Hi, I have the following network:

pc1 (eth0)
pc2 (eth0)
pc3 (eth1 intranet, eth0 internet)

I want pc1 to be an MUA (Mail user agent), pc2 MTA local and pc3 MTA relay and FIREWALL.

My first step is to deny connections from internet to my local MTA and I have this:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP

What I want is an iptable rule to force pc1 (MUA) to send internet email using first MTA local and then MTA rlay.

Can someone help me on this? I'm a newbie in iptables and the rules above where given to me...