How does a Microsoft mobile device synch against SBS 2003? Let's break it down.
Microsoft Mobile Devices
A Microsoft mobile device such as a SmartPhone or a Pocket PC Phone Edition phone work in similar was (exactly the same way for Windows Mobile based phones (i.e. the 2003 versions). These devices will get an internet connection (via GPRS, CDMA or WiFi or BlueTooth, depending on the device) and then authenticate to https://www.fqdn.com/microsoft-server-active-sync .
Because Exchange is primarily designed for the larger companies; it expects a front-end server to accept the web requests and a back-end server where the mailbox stores live. SBS is both front-end and back-end server; because of this, the request received in teh MSAS virtual directory is sent (via a loopback) to the \exchange-oma virtual directory. While this data loop-back is not SSL encrypted, this virtual directory is IP restricted to the local box such that the non-SSL encrypted data is all processed locally.
It is very important not to change the ip restrictions on the \exchange-oma directory, or you could have users mail broadcasted in clear text via an OWA session
WAP 2.x Browse Phones
WAP 2.0 and higher browser phones can view their Exchange stor by browsing to https://www.fqdn.com/oma. Once authenticated, the user can browse their inbox in a hyper-text like format. Be warned though, many of these phones do not support the self-signed certificate that SBS provides (meaning they will not prompt you to accept an invalid certificate, but rather just complain and fail.
Once the authentication occurs, the same loopback to the \exchange-oma directory will occur.