Live Messenger behind TMG cannot log in (error 80072f7d)

We’ve seen some examples of users being unable to log into Windows Live Messenger (both 2009 and 2011) recently with the error 80072f7d being returned.

Users who are able to make a connection to the internet outside our TMG firewall have been successful in logging in, even when they returned to the office and were once again behind the TMG firewall, so it seems to be an initial connection to the Messenger service which is failing when behind the TMG firewall.

Our TMG implementation is using HTTPS inspection, which we have seen cause issues with a number of services and this also turned out to be the case with Live Messenger. Once the URLs listed in KB960820 were excluded from HTTPS inspection, logging into Live Messenger from inside our TMG firewall started working again.