to [email address]. BES will check the post office every 10 seconds for new emails or email updates to send to the device. BES finds the TEST email and retrieves it from the post office. BES encrypts the email, attaches the BES SRP and device PIN and RefID of the TEST message to the encrypted TEST message. The encrypted TEST message is sent through the firewall and outside router via port 3101. The email arrives at its destination, a RIM relay server in Waterloo, Ontario. The RIM relay server read the headers from the encrypted TEST. The RIM relay server verifies the SRP information is correct and active, and then compares the device PIN to those associated with the SRP identifier included. If this information checks out, the RIM relay server routes the encrypted TEST message through the appropriate carrier’s servers and cell towers directly to the device. The device receives the TEST message, unencrypts it and displays it on the user’s device for viewing.

Outgoing messages go in reverse. The user prepares TESTREPLY on the BlackBerry device. Once marked to send, the device encrypts the TESTREPLY message, attaches SRP identifier, device PIN and TESTREPLY message RefID, and directs the message to the RIM relay server via the carrier’s cell towers and servers. Once arrived at the RIM relay server, the relay server detaches the SRP identifier, device PIN and RefID, compares and verifies it as active. If approved, the RIM relay server then identifies the BES server based on the SRP identifier and sends the TESTREPLY message back through the Internet, through our router and firewall until it reaches the BES server. The BES server initiates this connection on port 3101 at a set interval checking for device updates to establish the return connection (This way no incoming ports need opened in the firewall). The TESTREPLY message arrives at the BES server, is identified by the BES server and routed to the [email address] mailbox on the post office via port 1677.
MDS requests are actually very similar in that they send an encrypted message packet (without the RefID) via the same transport method. The BES server then initiates a connection to the device on port 3106, with the BES server acting as a virtual router to move those packets through the server to the appropriate port externally.
Offline  
Old 04-06-2005, 06:12 PM   #2 (permalink)
New Member
 
Join Date: Mar 2005
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Are the headers in plain text or are they encrypted?
Offline  
Old 04-06-2005, 07:06 PM   #3 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I will find out for you tomorrow
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.