Hi Everyone Is anyone out there using Squid as a reverse proxy secure gateway for an Outlook Web Access Exchange 2003 server?
I have as follows USER----- (SSLTunnel )-----> SQUID-----(No SSL)----->Exchange 2003 Everything in OWA works perfectly through this SSL gateway, that is all except the new Exchange 2003 Spell check feature. (When not connecting through a proxy Spell Check works fine and yes, plain text auth on the relevant IIS virtual directories is enabled to enable auth requests to be proxied as NTLM is not proxyable.) Interestingly I don't think it has anything to do with using Squid in a reverse configuration as I tested several other randomly selected recent Stable versions of Squid in a highly default FORWARD proxy mode and all exhibited the same behaviour. It looks to be like something in the IIS-->IE browser is not Kosher in terms of RFC, which perhaps causes Squid to trip over. Logs give no clear indication, either on the IIS or Squid. The last entry that you see when trying to spell check through Squid is: 10.0.0.2 - - [03/Sep/2004:19:03:38 +1000] "POST http://foobar.com/exchweb/bin/spell/owaspell.dll HTTP/1.1" 200 356 TCP_MISS:DEFAULT_PARENT I have a ticket open with MS who are investigating whether they are indeed RFC compliant in this area, however this is not likely to produce anything fruitful and I am expecting the MS solution to be "Install MS ISA Server!!" Yeah, right! Has anyone else seen the same behaviour and if so, found a workaround? If this is a common problem across many versions I can foresee this to be a growing issue as the uptake of Exchange 2003 increases. I am using Squid 2.5 Stable 3 on RH 7.3 Thanks in advance, Dave H
