• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2134
  • Last Modified:

Exchange 2003 OWA - Bad Request (Invalid Hostname)

Okay, This has tormented me long enough and I still don't know why it happened.

We have a 2 server network.
Server 1: Windows 2003 Domain Controller, ISA 2006 std, IP:,
Server 2: Exchange 2003, IP:

The way network setup: INTERNET <----->  ISA/DC <-------> INTERNAL NETWORK SWITCH
I published Exchange OWA to public port 80 fine, public name "mail.mydomain.com". The Listener: listens on port 80, FBA with AD authentication

In internal DNS, I set mail.mydomain.com to point to the so that it also displayed the Form based authentication page of Exchange.

Everything works fine, and after yesterday It started reporting problem from firefox "Invalid request (Bad Hostname)" or from IE "HTTP 400 Bad Request".

By logging the request, I can see that the http request never actually got to Exchange Server, it only request to the ISA/DC and stopped there. Details below
Log type: Web Proxy (Forward)
Status: 400 Bad Request
Rule: Allow all
Source: External (
Destination: Local Host (
Request: GET 
Filter information: Req ID: 11f489f0; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: anonymous

From within the company, I can actually type http://Server2/exchange and access webmail there, but this cannot be published to the internet.

Why is that ? Please assist me
  • 5
  • 3
  • 2
  • +1
1 Solution
Shabarinath RamadasanInfrastructure ArchitectCommented:
Seems an issue with ISA.
Which version of ISA you are using?

Are you able to browse mail.mydomain.com from your desktop ?
Are you able to browse this website from ISA using mail.mydomain.com?
Also, would suggest you to view the real time logging to understand if ISA is rejecting the requests due to some issues.

Johnny_NguyenAuthor Commented:
I'm using ISA 2006 Standard SP1. And this isn't the first time it happened. The time logged on the ISA is real time.

From inside the network (from ISA and from other internal PCs), mail.mydomain.com cannot be browsed today, same error whereas previous I could do this (and see the form based authentication page from anywhere). Now I have to use http://server2/exchange to check webmail and it only valid for internal users.

What can be done in this case ?
Johnny_NguyenAuthor Commented:
If I change the listener to listening to port 81, and browse it http://mail.mydomain.com:81/exchange from inside or outside the network, this allows me to view the FBA login page of outlook. But as soon as I logged in, every frame shows up as bad request (Invalid hostname) again. Just like they can't work on port 80 or something.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Shreedhar EtteCommented:

- Right Click the Exchange Virtual directory in the IIS.
- Click on properties.
- Go To Directoy Security> IP Address restrction> If any IP Address add remove them

Restart the IIS and then try to access the OWA.

Hope this helps,
Please check whether you have set any Host Header value in Default web site.
> Right click on default Web site go to properties.
> Click on Advanced button near IP address and check whether you have set any Host Header Value in port 80.
> If yes please remove the Host Header Value from it and check for OWA again.

check out and revert back
Johnny_NguyenAuthor Commented:
Tried both without avail. Even then the Exchange Server is down, I should at least get to see the FBA authentication page via ISA, in this case absolutely NO.
Shreedhar EtteCommented:
Are you able to access the OWA locally?
Alright please follow the kb- http://support.microsoft.com/kb/883380
Delete and recreate the Exchange related Virtual Directories and try internally first.
Johnny_NguyenAuthor Commented:
If locally I type http://server2/exchange I can access email on it without problem.
But as soon as I used the published name http://mail.mydomain.com.vn/exchange then I got the error regardless locally or remotely.
Check whether you have any URL Scan software installed, and set the AntiVirus Exclusions.
Check for SSL should be disabled in Default website under Directory Security Settings.
Johnny_NguyenAuthor Commented:
This is completely a ISA issue, and it only happened to port 80.
I removed the latest updates including SP1, then reinstalled them all, working fine.

This happened again in a week, I finally gave up and moved it to port 443 and it has been working well since
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now