Unix Tip: Mail loops back to me

By Sandra Henry-Stocker, ITworld.com |  Operating Systems, Sandra Henry-Stocker, systems administration Add a new comment

Many systems administrators have run into errors in their syslog files that complain that mail is looping back, suggesting a possible MX problem. The common cause of this problem is that a server is receiving email for a domain that it doesn't recognize as its own. Then, when the server looks up the MX address for the intended target (in order to send the mail on its way), it notices that the MX record is one that identifies the mail exchanger as the system itself.


Here's an example of this type of message from the syslog file:


553 5.3.5 mail1.elsewhere.com. config error: mail loops back to me (MX problem?)

The cure for this type of problem is to configure the server to understand that it should accept mail for the particular domain. This can be done for sendmail by adding the domain to the /etc/mail/local-host-names file and restarting the sendmail service.


Recently, however, I ran into a situation in which this familiar scenario did not describe what was happening. Instead of running into "loops back to me" errors for domains for which the server should legitimately have been receiving mail, the server in question was collecting the errors for numerous unfamiliar domains. For most modern Unix servers, this issue rarely occurs because all recent versions of sendmail do not relay mail by default (i.e., they do not accept mail from outside the domain that is also destined for outside the domain). In this case, however, the server was configured to relay mail for authenticated users, so it was required to attempt delivery.



To understand why "loops back to me" errors occur, it is useful to think about the way that mail servers go about sending mail. Most email is addressed to user@domain. For example, sstocker@itworld.com. The server then needs to figure out what mail server is responsible for accepting mail for the particular domain. To do this, it requests the MX (mail exchanger) records for the domain in question. You can look up MX records yourself with nslookup or a similar tool as shown below.


> nslookup
Default Server:  ns1.local.com
Address:  10.1.1.11

> set querytype=mx
> elsewhere.com
Server:  ns1.local.com
Address:  10.1.1.11

elsewhere.com  MX preference = 20, mail exchanger = mail2.elsewhere.com
elsewhere.com  MX preference = 10, mail exchanger = mail1.elsewhere.com
mail1.elsewhere.com  internet address = 123.4.5.6
mail2.elsewhere.com  internet address = 123.4.5.7
> exit

In this example, the system "mail1.elsewhere.com" is the primary mail exchanger identified for the domain elsewhere.com. The system "mail2.elsewhere.com" is a lower priority mail exchanger (with a preference of 20) and will receive mail when the higher priority server is unavailable.


Once our mail server has looked up this information on mail exchangers, it can initiate a connection with the indicated mail exchanger and send the components -- sender, recipient, message contents and such -- to the intended system.


In the case of the server with the "loops back to me" errors, however, there was a slight twist to this normal sequence of events. The MX record for the target domain, instead of identifying a legitimate mail server, contained the loopback address, 127.0.0.1. As a result, any mail delivery attempted for the domain would be directed back to the system trying to make the delivery. It's as if the mail server, in Pogo-like fashion, were saying "I have identified the target system and it is me". Let's look at a couple examples (using nslookup).


Our first example is for trib.com.


> nslookup
Default Server:  ns1.local.com
Address:  10.1.1.11

> set querytype=mx
> trib.com
Default Server:  ns1.local.com
Address:  10.1.1.11

Non-authoritative answer:
trib.com        MX preference = 10, mail exchanger = mail.trib.com

mail.trib.com   internet address = 127.0.0.1

Notice that the mail exchanger is set to mail.trib.com and the IP address provided for trib.com is the loopback -- 127.0.0.1. Continuing in nslookup, we see the same configuration being used for the domain version.net below:


> version.net
Default Server:  ns1.local.com
Address:  10.1.1.11

Non-authoritative answer:
version.net     MX preference = 3, mail exchanger = mail.version.net

mail.version.net        internet address = 127.0.0.1
> exit

The "loops back to me" errors would likely appear in your syslog file (depending, of course on the configuration of your /etc/syslog.conf file) and rejected mail will probably end up in the inbox of whichever user is assigned the role of postmaster.

    Add a comment

    Post a comment using one of these accounts
    Or join now
    At least 6 characters

    Note: Comment will appear soon after you have activated your account.
    Obscene/spam comments will be removed and accounts suspended.
    The information you submit is subject to our Privacy Policy and Terms of Service.

    ITworld LIVE

    Operating SystemsWhite Papers & Webcasts

    White Paper

    Microsoft Enterprise Agreement Program Overview

    Discover how flexible the Microsoft Enterprise Agreement Program is to help you build the right software solution agreement for your business. This paper highlights all the available options-from on-premise software and cloud service solutions, to payment options and enrollment programs, and more.

    White Paper

    Watson - A System Designed for Answers. The future of workload optimized systems design

    Watson is a workload optimized system designed for complex analytics, made possible by integrating massively parallel POWER7 processors and DeepQA technology. Read the white paper about Watson's workload optimized system design.

    See more White Papers | Webcasts

    Ask a question

    Ask a Question