One of the interesting things about writing this column is that I get to work with a variety of technologies. Lately I've been spending a lot of time with Exchange ActiveSync (EAS), the Exchange Server 2003 feature that enables wireless mailbox access for compatible devices. The premise behind EAS is fairly simple: Mobile devices that understand the EAS protocol can connect to the Exchange server so that users can synchronize calendar, contact, and email data.

When Exchange 2003 was first released, only a handful of Pocket PCs running the then-brand-new Windows Mobile OS supported EAS. Since then, EAS support has been added to several newer (and better) Windows Mobile devices, including the Audiovox SMT5600 (which I review in more detail on the Exchange Security blog, at http://www.e2ksecurity.com/archives/001214.html ), the Motorola MPx200 and MPx220, and the HP iPAQ 6315. In a surprising move, palmOne--Microsoft's chief competitor in the mobile device OS market--announced in October that its Treo 650 smart phone (which I review at http://www.e2ksecurity.com/archives/001213.html ) will support EAS. Late last month, Motorola announced that it has licensed EAS for its Linux-powered A720 smart phone. Clearly, Microsoft is interested in making Exchange email available to a range of mobile devices, not just those powered by Windows Mobile. This is proof positive that Microsoft's talk about licensing its protocols is serious, and I take that as a good sign.

The process by which Exchange ActiveSync synchronizes a folder is fairly simple:

1. The client initiates a connection to the /Microsoft-Server-ActiveSync directory on the target Exchange front-end or back-end server. This connection is made using HTTP with Secure Sockets Layer (SSL) and Basic HTTP authentication.

2. The massync.dll Internet Server API (ISAPI) extension, which is attached to the /Microsoft-Server-ActiveSync virtual directory, manages the process of authenticating the user against Active Directory (AD).

3. After the user has been authenticated, EAS fetches a synchronization state file from the user's mailbox. EAS uses this state file to identify items that have changed on the server.

4. EAS matches changes made on the device to existing changes on the server, reconciles the changes, and sends the sync changes to the device.

5. After the device has been synchronized, EAS updates the user's mailbox folder and saves the sync state file again.

Individual folders can be marked for EAS synchronization, although different devices support different levels of sync fidelity. For example, the Treo 650 can synchronize only the top-level Inbox and Calendar folders, whereas the SMT5600 and MPx-200/220 can also synchronize the Contacts folder.

EAS can be augmented with the Always-Up-To-Date (AUTD) feature, which sends a control message to the device using the Short Message Service (SMS). This control message tells the device to initiate an email sync; the effect (as long as your device gets the control messages) is that your device is automatically kept up-to-date regarding mailbox and calendar changes. AUTD can be enabled and disabled separately from EAS and is supported only on Windows Mobile devices.

How well do these protocols work? In my testing, the SMT5600 worked flawlessly with the three test servers I tried. The iPAQ 6315 worked with its test server, although T-Mobile's SMS system sometimes ate AUTD messages. The Treo 650 worked too, although its EAS implementation isn't as mature as Microsoft's and thus lacked some important features (notably the ability to perform over-the-air syncs of the Contacts folder). With wireless email becoming increasingly important to information workers, I expect to see more device manufacturers licensing EAS in the future, although a battle for supremacy between EAS and competing access methods from Research In Motion (RIM) and Good Technology is just beginning.