I've been using Xeams as my edge MX server for several years. I'm in the process of implementing a cloud SMTP service for inbound email. The service is configured to send all mail to my IP address for Xeams. I've followed the instructions to add the IP addresses for the new edge IP's into the config/gateway.dat file and restarted Xeams as instructed. When I send email through the new service, all my email shows the IP address of the cloud provider instead of the actual sender IP. SPF verification fails on all incoming mail with this configuration. I tried renaming the gateway.dat to Gateway.dat since Linux filenames are case sensitive and that didn't have any effect. Has anyone had any success in defining your gateway IP addresses with this file? Any help would be appreciated.

Ed

The file name should be gateway.dat (all lowercase). Note that gateway.dat tries to parse IP addresses from the last "Received" header. This means it will only parse ONE IP address. In other words, it won't work if there are multiple intermediate SMTP servers. Consider the following example:

Sender → Sender's SMTP → Your ISP Smtp 1 → Your ISP Smtp 2 → Your Xeams

In the above example, the goal is to get the IP address of the Sender's SMTP server so Xeams could check their SPF record. You have specified the IP address of Your ISP Smtp 2 in gateway.dat. Since there are two SMTP servers used by your ISP, Xeams will end up parsing the IP address of Your ISP Smtp 1 instead, which is incorrect.

I opened a ticket and confirmed that the issue was actually that the gateway I am using was setting the "Received" header to an FQDN instead of an IP address. The current version of Xeams doesn't parse an FQDN, but the developers are planning to add this capability in the next release.  When I tested with a different gateway that sets the "Received" header to an IP address in my gateway.dat file, the inbound mail SPF was scored based on the senders IP address and the gateway was successfully ignored. 

However, I did identify an issue with the "Simulate" and "Analyze" buttons when reviewing emails from the "Message Repository".  The SPF records are calculated with the last hop as the sender's IP address, so it seems that the gateway.dat is not used in this scenario.  This behavior will be confusing for someone that is troubleshooting email delivery using these buttons.