Customers sending email though server rs6161 (i.e., email1.luxsci.com, email4.luxsci.com, and smtp.luxsci.com) were intermittently experiencing slower connections, timeouts, and connection rejections.
Investigation showed that this was due to 100s of concurrent connections from many different and differing IP addresses to SMTP SSL port 465. A majority of these were not even trying to "speak SMTP" ... but were just connecting and being rejected after a few seconds. However, the net effect was to "clog up" SMTP sending on this server.
We first tried to simply increase the SMTP processing capacity on the server and wait a bit to see if the influx either (a) abated as these sometimes do after a short time, or (b) the sustained impact was small enough it could be absorbed by simple limit increases. This turned out not be be the case.
As of now we have mitigated this situation by blocking inbound SMTP connections on port 465. This is blocking all of these invalid connections. However, as 465 is a valid SSL SMTP port, it may also block some customers.
For those customers who are now blocked, we recommend changing SMTP port to:
1. The standard SMTP TLS port 25 or 587, or 2. Port 6465, which is our alternate SMTP over SSL port.
For those customers who are affected but can not change their port and who are on a fixed IP address, please contact LuxSci support and we can white list your IP address so that you can connect to port 465 on this server.
LuxSci will periodically check and remove this block on port 465 if/when the connection influx abates.