We send outgoing e-mail with one server relaying e-mail through another server. When e-mail is getting black-listed, is it the originating server that is being blacklisted or the relay?
You are going to be black-listing the IP on a specific host, right? You want to find the received header corresponding to that host -- the host you are doing the blacklisting on. Then use the remote IP that is reported in that line.
However, if the IP that you end up wanting to blacklist is one of your secondary MXes or otherwise an authorized host that may forward a lot of your mail on to you, then you are trying to blacklist on the wrong host. If you blacklist one of your secondary MXes, you're likely to block a lot of legitimate e-mail.
You are going to be black-listing the IP on a specific host, right? You want to find the received header corresponding to that host -- the host you are doing the blacklisting on. Then use the remote IP that is reported in that line.
However, if the IP that you end up wanting to blacklist is one of your secondary MXes or otherwise an authorized host that may forward a lot of your mail on to you, then you are trying to blacklist on the wrong host. If you blacklist one of your secondary MXes, you're likely to block a lot of legitimate e-mail.