If you don't have any external programs running checks on incoming email (i.e. command-line antivirus) then the default 1 second is fine in most cases for the Delivery Delay setting on Incoming Gateways.

 

For Retry Intervals I have the same as our Outgoing Gateways:

 

5, 5, 15, 30, 30, 30, 30, 60, 90, 120, 240, 480, 960

 

Granted, on an Incoming Gateway you shouldn't ever have to retry that many times to reach your Primary as those settings will mainly be used for NDR bounce-backs. On our Tertiary MX we'll have quite a few NDR messages sitting there daily with 13 failed attempts at delivery. Having that many retries at such long intervals over a 35 hour span allows us to clear them out manually at our convenience rather than having the bounce-back bounce and clog up our Postmaster account.

 

The best thing about Gateways, other than offloading Antispam and Antivirus checks, is that you can be overly aggressive with your IDS Rules without fear of accidentally blocking users. Set your DOS and Brute Force to the max (as no one should be attempting to authenticate you can set those to a Threshold of 1 with a Block Time of 43200 or higher, and any protocols other than SMTP can be set to block with a similar Threshold & Block Time). Set aggressively the SM IDS tends to block 200,000 to 2,000,000 connections a day, adding about 2,000 new IPs to our Blocks daily.