I've been going over some Postfix logs lately and I've noticed some stanzas like this:

Normally I would probably dismiss them as just failed connection attempts, but there are several of these coming from the same address, and nobody from that address should be sending any e-mail through my Postfix. could this be some kind of automated search for open relays, or some other malware? Google really only leads to threads about Postfix configuration problems where mine works like it should. Any ideas?

I have been running my own mail server on postfix for quite a few years. A few months ago, I started having this problem where mail from a specific domain would not be delivered.

I was getting the following error:

Nov 29 15:04:20 woody2 postfix/smtpd[19251]: connect from mail.brent.ca.us[100.199.141.143]
Nov 29 15:04:20 woody2 postfix/smtpd[19251]: lost connection after CONNECT from mail.brent.ca.us[100.199.141.143]

The fact that it was only one domain that was causing this led me to believe that the problem was on the client side, but I did my due diligence to try to fix it including:
1) increasing concurrency in master.cf
2) disabling mailscanner
3) removing sender restrictions
4) disabling grey listing

I called an administrator over at the place and chatted with him for a while. He thought it was on my end, but after I explained what I had tried he did a little investigation and determined that the problem was on his end.

Apparently, they run or subscribe to a "filter" mechanism that fetches the web-pages associated with the destination email domain, and prevents email from being sent to that domain if they find anything there that they don't like.

He said, "There was a filter that found “adult language” within your domain. Your IP has been unblocked."

So, he had to whitelist my IP.

Just wanted to post this solution because it caused me so much grief.

Andy