[rokudan]

Not that it answers your question, but there is not need to double up on your NAT's... Only the initiating side needs a NAT... Meaning, if you have someone coming IN to you for a service, and you want to NAT it.. You only need the first NAT you have listed, that takes the source and sends it to the NAT'd IP. If your inside SMTP server is initiating a connection to those source IP's you listed in the first NAT rule, then yes you need the reverse NAT. Otherwise, one will do...

Think about this way, if in your ruleset you only have inbound connections allowed to a host, then you only need the inbound NAT. However if you have two way access allowed, then you will want to NAT both ways..

In the case of your SMTP server, you would probably need to NAT both ways.. Since with SMTP you will be accepting connections initiated from the outside (recv mail), and you will be initiating connections to the outside (send mail).

However, I doubt your other services, like http and https, will have connections initiated from your server. Unless your browsing the web from that server, to whatever IP's you have listed as your dest.

Sorry I cant help with why it stopped working, that is odd based on the info given.

Did any of that make sense?