zen load balancer virtual IP is masking origin SMTP IP which is leading to false spam in Exchange

Question

We have two exchange servers internally which are being served by Zen Load Balancer on 10.101.1.105 / 106.

When mail arrives, half of it gets blocked because of failed SPF checks.

The headers in the email:

Received: from EUR01-VE1-obe.outbound.protection.outlook.com (10.101.1.105) by
EXCH02.prfm.co.uk (10.101.7.102) with Microsoft SMTP Server id
15.0.1210.3 via Frontend Transport; Wed, 4 Jan 2017 09:20:48 +0000

The SPF in the headers

authentication-results: spf=none (sender IP is )
 [email protected]; 

Sender IP is blank, I haven't removed that for security.

When I check the MX record for madeup.madeup, I get the SPF record

v=spf1 include:spf.protection.outlook.com -all

And the MX record

madeup-madeup.mail.protection.outlook.com

Is there a way to get ZLB to preserve the original IP address so it doesn't get blocked by SPF?

Answer 1

You can try to make Exchange aware of the internal SMTP Servers (your loadbalancer via):

Set-TransportConfig -InternalSMTPServers IP

or for multiple IPs:

Set-TransportConfig -InternalSMTPServers @{Add="ip address1","ip address2"...}

For more info's see here:

The InternalSMTPServers parameter specifies a list of internal SMTP server IP addresses or IP address ranges that should be ignored by Sender ID and connection filtering