From: "Jason King" <jking at informs dot com>
>I have a WAN, LAN, and DMZ on my m0n0wall. I want to block all SMTP
> traffic from the LAN going to the internet, and disable all SMTP traffic
> from the DMZ going to the internet except for one host on the DMZ (the
> mail server).
> Basically, I don't want any machine sending SMTP packets out to the
> internet except for one. What rules do I need to add?
The rules go top down to a matching rule. So, on the LAN, you want a any
with a destination port 25 deny. On the DMZ you want a (not ip of the one
host) destination port 25 deny.