Malta: New Ways To Connect: MAPI Over HTTP

Authored by Casper Manes

With the workforce going mobile, connecting with on-site Exchange servers became a challenge. This new protocol provides a secure and reliable solution.

For years, the protocol Outlook clients used to connect to Exchange was RPC. That worked great in a local, internal environment, where connectivity was good, latency was low, and firewalls were unheard of. But as soon as users wanted to work from outside of the office, over a slow public Wi-Fi or an even slower mobile data connection, the struggle to keep the RPC connection to an on-premise Exchange server, hidden behind layers of firewalls, became real.

The answer? Microsoft created Outlook Anywhere (OA) – a way to encapsulate all the RPC calls within HTTP, and transport it over SSL for a secure and encrypted communication. But for those of you who still use Exchange 2007 or 2010 may have missed the new client protocol for accessing Exchange, known as MAPI over HTTP, brought by Exchange 2016 or the cloud-based Exchange Online.

It uses HTTP for the transport, embedding MAPI commands directly in the HTTP stream. It also uses TLS to provide encryption, so MAPI over HTTP may not seem very different from Outlook Anywhere (RPC over HTTP), but there are several advantages to this new connection. OA is not deprecated yet, but is deemphasized, so MAPI over HTTP is the way they are going forward. If this feature is new to you, then read on to learn more about this client protocol.

What are the benefits?

MAPI is a more efficient way to interact with Exchange mailboxes than RPC is, even when both are encapsulated within HTTP. Clients that can use MAPI over HTTP instead of Outlook Anywhere can reconnect to Exchange more quickly when the network is disrupted, or the computer is coming out of sleep or hibernation. They can also reconnect to Exchange faster when switching from wired to wireless connections, such as when you undock a laptop, which is a major thing in corporate environments.

The new protocol can also maintain a session-based connect that is not tied to the network, which provides a more reliable connection when switching from one network to another, such as when leaving the corporate network and using cellular services.

There are also two other major benefits that may not be apparent today, but will be soon. Microsoft has decided that MAPI over HTTP is the primary, current client protocol for Outlook, so future innovations will be developed in this protocol, as well as future authentication methods and optimizations.

Why should I care?

With better connectivity, more support, and future development happening with MAPI over HTTP, OA will be going away. As you upgrade from Exchange 2007 or 2010 to either 2013 or 2016, you will want to take advantage of this new client protocol.

While it is enabled by default in Exchange 2016, it still needs to be configured, so don't overlook or forget this important part of deploying Exchange 2016. The new protocol can be set at the organization level or at the individual mailbox level, and don't forget that this configuration also involves management of digital certificates and encryption settings within Exchange. MAPI over HTTP is not an exclusive option of 2016-version servers, so those of you who have Exchange 2013 servers in your network can also leverage the power of the new protocol.

For specific steps on how to enable, configure and test MAPI over HTTP see https://technet.microsoft.com/en-us/library/mt634322(v=exchg.160).aspx

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.