Can’t receive/relay mail within private network but I can manually connect to port 25 whithin the network

Can’t receive/relay mail within private network but I can manually connect to port 25 whithin the network

[Kirk]

Hello,

I have three machines (Solaris and two Linux servers) behind a
firewall running iptables 1.2.11. The firewall has 4 different public
IP's binded to eth0. Three of the IP's map to the private addresses of
the three servers I mentioned above and those 3 IP's have fully
qualified domain names.  One of the Linux servers is configured to
relay mail for the Solaris box plus it receives mail from the other
Linux server.

The mail server has no problems receiving mail from servers outside
the private network but it can't relay or receive mail generated
within the private network. I find this rather strange since I can
telnet to port 25 from any of the other two servers and manually
submit mail.

I must add that I have no problems connecting to other services within
the private network. The machines can find each other because I have
the real IP addresses in the /etc/hosts file of each server. Also, 
mail works fine once I get all the servers off the firewall and change
the addresses in the /etc/hosts files.  I looked at the Sendmail
config files and there are no hardcoded IP addresses.


Here are the rules for mail from my iptables ruleset file:


:INPUT DROP
:FORWARD DROP
:OUTPUT ACCEPT

# allow all established and related
-A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT  -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

#Mail
-A FORWARD -i eth0 -o eth1 -p tcp --syn -d 192.168.0.2 --dport 25 -j ACCEPT

#NAT
-I POSTROUTING -s 192.168.0.2 -o eth0 -j SNAT --to $MAIL_IP

#Mail
-A PREROUTING -i eth0 -p tcp -d $MAIL_IP  --dport  25 -j DNAT --to
192.168.0.2:25


Any help will be greatly appreciated.
Thanks!