We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Email Security Gateway

How can a customer resolve (outbound messages to some domains being rejected with the Reason: "Message loops back to myself") ?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00007239

Scope:
This solution is for Barracuda Spam & Virus Firewall all Firmware

Answer:
This issue seems to be related to sending out to domains being hosted by MXLOGIC and to customers using a P.A.N. Firewall (Palo Alto Networks).
 
There is a security feature on the P.A.N. Firewall called “DNS Sinkhole Protection” that forges a response to a DNS query for a known malicious domain/URL and causes the malicious domain name to resolve to a definable IP address (fake IP) that is given to the client. If the client attempts to access the fake IP address and there is a security rule in place that blocks traffic to this IP, the information is recorded in the logs.
 
The IP that is being entered as the “fake IP” may be 127.0.0.1 which could be causing the "Message loops back to myself" response; or they may be using the default 1.1.1.1 IP as well.
 
To disable the “DNS Sinkhole Protection” in the P.A.N. go to Objects > Security Profiles > Anti-Spyware. Choose the security profile with the “Sinkhole” DNS Action. After clicking on that profile, go to the “DNS Signatures” tab. There will be a pull down menu option labeled “Action on DNS Queries”. Change this to “Default (alert)” or any other non-block/non-sinkhole option you prefer. Commit and you are done. 
 
This is the “quick fix” option, but more details of the feature can be found on their website here: https://live.paloaltonetworks.com/docs/DOC-6220

Link To This Page: