Recently worked on a problem where Asmx Post request fails with 'HTTP 400' status code under the following circumstances :

When the size of the string parameter passed from the client application (Content-Length)> 1024 Bytes and the file is set for either 'integrated' or 'basic' auth.

Request goes  like this Client (exe) -> Web service (asmx) hosted on IIS

First stop was to look at HTTPERR log on IIS box,  Invalid verb error was report in it:

2009-03-09 21:30:53 10.1.48.56 42676 10.1.48.53 80 HTTP/0.0 Invalid - 400 - Verb -
2009-03-09 21:32:39 10.1.48.56 42688 10.1.48.53 80 HTTP/0.0 Invalid - 400 - Verb -

Next thing came in mind to try increasing total size limit of Request Line and headers. Setting MaxRequestBytes to 10MB (10485760) following KB-820129. That did not help much.

Decided to collect netmon traces for working and failing scenario. There was only one difference between two traces(sucess/faliure) “Expect: 100-continue“ header.

When the Post is being made with Basic Credentials, we were getting "Expect: 100-continue"  in the request headers along with the data packet.

Http: Request, POST /Hello2.asmx , Using Basic Authorization
ProtocolVersion: HTTP/1.1
Expect: 100-continue
<n3:Body><n:Hello><n:a>aaaaa....</n:a></n:Hello>

Looking at RFC for Expect: 100-continue header

http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html#sec8.2.3

When this header(Expect: 100-continue) is sent on the wire this tells the server that the client is going to delay sending the body of the request for some period of time(How much time is not specified) because it wants the server to give the client the OK (a 100 continue response) to upload the data.

Because the client is sending another packet of data that has an XML document instead on waiting on server to respond back with 100 continue , IIS is forced to interpret that as another request which of course has no valid verb in it and end with 400 bad request

Only viable alternative was to remove 'Expect: 100-continue' from the request header.

Had it been .Net client exe we would have done it like:

HttpWebRequest webRequest = (HttpWebRequest) WebRequest.Create(http://test/asbc.asmx);
webRequest.Method = "POST";
webRequest.ServicePoint.Expect100Continue = false;

But in this case customer was using LibCurl library , counterpart looks like: curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));

After removing Expect: header from request we were able to post successfully regardless of size...