In environments with a Mail Transfer Agent (MTA) configured with loop protection and the Network Prevent for Email (NPE) configured in Reflect Mode, after the upgrade from version 12.5 to 14.0, the MTA will not accept the return connection from NPE because it detects a mail loop.
Network Prevent for Email (NPE) configured in Reflect Mode
Mail Transfer Agent (MTA) configured with loop protection - ClearSwift or systems based on Sendmail. The check is performed by the MTA during the establishment of the SMTP connections. The hostname given in the connecting host's HELO or EHLO response is compared to the hostname of the local host. If they are the same, this means there is a loop and the connection is disallowed.
The following messages (or similar) are logged in the MTA:
553 5.3.5 host config error: mail loops back to myself
V8.7 and above
553 5.3.5 host config error: mail loops back to me (MX problem?)
Where host is the hostname of the offender
Network Prevent for Email (NPE) is an SMTP proxy, it accepts the connection from the sender and immediately starts the connection to the next MTA. In Reflect Mode the sender is the same as the receiver.
In the previous versions of Network Prevent for Email (NPE) there was a defect in the session establishment and the hostname was not being presented in the forward connection. That is why some configurations that have been working may stop working after the upgrade. This was a defect resolved to respect RFC2821 and the behavior will not be modified in NPE.
Reflect mode is in effect a mail loop between the MTA and NPE.
The MTA will need to accept the loop and based on the mail header X-CFilter-Loop which is added by NPE, it should not resend the same message to the NPE.
Initial handshake fails if ESMTP Prevent connects to SMTP MTA in forward mode
Subscribing will provide email updates when this Article is updated. Login is required.