Our current setup is that email gets routed through our GSuite, any e-mail corresponding to an existing account (staff+board accounts) is delivered by GSuite, all remaining ones are passed on to Loopia where additional redirect rules exist (volunteer accounts). If there is no match for an e-mail reaching Loopia then an error is passed back to the sender.
However it appears that Loopia cuts corners when e-mails originate on it's own servers. An e-mail sent from a Loopia e-mail server gets instantly captured by the Loopia redirect rules without first being passed to GSuite.
This is similar to the previously noted issue where a redirect in Loopia would get used, despite the account existing in Gsuite if the e-mail first passed through an address in Loopia. That case could be solved by simply ensuring there are no duplicate redirects in Loopia.
This will remain a problem as long as we have any @wikimedia.se addresses in Loopia!