Thank you, Daniel, for taking the time to analyze my traces
and to explain the problem so perfect, that even non-net-developers,
like I, can understand it. (-;)
This looks like a bug in the client's TCP/IP stack, and how to fix it
depends on the client's OS. IMO, the RST is invalid, and pf is
right in
blocking it.
The OS is Darwin 8.8 / Mac OS X 10.4.8, a 4.4BSD descendant and
the relevant source may be in netinet/tcp_output.c, found here
http://www.opensource.apple.com/darwinsource/10.4.8.ppc/xnu-792.12.6
Good news is that your diagnosis could bring us forward to resolve
a long running painful bug filed against Mail.app, the Apple email
client.
If you agree, I would like to add your diagnosis to my open bug
report and
cross-post the mail on the Darwin Developers list, before filing a new
bug against Darwin.
Axel
---------------------------------------------------------------------
Axel Rau, ☀Frankfurt , Germany +49 69 9514 18 0
