Hi all,

I have a strange question that is probably more a tcp thing than FreeBSD,
but you all have helped me so much in the past that I thought I'd start

I am running FreeBSD 5.2.1 at home with postfix-2.0.18,1 from ports. When
I send an email from my work (red hat 9, qmail), which is behind a
Watchguard Firebox 700 doing NAT and using their "smtp-filter" (i'm the
sysadmin at work, so any bad there is all me), to my home address it
causes the freebsd machine to sit in the the following state (from a
netstat -an | grep 25):

tcp4       0      0         61.XX.X.XX.28709       CLOSING
tcp4       0      0         61.XX.X.XX.28708       CLOSING

This ties up the smtp port and any further attempts to connect from
anywhere on the net yield:

421 SMTP service not available, closing transmission channel

To get this I have to send a bunch of emails (say 4 or more) and the first
two always get through. When I send a bunch of emails from any other
address (yahoo, etc) this does not happen.

I did a tcpdump -i fxp0 and greped for the port of one of these sessions
and see:

21:45:18.424512 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F
2504912170:2504912170(0) ack 2923328197 win 65535 (DF)
21:47:26.436486 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F
2504912170:2504912170(0) ack 2923328197 win 65535 (DF)
21:48:30.442449 chinook.myhost.com.smtp > 61.XX.X.XX.28709: R
2504912171:2504912171(0) ack 2923328197 win 65535 (DF)

So ... what's going on here? To me it looks as if chinook.myhost.com is
trying to ACK back to the server at my work and not getting an answer.
>From what I googled the tcp connection takes 5 mins to die in the closing
state. But in the meantime my mail server is not able to receive messages.
Should it do this? This seems like a "bad thing" and an way of DOSing
someone's mail system.

Any thoughts? Any better places to post?

Thanks in advance,

August Simonelli

