cancel
Showing results for 
Search instead for 
Did you mean: 
kbolt
Level 10
Report Inappropriate Content
Message 1 of 4

Outlook Autodiscover Slowdown

Jump to solution

Hello all.

I'm currently running MWG 7.6.2.5.0 along with MCP 2.3.0. I've observed where the autodiscover step for Outlook 2013 takes up to 10 minutes when behind the proxy (we use O365). Now I've observed the rule trace for test machines and seen where the domains from the McAfee O365 maintained lists are being whitelisted but for some reason the delay is very stubborn. I'm trying to run a tcpdump on the appliance to see if I can find the source of this issue but my tcpdump capture keeps stopping when it reaches ~160MB so I'm stuck at the moment.

Could I have some help sorting this out, please? Any assistance would be greatly appreciated.

1 Solution

Accepted Solutions
kbolt
Level 10
Report Inappropriate Content
Message 4 of 4

Re: Outlook Autodiscover Slowdown

Jump to solution

Thank you for this reply. I had removed the CNAME records and no luck but in the end, I found out how to completely bypass MWG for outlook.exe and that resolved the issue.

View solution in original post

3 Replies
kbolt
Level 10
Report Inappropriate Content
Message 2 of 4

Re: Outlook Autodiscover Slowdown

Jump to solution

After digging around in tcpdump from the client side for a bit, I've observed the following:

  1. The client makes a successful connection to URLs such as nexus.officeapps.live.com and roaming.officeapps.live.com with 200 Connection Established messages.
  2. The autodiscover protocol kicks off with the client my DNS servers for mail.mydomain.com,, then pop3.mydomain.com then pop.mydomain.com and imap.mydomain.com. Those usually resulted in no such name messages from DNS but we've since added CNAME records for them pointing to autodiscover.mydomain.com (the actual URL Outlook should be hitting)
  3. Client then resolves the multiple A records to IP addresses and tries to connect to them via ports 995, 993, 143 and 110 (secure and unsecure ports for POP3, IMAP). These don't work so it carries on.
  4. Further down, I see a Can't Connect webpage from MWG to client with message "The proxy could not connect to the destination in time." in reply to the client's attempt to connect to mydomain.com. No replies about the IP addresses from point 3 yet.

I'm gonna continue looking to see what happens further down but I imagine all this adds up to cause the delay I'm seeing.

Re: Outlook Autodiscover Slowdown

Jump to solution

What could you gain by providing CNAMEs for pop3.mydomain.com, pop.mydomain.com and imap.mydomain.com if you don't have POP or IMAP protocols enabled? I would think these names are not used for URLs ( = http requests). So better not provide these names so you can prevent unneeded connection attempts.

kbolt
Level 10
Report Inappropriate Content
Message 4 of 4

Re: Outlook Autodiscover Slowdown

Jump to solution

Thank you for this reply. I had removed the CNAME records and no luck but in the end, I found out how to completely bypass MWG for outlook.exe and that resolved the issue.

View solution in original post

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community