Currently Being ModeratedFeb 11, 2013 1:13 PM (in response to stephanos)
The only way to be reasonably certain of what's going on is to check the mail server logs and see what's being reported there (if anything). While there are various triggers, greylisting would be one potential suspect. Greylisting is an anti-spam technique, and that intentionally delays the earliest messages from previously-unknown sources. Once servers are known, greylisting gets out of the way and messages arrive immediately. But do check the mail server logs for relevent details.
Currently Being ModeratedFeb 12, 2013 1:55 AM (in response to MrHoffman)
Sounds reasonably, too. What makes me wonder is, why totally common domains are delayed. Let's reconstruct:
The original sender is a domain we receive hundreds of emails, we redirect it internally from one user to another and then it suddenly takes up to 12 hrs to be delivered.
So the initial mail from @client.com arrives in time at firstname.lastname@example.org. Why should greylisting apply AFTER the redirect? ... I am not that good in interpreting logs, but in logical thinking
Where should I look first?
Currently Being ModeratedFeb 12, 2013 5:46 AM (in response to stephanos)
Ok; so the users involved are not in various domains. Then it is not likely greylisting, or greylisting has gone rather wacky. Please check the mail server logs. Start with /var/log/mail.log and /var/log/mailaccess.log files, and see what's being reported there related to messages traversing your network.
I'm getting two PTRs back for your mail server IP address DNS, which looks rather strange. I'd expect just one, as mail servers are generally expected to have one A record, which means matching forward (A) and reverse (PTR) DNS translations.
Currently Being ModeratedFeb 13, 2013 10:25 AM (in response to MrHoffman)
I went thru both logs, but can't find anything that tells me how messages might get held up while travelling internally in our network. The two PTRs are reasoned by two servers, as the 10.6.8 server is actually perfoming mail services and the new 10.8.x server should have been the replacement as a push mail server but Apple never made this announcement followed up by actions. So we're stuck in a foundation.
Currently Being ModeratedFeb 14, 2013 6:16 AM (in response to stephanos)
AFAIK, a mail server has and must have exactly one address. That's one PTR record. Not two.
Humor me. Get rid of that second PTR definition.