does anyone got some details about the Black/White IP checking on the Fortimail? Esp on the use of the X-Originating-IP attribute?
I always thought, that Blacklisted Sender IPs will not hit if the e-mail comes from a whatever not listed ip address unless " Deep Header Check" Option is used. Then the Fortimail will also look into the headers of the mail and apply antispam actions if it finds a listed IP in the header section of the mail.
Exchange 2013 Frontent Proxy Service sets the X-Originating-IP Attribute in the mail header when transporting authenticated mail. Fine!
When this outbound mail now gets routed to a Fortimail - The Fortimail will also check the X-Originating-IP attribute - even if Deep Header Scanning isn' t enabled... It also tells me, there is a SPF violation (even this is disabled on the session profile)