Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Incoming relay/custom header setup issue

Unanswered Question
Nov 12th, 2009
User Badges:

Currently, we're running Zimbra 5.0.13 behind our Ironport setup (AsyncOS 6.5.2)

We're experiencing issues with our ability to correctly use our outgoing content filters while specifying a custom header under Network > Incoming Relays.

Our subscribers send from a mailstore and then through the Ironports. The subscriber's original IP is lost on the Received: from header (replaced with the mailstore's IP address), so we're using a X-Originating-IP custom header that Zimbra injects.

The problem is that the header is not being recognized as its passed from Zimbra. Zimbra passes it like so:

X-Originating-IP: []

If I initiate a SMTP conversation from the mailstore to the Ironport manually, and specify the header and omit the brackets, like so:


our remote IP related outgoing content rules then work as expected.

Unfortunately, the rub is that the Ironport won't allow you to specify a custom header such as "X-Originating-IP: [" since no whitespace is allowed and it just wants the header name and not the extraneous characters that it can't seem to parse.

Any suggestions or workarounds would be appreciated...thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
meyd45_ironport Thu, 11/12/2009 - 18:05
User Badges:

Potential solution:
1. Use edit-header-text in a message filter to strip the brackets.
2. Get the IronPort to re-inject the message to itself

The best way to do 2 will depend on your particular setup. It has the disadvantage of effectively doubling the message load put on the IronPort.

If brackets cast an IP in to a hostname then having the brackets present in X-Originating-IP is wrong. So perhaps take that up with Zimbra...


mychrislo_ironport Fri, 11/13/2009 - 05:38
User Badges:

I am not sure if I get the questions myself.

The zimbra is behind the ironport and you are talking about outgoing mails header filter. Why would be related to "Network->incoming relays"...

Incoming relays are typically used in the public listener (and inbound mail from internet).

Would it be just outgoing mail policy sufficient?


Update: Nov 16th

My apologies, I guess I can't comeup with much ideas. It would be easier if you can just let the users to directly relay the ironport for outgoing, then the mail filter should be easily setup.

e.g. smtp.your.domain change to ironport ip?


This Discussion