[squid-users] squid 3.2.1 outlook web access attachment size from Socrates K on 2012-09-23 (squid-users)

From: Socrates K <socratesko_at_hotmail.com>
Date: Mon, 24 Sep 2012 01:04:05 +0300

Hi,

I’m trying to configure squid 3.2.1 as a reverse proxy for outlook web
access on exchange 2010.

Although it seems to work OK I have a strange situation.
When I try to attach a file that is less than 2MB the file is attached and
everything is OK, but, when the attachment is more than 2Mb then is tries
some time (too long related to file size) and finally stops with outlook web
access error (The action you tried to perform couldn't be completed because
there's a configuration problem on the server. If the problem continues,
contact your helpdesk.)

Any idea on how to resolve this issue?

Thank you in advance,

squid access.log records the following:

1348435931.778 17 10.49.74.151 TCP_MISS/200 793 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436085.662 153442 10.49.74.151 TCP_MISS/502 4763 POST
https://webmail.domain.com/owa/ev.Owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436160.678 5 10.49.74.151 TCP_MISS/200 487 GET
https://webmail.domain.com/owa/csdc.gif? - SOURCEHASH_PARENT/10.10.8.10
image/gif
1348436197.992 66 10.49.74.151 TCP_MISS/200 422 GET
https://webmail.domain.com/owa/keepalive.owa -
SOURCEHASH_PARENT/10.10.8.10 -
1348436200.207 320018 10.49.74.151 TCP_MISS/200 1743 GET
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436200.251 5 10.49.74.151 TCP_MISS/200 655 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436231.214 5 10.49.74.151 TCP_MISS/200 487 GET
https://webmail.domain.com/owa/csdc.gif? - SOURCEHASH_PARENT/10.10.8.10
image/gif
1348436240.893 154540 10.49.74.151 TCP_MISS/502 4763 POST
https://webmail.domain.com/owa/ev.Owa? - SOURCEHASH_PARENT/10.10.8.10
text/html
1348436241.106 9 10.49.74.151 TCP_MISS/200 705 POST
https://webmail.domain.com/owa/ev.owa? - SOURCEHASH_PARENT/10.10.8.10
text/html

squid.conf file

# visible_hostname webmail.domain.com
redirect_rewrites_host_header off
cache_mem 32 MB
maximum_object_size_in_memory 128 KB

httpd_suppress_version_string on
cache_mgr nomail_address_given
via off
forwarded_for transparent
ignore_expect_100 on
ssl_unclean_shutdown on
debug_options 11,4
reply_body_max_size 10 MB
# request_header_max_size

# logformat combined %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
# access_log /var/log/squid/access.log combined
https_port webmail.domain.com:443 accel cert=/etc/squid/cert/CA_Cert.pem
key=/etc/squid/cert/CA_Cert.pem defaultsite=webmail.domain.com
cache_peer 10.10.8.10 parent 443 0 no-query proxy-only no-digest
front-end-https=on connection-auth=on sourcehash originserver login=PASS ssl
sslcafile=/etc/squid/cert/inner.pem ssl ssldomain=*.inner.domain.com
sslflags=DONT_VERIFY_PEER name=autodiscoverServer
forceddomain=webmail.domain.com
cache_peer_domain autodiscoverServer webmail.domain.com

acl ADSC dstdomain .domain.com
cache_peer_access autodiscoverServer allow ADSC
cache_peer_access autodiscoverServer deny all
never_direct allow ADSC
http_access allow ADSC
http_access deny all
miss_access allow ADSC
miss_access deny all

squid version
squid -v
Squid Cache: Version 3.2.1
configure options: '--prefix=/usr' '--sysconfdir=/etc/squid'
'--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--localstatedir=/var'
'--libexecdir=/usr/sbin' '--datadir=/usr/share/squid'
'--mandir=/usr/share/man' '--libdir=/usr/lib' '--sharedstatedir=/var/squid'
'--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid'
'--with-dl' '--enable-disk-io' '--enable-storeio'
'--enable-removal-policies=heap,lru' '--enable-icmp' '--enable-delay-pools'
'--enable-esi' '--enable-icap-client' '--enable-useragent-log'
'--enable-referer-log' '--enable-kill-parent-hack' '--enable-arp-acl'
'--enable-ssl' '--enable-forw-via-db' '--enable-cache-digests'
'--enable-linux-netfilter' '--with-large-files' '--enable-underscores'
'--enable-auth' '--enable-auth-basic' '--enable-auth-ntlm'
'--enable-auth-negotiate' '--enable-auth-digest'
'--enable-external-acl-helpers=LDAP_group,eDirectory_userip,file_userip,kerberos_ldap_group,session,unix_group,wbinfo_group'
'--enable-ntlm-fail-open' '--enable-stacktraces'
'--enable-x-accelerator-vary' '--with-default-user=squid'
'--disable-ident-lookups' '--enable-follow-x-forwarded-for'
'CFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2
-fstack-protector -funwind-tables -fasynchronous-unwind-tables -fPIE -fPIC
-DOPENSSL_LOAD_CONF' 'LDFLAGS=-Wl,-z,relro,-z,now -pie'
'CXXFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2
-fstack-protector -funwind-tables -fasynchronous-unwind-tables -fPIE -fPIC
-DOPENSSL_LOAD_CONF'

Regards,

Socratis,
Received on Sun Sep 23 2012 - 22:04:14 MDT

This archive was generated by hypermail 2.2.0 : Mon Sep 24 2012 - 12:00:05 MDT