Office 365/exchange metadata prepended before the headers coming from Outbound connector

Question

I have a postfix server getting emails from multiple office 365 tenants using Outbound connectors.

A small percentage of the emails arriving to my server start with some strange data which isn't valid for headers. Only afterwards the expected Received header appears as well as the rest of the email. It looks like meta data added by Office 365, it includes things like the Outbound Connector name and recipient name.

Anyone knows what adds this and why? parsing such email is problematic. (i redacted the identifying data WITH "XXX", FIRST_NAME LAST_NAME, CONNECTOR_NAME)

<Microsoft.Exchange.Transport.MailRecipient.OrganizationScopeÀ÷ôª-¢X∂  å˜AttributionExoResourceForestnamprdXX.prod.outlook.com?Microsoft.Exchange.Transport.DirectoryData.MailDeliveryPriorityNormalIc
(|0eÿa7 XXXX@XXXX.comResolverVerdictLogStringNotFound.OneOff.Sender.10) CIAudited9XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX:StampCompAuthResultstrueAgentForkDepth!Microsoft.Exchange.JournalRuleIds $XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
SendingOrgXXX.onmicrosoft.comb
J.)dHubAMicrosoft.Exchange.Transport.DeliveryQueueMailboxSubComponentList HMicrosoft.Exchange.Transport.DeliveryQueueMailboxSubComponentLatencyList 7Microsoft.Exchange.Transport.LatencyTracker.LatencyInfo$SRV=XXX.namprdXX.prod.outlook.com:TOTAL-HUB=1.309|SMRE=0.161(RENV=0.070|REOH=0.034|CMSGC=0.052|R-CMSG=0.059(R-HS=0.034(R-HSXD=0.034 )|R-CMSGC=0.024(R-HSRR=0.024)|XR-DR=0.034))|CAT=1.017(CATOS=0.150(CATSM=0.150(CATSM-DC Pre Content Filter Agent=0.146 ))|CATRESL=0.080(CATRESLLR=0.078)|CATORES=0.662(CATRS=0.662(CATRS-Transport Rule Agent=0.066 (X-ETREX=0.065)|CATRS-DC Content Filter Agent=0.133|CATRS-Spam Filter Agent=0.379 |CATRS-Tenant Outbound Connector Agent=0.052))|CATORT=0.120(CATRT=0.120(CATRT-Journal Agent=0.117 )))|D-PEN=0.125ú,–˘•?FâÂ*µ
5Microsoft.Exchange.Transport.DirectoryData.IsResourcej DMicrosoft.Exchange.Transport.DirectoryData.ExternalDirectoryObjectIdXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX1
`   CFGÄ/o=ExchangeLabs/ou=Exchange Administrative Group (XXX)/cn=Recipients/cn=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-FIRST_NAME LAST_NAME*D∏ªƒMœXòÍ`Êˇ0ƒnamprdXX.prod.outlook.comΩ6XÅl'X婆√¨◊aœ
bl0pr02mb3795<6Microsoft.Exchange.Transport.MailRecipient.DisplayNameFIRST_NAME LAST_NAMElXëú,–˘•?XâÂ*µ
CN=FIRST_NAME LAST_NAME,OU=XXX.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=XXX,DC=PROD,DC=OUTLOOK,DC=COM0Microsoft.Exchange.Transport.MailRecipient.IsVIP<Microsoft.Exchange.Transport.DirectoryData.UserPrincipalNameXXX@XXX.comResolverVerdictLogString8UserMailbox.Forwardable.Resolver.CreateRecipientItems.40&"1AutoResponseSuppress: 0
TransmitHistory: False
/Microsoft.Exchange.Transport.ExpansionGroupTypeMembersGroupExpansion#SpamEngine.RecipientOptionToEntity4Microsoft.Exchange.Hygiene.TenantOutboundConnectorIdß2÷//Eö—û.Ø˚ëCN=CONNECTOR_NAME,CN=Transport Settings,CN=Configuration,CN=XXX.onmicrosoft.com,CN=ConfigurationUnits,DC=XXX,DC=PROD,DC=OUTLOOK,DC=COM<Microsoft.Exchange.Hygiene.TenantOutboundConnectorCustomData®XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXPreserveCrossPremisesHeadersXXX@XXX.comReceived: from XXX.namprdXX.prod.outlook.com (XXX:XXX:404:f5::23)
 by XXX.namprdXX.prod.outlook.com (XXX:XXX:X:25d::20) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id XX.XX.XXXX.XX; Wed, 2 Sep
 2020 XX:XX:XX +0000
Received: from XXX.eop-NAMXX.prod.protection.outlook.com

Answer 1

Does this issue only occur when mails receive from office 365 tenants?

Has it happened before? Have you changed anything on your server？

Are there any mail flow rules in office 365 which maybe cause this issue? For more details: Mail flow rule actions in Exchange Online