To that end, I've compiled a few tips I think you might find useful when troubleshooting a recipient receiving multiple messages.
First, review the full headers of the duplicate messages as found on the recipient system. The received headers will be insightful. Which headers are the same across the duplicates and which are not? Compare "received" headers, noting which ones have the exact same time stamps and message IDs. For example, if the "received" header showing receipt at the recipient's mail server is unique for each message, then that tells you that the recipient's mail server is being handed the same message over and over. It may or may not tell you which server is to blame, but the information it provides will be useful.
Here's what usually causes duplicate message issues:
- The receiving site is running a CISCO PIX firewall with "SMTP fixup" enabled. There's a long standing bug in this firewall that will make it squeeze the SMTP connection shut without telling the sending server that the message was received. The net result is that the sending server will send the same message over and over and over, until the message expires.
To tell if the receiving site is running a PIX firewall, telnet to port 25. If you get an SMTP banner that is mostly unreadable, containing dozens of asterisks, then you have found a PIX firewall in use.
To fix the issue, the receiving site needs to turn off SMTP fixup and disable Mailguard. And let's be clear - this is the receiving site's fault. Don't blame the sender. In this scenario, the PIX firewall is not RFC compliant.
- Perhaps the sending MTA has too short a time out setting, and the receiving MTA is taking too long to reply with its acknowledgement of receipt of the message. The net result is that the sending MTA "hangs up" on the receiving MTA, not realizing that the message was successfully delivered. The solution there would be to configure the sending MTAs to increase the SMTP session timeout setting.
- A disk error on some mail server in the email delivery chain could result in a corrupt, non-deletable lock file, resulting in that machine handing that message off to the next one repeatedly.