==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

- iRedMail version (check /etc/iredmail-release): 0.9.9 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer?downloadable installer
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No

I have an iRedMail server that I've configured as a Backup MX server for our domain. I performed spool and delivery tests from the Backup MX server to the primary server prior to deployment and everything worked fine. Over the weekend we experienced an outage, and I found that after some of the spooled email delivered successfully from the Backup MX server, mail delivery for the remaining spooled mail stopped. I wonder if the issue is due to the volume of email currently in the queue. My spool/delivery tests only included ~5 messages, but during the recent outage, we had ~400 spooled mail. Here's what I've found:

Configuration:

Primary server: Site A (WAN IP 1/network 1)
Backup MX server: Site B (WAN IP 1/network 2)

I've tested flushing one mail from the queue on the Backup MX server.

Sep  6 11:30:09 [Site B mailserver] clamd[8799]: SelfCheck: Database status OK.
Sep  6 11:40:00 [Site B mailserver] postfix/qmgr[10591]: 46Q0Xm39dmzYt8h2: from=<[sender]@[Site B mailserver].[domain]>, size=980, nrcpt=1 (queue active)

My firewall hardware located at Site A indicates that the connection is successful sourcing from the server in Site B to the server in Site A.
Site A firewall hardware log for WAN IP entries:
2019-09-06 11:28:24 Allow [Site B IP] [Site A IP] smtp/tcp 48612 25 Allowed
2019-09-06 11:40:00 Allow [Site B IP] [Site A IP] smtp/tcp 49612 25 Allowed 

The mail server at Site B indicates that the mail was refused

Sep  6 11:40:00 [Site B mailserver] postfix/qmgr[10591]: 46Q0Xm39dmzYt8h2: from=<[sender]@[Site B mailserver].[domain]>, size=980, nrcpt=1 (queue active)
Sep  6 11:40:00 [Site B mailserver] postfix/smtp[11459]: connect to [Site A IP][[Site A IP]]:25: Connection refused
Sep  6 11:40:00 [Site B mailserver] postfix/smtp[11459]: 46Q0Xm39dmzYt8h2: to=<[recipient]@[domain]>, relay=none, delay=3704, delays=3704/0.02/0.05/0, dsn=4.4.1, status=deferred (connect to [Site A IP][[Site A IP]]:25: Connection refused)

The mail server at Site A is receiving emails from other external domains without issue, but there are no log entries for traffic from Site B on Site A's mail server to indicate a delivery rejection at the destination.

I attempted to flush all mail within the Backup MX's queue and found the below entry in the mail log.

Sep  6 11:55:35 [Site B mailserver] postfix/error[12099]: 46NJm55VZMzYt9tg: to=<[recipient]@[domain]>, relay=none, delay=242001, delays=242001/0.67/0/0.04, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to [Site A IP][[Site A IP]]:25: Connection refused)

However Site A's firewall indicates that connectivity is working.

2019-09-06 11:55:34 Allow [Site B IP] [Site A IP] smtp/tcp 50958 25 Allowed

Are there any settings that I can configure to address the volume of mail attempting to deliver? Is it possible that connectivity is failing because too many emails are trying to deliver at once? I added the below entries to main.cf but that didn't help.

smtpd_timeout=1200s
smtp_pix_workaround_delay_time = 300s
smtp_pix_workaround_threshold_time = 86400s