Solved

Exchange SMTP Loop Detected

Posted on 2014-01-09
3
1,257 Views
Last Modified: 2016-02-25
We are using an Astaro/Sophos spam detection appliance and are experiencing a problem sending mail to our Exchange server. Everytime a message comes through to a non-existent email account, the Exchange server gets stuck in a loop with the Sophos device. The Exchange server has an error message which says "Local loop detected" but the Sophos device does not detect any errors. It just keeps trying to send the message until the queue gets so full (more than 60,000 messages this past weekend) that it can't function anymore. We had been using this same Sophos device with a more generic SMTP server in the past but the recent change to Exchange has been causing this problem. The old mail server just caused the Sophos device to bounce the messages, Exchange can't seem to do that. What is causing this loop and how do we stop this from happening?
0
Comment
Question by:stu215
3 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39768621
Is the appliance not able to do recipient validation? Perhaps via LDAP? If not then I would consider that a major downside to the product, because recipient validation should be the first thing any anti-spam appliance does.

Out of the box, Exchange will accept the email for any address at the domain/s listed in its Accepted Domain list. If the user doesn't exist it will then bounce it.
To change that behaviour, you need to install the anti-spam agents then disable the ones you don't need:
http://semb.ee/filterunknown

However in your scenario, unless the filtering appliance can drop those messages, you will be causing back scatter.

I would speak to Sophos and see if their product can do recipient filtering - that will resolve your problems and also ensure that you aren't processing email for users who don't exist, therefore wasting bandwidth.

Simon.
0
 
LVL 12

Expert Comment

by:Sommerblink
ID: 39769412
You didn't mention what version of Sophos UTM you're using, but with version 9, if you go to Definitions & Users > Authentication Servers > Servers, you can setup UTM to validate addresses against AD.

In the most current version of the manual for version 9 (9.106), it is described a little more in-depth on printed page 299.
0
 
LVL 23

Expert Comment

by:Dirk Kotte
ID: 39846612
Sophos UTM/ASTARO is able to check the recipient before accepting the message.
there are different options like smpt-callout or ldap-receipment check.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question