Enabling DLP Connect in the Symantec Brightmail Gateway appliance version 9.0.x results in a mail loop.
Last Updated January 14, 2010
Symptoms When DLP Connect (Symantec Data Loss Prevention) is configured and enabled, all outbound messages begin to loop between the Symantec Brightmail Gateway appliance and the DLP server.
Looking at the message headers of one of the affected messages, you will see several instaces referencing the following items: Received: from DLP_bound_connection ( [###.###.###.###]) X-CFilter-Loop: Reflected
The messages may eventually be returned to the sender as an NDR with the error code: 5.0.0 smtp; 554 mail loop detected
This occurs when the DLP server is in Reflected mode and is listed in the Outbound Mail Acceptance configuration for the SMTP Outbound Mail Settings section. When the DLP server IP is listed in this configuration section, messages returned from the DLP server are seen as new messages and are re-delivered to the DLP server for processing.
Remove the DLP server from the Outbound Mail Acceptance configuration in the Control Center:
1. Click on the Administration tab.
2. Click on Configuration in the left pane.
3. Edit your server host(s).
4. Click on the SMTP tab.
5. Delete the DLP server's IP address from the Outbound Mail Acceptance list.
6. Click Save.
Technical Information This behavior is different than that in the 8.0.x version which allowed the IP of the DLP server to be in the Outbound Mail Acceptance configuration without looping. This is due to architectural changes to the MTA.
Imported Document ID: TECH131682
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe