cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Unwanted traffic port 444 from Microsoft to OnPrem exchange

ITJon1545
Copper Contributor

‎Jan 31 2023 01:36 AM

‎Jan 31 2023 01:36 AM

Unwanted traffic port 444 from Microsoft to OnPrem exchange

Hello,

 

We operate a Hybrid Exchange environment with an on premise Exchange 2016 server (Srv A) at a site with decent internet connectivity and another Exchange 2016 (Srv B) at a remote site with very minimal internet bandwidth (Satellite connection <8mbps). 

 

See attached image for a more pictographic representation.

ExchangeProxyIssues.png

We have noticed in the last few months a huge uptick in traffic from A to B on port 444.

 

Looking at the IIS logs on Srv A we see entries like

2023-01-30 23:59:39 10.10.197.47 OPTIONS /Microsoft-Server-ActiveSync/default.eas Cmd=Options&User=<REDACTED>&DeviceId=b6c980ba6b574305ad050c582ddb4765&DeviceType=Outlook&CorrelationID=<empty>;&cafeReqId=7dddb9ae-fafb-4aa4-ac26-2a1a132cec37; 443 - 52.98.155.149 Outlook-iOS-Android/1.0 - 401 2 5 15

 

Looking up the source IP for these entries comes back with Microsoft IP's.  The user-agent being Outlook-iOS-Android/1.0 led me to this article Using Basic authentication with Outlook for iOS and Android | Microsoft Learn .  The precaching of users mailboxes sounds exactly like our symptoms.

 

We do not wish to have this feature so firstly, how (or can) we disable it?

 

Secondly is it now the case that the Outlook app for IOS and Android REQUIRES the use of Exchange online for it's connections, even if the mailbox resides on-prem?  Can we no longer just have them point straight at the 'local' exchange and have none of their traffic traverse the internet?

 

Any insight/assistance appreciated.

 

Jon

2,125 Views
0 Likes
3 Replies
Reply
3 Replies
kogian88

‎Jun 10 2023 12:08 AM

‎Jun 10 2023 12:08 AM

Re: Unwanted traffic port 444 from Microsoft to OnPrem exchange

Hi ,

We have the same issue. Did you manage to figure out any solution ?

Thanks
0 Likes
Reply
ITJon1545

‎Jun 10 2023 12:18 AM

‎Jun 10 2023 12:18 AM

Re: Unwanted traffic port 444 from Microsoft to OnPrem exchange

Hi @kogian88,

 

Glad we're not the only ones!  We opened a ticket with MS after not getting any traction here and rather coincidentally they closed it without solution just yesterday.

 

We had a number of calls with engineers as well as providing a number of logs etc but there never seemed to be any acknowledgement of the pre-caching and I felt like it never got passed up out of level 1 support.

 

Our solution has been to disable the ActiveSync IIS sub directory on Srv A which stops the traffic being proxied over the slow link. It also stops anyone who is using Outlook Mobile talking to Srv A directly which is a shame but not as significant as the link being saturated.  We can still use OWA via SRV A so people who need to can get to their mailboxes that way. 

 

I plan to query the closing of the ticket as the issue remains and I do not believe they have acknowledged it.  The pressure is however off for us with the fix above.

 

Would love to know more if you make any other progress.

 

Thanks,

Jon

0 Likes
Reply
kogian88

‎Jun 29 2023 11:25 PM

‎Jun 29 2023 11:25 PM

Re: Unwanted traffic port 444 from Microsoft to OnPrem exchange

Hi@ITJon1545 ,

Try to remove the account from the mobile device for 7-10 days and then re configured it. Let me know if that works. 

Regards.
Giannis

0 Likes
Reply