postfix

Why is smtp postfix slowly accepting connections on port 25?

Good afternoon, colleagues.
For the last 3 years I have been administering one postfix+dovecot mail server on ubuntu 10.04.
Over the past week, an incomprehensible ambush has begun to occur - the connection to port 25 has become very slow.
Even if you do telnet IP 25 to the server, then the timeout is about 20-28 seconds. Telnet localhost 25 on the server connects instantly to itself.
No antivirus, firewall disabled. There is a lot of disk space, the write / read speed is sufficient.
I connect via the local network to the IP address, you probably don’t have to think about DNS.
Here is the config.

[email protected]:~#  postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 20971520
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = MYDOMAIN.ru
myhostname = mail.MYDOMAIN.ru
mynetworks = 127.0.0.0/8, 10.0.0.0/24
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_connection_rate_limit = 30
smtpd_client_restrictions = permit_mynetworks, reject_unauth_pipelining, permit_                                                                                                                     sasl_authenticated, reject_unknown_client_hostname, permit
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_i                                                                                                                     nvalid_hostname, reject_non_fqdn_helo_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_pipelining, reje                                                                                                                     ct_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipien                                                                                                                     t, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client sbl-x                                                                                                                     bl.spamhaus.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain, rej                                                                                                                     ect_non_fqdn_sender, permit_sasl_authenticated
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/server.crt
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_loglevel = 4
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550

Where to dig?