Burton Windle wrote:
> Basically, we are seeing denied traffic on our firewall. The source of
> the traffic is the mail servers we are sending to; it is coming FROM
> their TCP/25, and going to some random high-level TCP port on our sending
> host. If I didn't know better, I'd think it was denying part of the
> three-way TCP handshake, but the email is flowing, and the mail queues
> are low.


Just a guess at a possibility... An SMTP transaction to a low
numbered MX record target might be blocked by your firewall but then
succeed as the MTA falls back to higher numbered MX targets, if the
firewall allows the connection to a lower numbered host. A firewall
could be blocking transactions to the primary hosts but mail would
continue to flow because it would flow to the fallback MX hosts.

In the end you just have to get in there and debug it.

Bob