DNS is a common issue
Exim may be configured to do an ident lookup on incoming email. For a long time this defaulted to a 30 second timeout - I'm not sure if this is still the case. Delaying mail slightly helps a lot with spammers I've found (naive spammers will push the mail anyway, which then lets you trigger on protocol violation errors), so it's worth doing still IMO.
# RFC1413 lookups can cause timeouts. (ident) rfc1413_hosts = * rfc1413_query_timeout = 5s
rfc1413_hosts defaults to *, so if you want to disable it, try
rfc1413_hosts =