My TCP/IP Stack knowledge is a little rusty so please bear with me....

I have a CentOS 5.7 server with SendMail and am having seeing intermittent timeout issues sending email (particularly larger email) to other remote domains. It doesn't happen with all attachments or recipient domains. Just some. After some extended troubleshooting, I think I've narrowed it down to TCP Sequences not being acknowledged.

Here's a breakdown of the TCP session from a packet capture I collected directly on my MTA (fooMTA):

Packet 1 - 11: Standard TCP handshake followed by initial SMTP conversation.  No errors.  
Packet #12 Recipient MTA: TCP sequence 231.  Ack 91. 
Packet #13 FooMTA: TCP sequence 91.  Ack 305. 
Packet #14 FooMTA: TCP sequence 1115.  Ack 305. 
Packet #15 Recipient MTA: TCP sequence 305.  Ack 2495.
Packet #16 FooMTA: TCP sequence 2495.  Ack 305.
Packet #17 FooMTA: TCP sequence 5255.  Ack 305. 
Packet #18: Recipient MTA: TCP sequence 305.  Ack 5255. 
Packet #19: FooMTA: TCP sequence 6635.  Ack 305. 
Packet #20: FooMTA: TCP sequence 8015.  Ack 305. 
Packet #21: Recipient MTA: TCP Sequence 305.  Ack 8015.
Packet #22: FooMTA: TCP Sequence 10775.  Ack 305. 
Packet #23: FooMTA: TCP Sequence 13535.  Ack 305. 
Packet #24: Recipient MTA: TCP sequence 305.  Ack 10775
Packet #25: FooMTA: TCP Sequence 14915.  Ack 305

It keeps going like this with my server still thinking it hasn’t received sequence 305… in response the remote side eventually retransmits its prior data thinking that it never arrived. Eventually the gap gets so large that no new data is sent and the remote MTA keeps retransmitting old stuff. This contributes to an exponential backoff and eventually the remote side gives up.

What’s strange to me is that I see the “missing” TCP sequence (305 in this case) arriving back to my server (via a packet capture collected directly from fooMTA) So I don’t get why my server keeps asking for it.

Could this be firewall related? What would be the next step in troubleshooting?