Hi everyone!
I recently setup sophos as our mail smarthost for our Exchange Server and it is really performing well!
Unfortunately today I had to find out something terrific that still gives me headaches:
I noticed a remarkable increase in one users mailbox size over the last 5 days and went deep in to check on that. The problem was that through two days he received approx 34.560 bounce mails that bounced between our Exchange and Sophos.
That specific users has an out of office notification setup. Once he receives a mail from a "no-reply" address that CANNOT receive mails (error: recipient not found) exchange sends the notification to that address.
Sophos replies with "mailer-daemon@<hostname>" (hostname = mail protection > SMTP > advanced > SMTP hostname) - this is in our case mail.company.com.
Sophos tells the internal recipient that the external recipient (no-reply) cannot be reached. This NDR generates again an out of office notification that should be sent to "mailer-daemon@mail.company.com" which of course is not routable by sophos.
So utm generates again an NDR and so on and so on...
For a quick workaround to stop that chain for now I added the domain "mail.company.com" to sophos accepted domains so that NDRs would return to our Exchange who after 4 bounces stops the delivery as a local loop was detected. But this cannot be the only solution...
I hope that someone knows a solution for that really annoying issue!
I would prefer to change the mailer-daemon@<hostname> address to postmaster@company.com or something where we actually can receive the mail even if it is a blackhole that is not generating any NDR.
Thank you guys for any help!
This thread was automatically locked due to age.
