Weird PIX problem again

Hi, I'm experiencing the same annoying problem on our PIX reported to this group a few weeks ago.

Inbound smtp connections to our email server from the Internet is fine, except that in certain situations, an Internet client sends a reset-O and immediately, the PIX goes berserk, with the Deny messages in the log below.

When this happens, cpu utilization goes through the roof. Disconnecting the mail server (with an internal address a.b.c.d in the log below) did not help; somehow the PIX still thinks that the mail server is swamping the dmz interface (even though the mail server has been removed from the network). The only way to stop this is to reboot the PIX.

This probably happens a few times a week; at other times when this is not happening, inbound/outbound mails get delivered without problems.

The PIX version is 6.3(5). I've tried turning off mailguard (by removing smtp fixup), but the problem persists.

Is anyone experiencing the same problem? Any ideas/suggestions much appreciated.

TIA.

Nov 07 12:50:19 10.1.1.1 %PIX-6-302013: Built inbound TCP connection

485068 for outside:e.f.g.h/3854 (e.f.g.h/3854) to dmz:a.b.c.d/25 (i.j.k.l/25) Nov 07 12:50:29 10.1.1.1 %PIX-6-302014: Teardown TCP connection 485068 for outside:e.f.g.h/3854 to dmz:a.b.c.d/25 duration 0:00:10 bytes 1984 TCP Reset-O Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz Nov 07 12:50:29 10.1.1.1 %PIX-6-106015: Deny TCP (no connection) from a.b.c.d/25 to e.f.g.h/3854 flags ACK on interface dmz