DB
May 29, 2009Nimbostratus
X-Forwarded For equivelent for SMTP?
I'm running SMTP through LTM to Exchange 2008 servers, but due to my network architecture I have to autosnat the source IP to that of the F5. My Exchange servers therefore lose visibility of the original IP address of the sender. If this were a Web service, I could use XForwarded for with an ISAPI filter to stick the original IP address into Web Server log files, and I'm wondering if anyone knows of a way to do an equivelent sort of thing for SMTP mail. Purpose is to try and catch the originator of specific emails when they arrive with malware/virus in them.
I've so far set up a Clone Pool sending the mail to a server that's not listening on port 25, then monitoring that traffic with an external Packet Capture "sniffer". Very cumbersome and difficult to manage/maintain. If there was a way I could deliver the original IP address to my Exchange servers, my email guys could worry about tracking IPs that sent worms, and get my Network team out of that business.
Thanks for any and all help.