Mitigating Mail Loops when using Auto Reply in Exchange 2010
When you enable Auto Reply for the Default(*) Remote Domain in Exchange 2010, you are increasing the risk of causing a mail loop.
When you send an auto reply to a message, and the recipient has either an auto-reply or Out Of Office set, their reply can cause your auto-reply to send another message to them and if not correctly configured on the recipient's side, it can cause their auto-reply or Out Of Office to fire again, causing a vicious loop which can impact both environments even to the point of denial of service. By design, Auto reply is disabled in Exchange 2010 for this very reason.
There is no guaranteed way within Exchange to prevent this issue, however it can be considerably mitigated using the following process:
Create Remote domains for each domain you intend to set up an auto-reply for rather than using the default. This will limit the risk to those domains.
Create a new transport rule that adds the Precedence verb with a value of Bulk to the outbound auto-reply email for the specific mailbox. You can do that in Exchange Management Shell as follows:
- New-TransportRule -Name 'Add Bulk Header' -Comments 'Rule to add Bulk Precedence header to outgoing messages from specific mailbox' -Priority '0' -Enabled $true -From 'firstname.lastname@example.org' -SetHeaderName 'precedence' -SetHeaderValue 'bulk'
When a message is sent that hits that rule, it's headers will wind up looking like this:
Received: from E2K10.instant-grits.com ([fe80::c878:a6ab:d327:57d0]) by
E2K10.instant-grits.com ([fe80::c878:a6ab:d327:57d0%14]) with mapi id
14.03.0235.001; Tue, 1 Dec 2015 19:54:11 -0500
From: Brian Smith <Brian@instant-grits.com>
To: "email@example.com" firstname.lastname@example.org
Date: Wed, 2 Dec 2015 00:54:09 +0000
When that rule is running, it sets the X-Auto-Response-Suppress header to ALL which means auto-replies on Exchange servers will ignore it which includes the following kinds of Auto Replies:
DR (delivery receipts)
NDR (non-delivery receipts)
RN (read notifications)
NRN (not read notifications)
OOF (out of office)
Non-exchange servers will see the Precedence: Bulk instead of the X-Auto-Response-Suppress and if they are well behaved, they will not reply to it either.
What this means is, the recipient won't even send an out of office to messages that have this verb in their headers. No out-of-office means no mail loop.
Again, keep in mind that this applies to well-behaved auto-responders. There is the potential that some environments may have a less than well behaved auto-responder (Non-Exchange/misconfigured mail systems). So the potential is still there, but it reduces the risk substantially. Most mail systems follow the SMTP standards and will understand the headers appropriately.