I run an in-house Exchange 2010 server that is serving us quite well for everyday usage. Unfortunately our daily spam intake is quite high and I'm using ClearOS to add a first layer to our filtering.
I'd like to continue using the IP Blacklist and SPF Record checks in Exchange but the new ClearOS mail gateway configuration seems to interfere by placing itself as the originating IP. Here's an example from a message that Exchange quarantined by content check:
Received: from gateway.MYDOMAIN.com (192.168.123.1) by remote.MYDOMAIN.com
(192.168.123.2) with Microsoft SMTP Server id 22.214.171.124; Wed, 14 Mar 2012
This causes a definite issue with the SPF check:
Received-SPF: SoftFail (MYSERVER.MYDOMAIN.local: domain of transitioning
info@SPAMDOMAIN.info discourages use of 192.168.123.1 as permitted sender)
I'm not sure how the IP blacklist is being affected as I don't have verbose enough logging enabled to check, but I'm assuming it sees the same origin IP header as the SPF check.
Is this just a consequence of using a mail forwarding gateway or is there a way to have ClearOS retain the true origin IP?