Email queues are being returned by the DLP Cloud Service to your exchange environment with a "554 5.4.6" error code.

Release : 15.8+

This issue is most commonly seen when the DLP Cloud Service for Email is integrated with a customer's on-premises Exchange.

That is, it doesn't usually occur when emails originate from other hosted services, e.g., O365 or Gmail MTAs.

In general, the queue buildup appears related to "Looping messages" being sent through DLP.

Previously, the SMTP code returned by the DLP Cloud Service was "421 4.3.0 Loop Detected", which was sent by the DLP Cloud Service when the message had already been handled by the service. By design, this code instructs the MTA to retry sending the message at a later time. In some cases, if a large number of messages were resent it would cause performance issues on Exchange.

As of Nov 1, 2022,  the error in response has changed from "421 4.3.0" to "554 5.4.6":

"554 5.4.6 Loop Detected. Check reflect mode configuration"

With the code change from a 421 to a 554 code, DLP Cloud Service will no longer tell upstream MTAs to retry the message.

This change may require customers to correct their mail flow.

Preventing messages from being sent more than once to the DLP Cloud Service is recommended.

The default instructions for setup: Configuring Microsoft 365 to use Microsoft 365 for email delivery (Reflecting mode)

Other changes which might improve the condition:

• Exchange teams should work to prevent messages that originate from invalid addresses in their environment
• Increase memory available to Exchange servers
• Increase CPUs available to Exchange servers

Despite the error response, this issue can happen to customers in Forwarding mode.

The messages have also been documented for other, less common reasons, as per SMTP error "421 4.3.0 Loop Detected. Check reflect mode configuration" with Symantec Data Loss Prevention).