Email Prevent mail loop after BrightMail upgrade to 9.0.x


Article ID: 159829


Updated On:


Data Loss Prevention Network Prevent for Email


Email prevent is configured in reflect mode with BrightMail

After a Symantec Messaging Gateway (aka SMG, formerly known as Symantec Brightmail Gateway) upgrade to 9.0.x, messages start looping.

Packet Capture of email communication reveals:
smtp; 554 mail loop detected


This occurs when the DLP server is in Reflected mode and is listed in the Outbound Mail Acceptance configuration for the SMTP Outbound Mail Settings section. When the DLP server IP is listed in this configuration section, messages returned from the DLP server are seen as new messages and are re-delivered to the DLP server for processing.

This behavior is different than that in the 8.0.x version which allowed the IP of the DLP server to be in the Outbound Mail Acceptance configuration without looping. This is due to architectural changes to the MTA.

Remove the DLP server from the Outbound Mail Acceptance configuration in the Control Center:
1. Click on the Administration tab.
2. Click on Configuration in the left pane.
3. Edit your server host(s).
4. Click on the SMTP tab.
5. Delete the DLP server's IP address from the Outbound Mail Acceptance list.
6. Click Save.

Check out reference below