I can't add much to the already-fairly-technical discussion so far, but I do have a couple of thoughts.
* You mentioned being able to replace the Cisco router with another one. Could you try a non-Cisco one? Some Cisco gear is infamous for silently munging SMTP transactions in the name of "security". * If the internet-facing side of the router is plain ethernet (eg. connected to your ADSL modem), you could attempt to run a packet capture there. * If you're having consistent problems with that one client (or others as well), you could contact your ISP and ask them to do some packet capture for you. It might be hard to get through to someone sufficiently technical though. * Noone's pointed out the your first packet capture also exhibits the same "missing data" problem. After the client sends RCPT TO and you respond with an Ok, the next thing it drops on the wire is "Received: from srv1.shoppingsquare.com.au" in frame 12. I'm not that confident in my packet capture-reading skills, but I'm not seeing a discontinuity in the sequence numbers that Wietse saw in the second capture. I've poked your server a bit and it appears to have zero tolerance for errors. Your server should have responded immediately with "221 2.7.0 Error: I can break rules, too. Goodbye.". Instead it just ACK'ed the packet and kept waiting, this seems odd. I'm thinking you should contact the other end and ask them what networking hardware they've got that might be messing things up. At the same time, tell them to allow some useful ICMP. Their firewall might well be blocking ICMP Must Fragment, I also see they're dropping fragmented packets entirely.
signature.asc
Description: OpenPGP digital signature
