My good friend and renowned Exchange MVP Jeff Guillet (expta.com fame) brought an interesting issue to my attention. On his Mac, built-in Mail client would not connect to Exchange through KEMP LoadMaster. The load balancer was configured to user Layer 7 load balancing. The Exchange environment was mixed Exchange 2013 and Exchange 2016 but load balancer was configured to use only Exchange 2016 servers. KEMP LoadMaster was configured to terminate SSL connection on the load balancer. The connections to the Exchange servers were also encrypted.
Microsoft Outlook 2013/2016 clients on PC did not exhibit any issues. Latest Microsoft Outlook for Mac did not exhibit any issues either!
It is worth pointing out that while Outlook 2013/2016 on PC use MAPI/HTTP or RPC/HTTP to connect to Exchange 2013/2016 servers, both clients on Mac (Mac‘s own Mail client and Microsoft Outlook for Mac) uses Exchange Web Services (EWS).
Mac Mail was throwing “Account Error” which read “Unable to connect … The server returned error: Connections to host mail.contoso.com on default ports failed.”
The error is somewhat misleading as when you look at EWS logs on Exchange server, you will see that the server responded to the request with HTTP error 400 which translates to “bad request”. What I didn’t know at this point was what was causing the server to respond with this error.
Microsoft provides great testing tools for Exchange on www.exrca.com, so I decided to run EWS connectivity test from the toolset. To my surprise, the test failed with the error “Message: The request failed. The remote server returned an error: (501) Not Implemented.”
I knew about this particular error as I had worked with Michael Van Horenbeeck and is documented here:
The issue is also documented by Brian Reid: Exchange Web Services (EWS) and 501 Error and Phil Sharp: Kemp Load Balancer and Lync Unified Contact Store Integration Note.
After enabling L7 debug tracing on my KEMP LoadMaster I observed the same error mentioned in the above articles “lb100 kernel: L7: badrequest-client_read [client.ip.address:51830->load.balancer.ip.address:443] (-501): <?xml ? , 0 [hlen 1405, nhdrs 11]”
It would be easy to blame load balancer at this point and implement the recommended fix by changing 100-continue handling on LoadMaster. But if that was the issue, why did Outlook for Mac work without any errors?
Anyhow, I proceeded changing the 100-continue handling by changing it from default setting of RFC-2616 compliant, to RFC-7231 compliant instead:
After changing this setting, I ran the EWS test from exrca website again, and as one would expect, the test passed with no issues.
It did, however, failed to address the issue for Mac Mail client! No eureka moment, just yet!