Symantec Data Loss Prevention (DLP) Cloud Service for Email
Mail from a remote office is not delivered to the intended recipient.
The remote office uses O365 and passes its mail to the main office which uses Gmail.
Remote user >> O365 >> DLP (Cloud Server for Email in forwarding mode) >> ESS >> Gmail >> (redirect back to the same DLP) >> ESS (same) >> External MTA.
When the Gmail redirects the message back to the same DLP Cloud Service for Email, DLP detects this as a loop and drops the message.
DLP then sends a Loop Detected message back to Gmail.
Error message (some parts have been obfuscated):
Final-Recipient: rfc822; [email protected]
Remote-MTA: dns; 96df5d50-xxxx-xxxx-xxxx-0242ac110002.ds.dlp.protect.symantec.com
(54.xxx.xxx.60, the relay for the domain.)
Diagnostic-Code: smtp; 421 4.3.0 Loop Detected. Check reflect mode configuration:
Incorrectly designed mail flow caused a loop.
Release : 15.0
Component : Cloud Service for Email
Redesign the mail flow so that the same message does not return to the same DLP Cloud Service for Email detector.