zen load balancer virtual IP is masking origin SMTP IP which is leading to false spam in Exchange
Question
We have two exchange servers internally which are being served by Zen Load Balancer on 10.101.1.105 / 106.
When mail arrives, half of it gets blocked because of failed SPF checks.
The headers in the email:
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (10.101.1.105) by
EXCH02.prfm.co.uk (10.101.7.102) with Microsoft SMTP Server id
15.0.1210.3 via Frontend Transport; Wed, 4 Jan 2017 09:20:48 +0000
The SPF in the headers
authentication-results: spf=none (sender IP is )
smtp.mailfrom=madeup@madeup.madeup;
Sender IP is blank, I haven't removed that for security.
When I check the MX record for madeup.madeup, I get the SPF record
v=spf1 include:spf.protection.outlook.com -all
And the MX record
madeup-madeup.mail.protection.outlook.com
Is there a way to get ZLB to preserve the original IP address so it doesn't get blocked by SPF?
1 answers
solution1
0 2017-01-07 21:54:08
You can try to make Exchange aware of the internal SMTP Servers (your loadbalancer via):
Set-TransportConfig -InternalSMTPServers IP
or for multiple IPs:
Set-TransportConfig -InternalSMTPServers @{Add="ip address1","ip address2"...}
For more info's see here :
The InternalSMTPServers parameter specifies a list of internal SMTP server IP addresses or IP address ranges that should be ignored by Sender ID and connection filtering
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.