I have a domain that uses a Barracuda 100 device to filter spam/junk e-mail and a single Exchange 2003 SP 2 server.
The beginning of last week, users noticed they were not receiving e-mail from specific senders. After looking into it, the Barracuda device was marking these e-mails as Allowed, and Delivered, but the result was 'Rejected' by the server. The tracking log on the Barracuda device showed the server rejected the e-mail due to 'Sender ID (PRA) Note permitted', which is a failure in the SPF check. I checked the SPF record of a few senders, and the records were configured correctly. I then noticed on the Message Log from the Barracuda device that the "Recieved" field showed the LAN IP and FQDN of the originating server, not the WAN IP and FQDN. I then bypassed the Barracuda device all together, and e-mail originating from domain's with SPF records passed the Sender ID check, and were delivered properly.
I then concluded there is a problem with the Barracuda device itself, possibly passing through the wrong originating IP from the sender, which would therefore cause the Sender ID check to fail, resulting in the server rejecting the message. However, Barracuda cannot find anything wrong with their device. There were no updates done to the server, or Barracuda device in the last 3 weeks. I since, per Barracuda, updated the Firmware on the Barracuda 100 device, and cleared the message logs to try and resolve the issue with no luck.
Barracuda is firm about the problem not being on their end, and is not offering any solutions other than to 'properly configure my exchange server'.
Has anyone else ran into this problem? I am positive the problem is on the Barracuda device, not Exchange. I'm just not sure what else to do since Barracuda is not offering a solution. I was thinking about restoring the Barracuda to factory defaults (if possible), but i'm not sure if this will resolve the issue or not.
As a workaround, i have changed Sender ID to 'Allow' instead of 'Block' insted of bypassing the Barracuda device altogether. This is allowing a good amount of spam to get through. I am offering 500 points because the issue needs to be resolved ASAP.
Thanks in advance.