Viktor - you nailed it. Not certain why just yet, but for a certain subset of hosts, iptables is failing to pass packets containing the mail from:<addr> line. After a certain number of (TCP) retries, some will be successful. nf_conntrack isn’t hitting its limits or anything obvious (far from it), so the hunt continues. Thank you again.
Wietse - nothing wrong with postfix. Brian On Apr 16, 2014, at 2:56 PM, Brian Grimal <[email protected]> wrote: > There is a regular ol’ iptables/linux box in front of this doing nat and > state matching, didn’t think to poke around there. Thanks for the tip. > > Brian > > On Apr 16, 2014, at 2:47 PM, Viktor Dukhovni <[email protected]> > wrote: >>> >> >> Some firewall or load-balancer or similar device is losing connection >> state on the network path between your server and the SMTP clients. >> You'll have to track down the culprit. >> >> -- >> Viktor. >
