none
Add X-Forwarded-For to Email Header

    Question

  • Hi,

    I managed to forward client IP using X-Forwarded-For HTTP header from Citrix NetScaler LB to Exchange.

    Is there a way for Exchange MBX+CAS to take this info and add it to the message header? I found ways to add it to IIS log. But that's not sufficient to trace back the message to the source client IP.

    I'm running Exchange 2013 on Windows Server 2012 R2 (IIS 8.5). The X-Originating-IP is showing the LB IP.

    TIA.



    Friday, September 23, 2016 6:16 AM

Answers

  • Hi,

    In exchange side, the only way to change message header is using transport rule. But based on my experience, we can't change message header X-Originating-IP to the original client IP in your situation.

    I'm not familiar with Citrix NetScaler LB, I am not sure if there is something setting in there can do this. Maybe you can connect their support to see if they can help.

    Thanks for understanding.


    Regards,

    Lynn-Li

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 29, 2016 9:48 AM
    Moderator

All replies

  • A message header applies to transport, not to client access, so I'm not sure what you're asking for.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, September 23, 2016 11:22 PM
    Moderator
  • Let me rephrase.

    I want to add client IP that submit the email to the message header. The usual X-Originating-IP is showing the LB IP as it is configured to NAT. Is there a way to add back the client IP by a transport rule?

    Saturday, September 24, 2016 3:59 AM
  • Hi

    For net scaler LB you can you use this rule to achieve this task:- 

    set lb vserver vip01 -persistencetype RULE -rule'HTTP.REQ.HEADER("X-Forwarded-For").BEFORE_STR(",")'

    You also need to tweak IIS to support you LB configurations.

    Netscaler provides you the ability to create rule based persistence on a load balacing virtual server.

    The same thing can also be achieve with F5 irule.

    Kindly click "Mark as Answer" on the post that helps you, this can be beneficial to other community members reading this thread.

    Regards.

    H.shakir

    • Edited by H Shakir Saturday, September 24, 2016 10:17 AM
    Saturday, September 24, 2016 10:14 AM
  • Thank Shakir.

    I have completed that part. The client IP is showing fine in IIS logs.

    But my requirements is to further add this info to an email message header. I can't troubleshoot email issues if the X-Originating-IP is showing the LB IP instead of client IP. 

    Monday, September 26, 2016 1:56 AM
  • Hi,

    In exchange side, the only way to change message header is using transport rule. But based on my experience, we can't change message header X-Originating-IP to the original client IP in your situation.

    I'm not familiar with Citrix NetScaler LB, I am not sure if there is something setting in there can do this. Maybe you can connect their support to see if they can help.

    Thanks for understanding.


    Regards,

    Lynn-Li

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 29, 2016 9:48 AM
    Moderator
  • Hi Lynn-Li,

    Yeah. I came to the same conclusion. Was checking if I miss anything. Thanks anyway for you suggestion.

    Tuesday, October 11, 2016 1:51 AM
  • Well, remember to make helpful reply as answer to close thread. If you have any other thoughts about this question, feel free to let us know. Thanks for cooperation.

    Regards,

    Lynn-Li

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 11, 2016 2:52 AM
    Moderator
  • How does this transport rule ensure that the outlook or owa email header show the client ip under X-Originating-IP.

    The request to to confirm how the X-Originating-IP field in email header is populated so that parameter can be used in Netscaler.

    Thursday, October 27, 2016 7:31 AM
  • Hello Joseph,

    Am having same issue wanted to know how you resolved it.

    Thanks.

    Thursday, October 27, 2016 7:32 AM