At 21.47 17/02/2006 -0500, you wrote:
>either
>1) you're scanning the wrong IP
>2) you told it to open those to something on your LAN (even if you
>permitted the traffic accidentally, without NAT rules, it'd get
>dropped)
>
>as Don said, config.xml would help.
>
>-Chris

If I may, there could be another possibility.
It already happened to me some time ago, that when I was scanning a host I 
kept finding these very same open ports and I found out later that it was 
my antivirus (Avast) that made them appear open to my scanner.

If you've got Avast, just turn it off for a moment and try again to scan 
and you'll see the ports were being "proxied" by the antivirus filter 
modules (email protection and web protection I think).

Hope it helps!

         Michele