Mail filtering gateway in DMZ config problem

From:	Ugo Bellavance <ugob at camo dash route dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Mail filtering gateway in DMZ config problem
Date:	Mon, 18 Apr 2005 07:08:54 -0400

Hi,

	I've installed m0n0wall recently and I'm having problem configuring my 
rules correctly for my mail setup.

	Here is my setup (3 interfaces m0n0).

Wan: 1.1.1.1/29
Lan: 192.168.1.1/24
DMZ: 192.168.2.1/24

Mail filtering gateway (DMZ): 192.168.2.2
Internal mail server   (LAN): 192.168.1.2

Rules:

1-to-1 nat from 1.1.1.2 to 192.168.2.2 so that mail sent to my domain is 
received by the filtering gateway.  This server processes mail and must 
send it to the internal mail server.  So I did an inbound NAT.

All is well with this setup for incoming mail.  However I have a problem 
with outgoing mail.

My internal mail server sends a message to the filtering gateway, which 
processes it.  Then the filtering gatway tries to send the message to 
the destination mail server (say 24.24.24.24), it gets redirected to my 
internal mail server in an infinite loop.

Anyone has an idea of what I'm doing wrong?
Please let me know is you need more info.

Right now to solve the problem I had my internal mail server send e-mail 
directly, bypassing the filtering gateway.  However, I'd rather filter 
my outgoing mail.

Thanks,

Ugo