[dns-operations] mail.protection.outlook.com
Viktor Dukhovni
ietf-dane at dukhovni.org
Mon Apr 20 19:59:25 UTC 2020
> On Apr 20, 2020, at 3:16 PM, Dave Lawrence <tale at dd.org> wrote:
>
> The actual MTA itself is a bit vexsome, as well. I've had a message
> stuck in queue for several days now because "lost connection ... while
> sending message body".
That can happen due to path MTU issues, especially with larger messages.
Do you by any chance have the relevant ICMP messages filtered? Also
some firewalls get confused by window scaling, you can disable window
scaling via "sysctl" or similar.
I would recommend a careful look at a PCAP file with a full capture of
a delivery attempt. You may see retransmissions and then a reset, rather
than an unexpected hard reset.
Do your logs show how long the delivery attempt took? If it was reset
quickly, then retransmissions are likely not the issue, and it is then
possible that the connection is summarily dropped due to a persistent
false positive.
--
Viktor.
More information about the dns-operations
mailing list