Exchange Reverse Proxy Using nginx

As it turns out, setting up nginx as a reverse proxy for Microsoft Exchange is not as easy as some posts suggest.

The issue that for some calls (Autodiscovery, RPC, …) IIS asks for an Authorization header, which nginx can pass through by doing:

proxy_pass_header Authorization;

Only problem is: It doesn’t work. Thankfully someone on StackOverflow already had a solution for this:

proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_pass_header Date;
proxy_pass_header Server;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
more_set_input_headers 'Authorization: $http_authorization';
proxy_set_header Accept-Encoding "";
more_set_headers -s 401 'WWW-Authenticate: Basic realm="your.mail.host"';
proxy_pass https://your.mail.host;

You’ll need the HttpHeadersMore module for this to work. On Ubuntu 12.04 (using the nginx/stable PPA) all you need to install is:

apt-get install nginx-extras

And you’re good to go!

Comments