Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange SMTP Loop Detected

Posted on 2014-01-09
3
1,269 Views
Last Modified: 2016-02-25
We are using an Astaro/Sophos spam detection appliance and are experiencing a problem sending mail to our Exchange server. Everytime a message comes through to a non-existent email account, the Exchange server gets stuck in a loop with the Sophos device. The Exchange server has an error message which says "Local loop detected" but the Sophos device does not detect any errors. It just keeps trying to send the message until the queue gets so full (more than 60,000 messages this past weekend) that it can't function anymore. We had been using this same Sophos device with a more generic SMTP server in the past but the recent change to Exchange has been causing this problem. The old mail server just caused the Sophos device to bounce the messages, Exchange can't seem to do that. What is causing this loop and how do we stop this from happening?
0
Comment
Question by:stu215
3 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39768621
Is the appliance not able to do recipient validation? Perhaps via LDAP? If not then I would consider that a major downside to the product, because recipient validation should be the first thing any anti-spam appliance does.

Out of the box, Exchange will accept the email for any address at the domain/s listed in its Accepted Domain list. If the user doesn't exist it will then bounce it.
To change that behaviour, you need to install the anti-spam agents then disable the ones you don't need:
http://semb.ee/filterunknown

However in your scenario, unless the filtering appliance can drop those messages, you will be causing back scatter.

I would speak to Sophos and see if their product can do recipient filtering - that will resolve your problems and also ensure that you aren't processing email for users who don't exist, therefore wasting bandwidth.

Simon.
0
 
LVL 12

Expert Comment

by:Sommerblink
ID: 39769412
You didn't mention what version of Sophos UTM you're using, but with version 9, if you go to Definitions & Users > Authentication Servers > Servers, you can setup UTM to validate addresses against AD.

In the most current version of the manual for version 9 (9.106), it is described a little more in-depth on printed page 299.
0
 
LVL 23

Expert Comment

by:Dirk Kotte
ID: 39846612
Sophos UTM/ASTARO is able to check the recipient before accepting the message.
there are different options like smpt-callout or ldap-receipment check.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question