I am trying to redirect all incoming SMTP connections through a Linux bridge (Kernel 2.6, Debian) to an SMTP server running on the aforementioned bridge. (It's qmail with SpamAssassin and a logging utility.) When I try to connect to port 25, instead of being forwarded to the SMTP server running on the bridge, it just hangs for a while, then the connection times out. Relevant info:

eth0: External, Part of br0
eth1: Internal, 192.168.1.1
eth2: Internal, part of br0, connected to MS Exchange server with routable IP address, herein referred to as xxx.xxx.xxx.xxx
br0: No IP address, just a bridge between eth0 and eth2

Starting out with all interfaces down, blank routing tables, etc., this how I set it up:

ifconfig eth0 0.0.0.0 up promisc
ifconfig eth1 192.168.1.1 up
ifconfig eth2 0.0.0.0 up promisc
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth2
brctl stp br0 on
ifconfig br0 0.0.0.0 up
iptables -A PREROUTING -t nat -d xxx.xxx.xxx.xxx -p tcp --dport 25 -j REDIRECT --to-port 25
route add -net xxx.xxx.xxx.160 netmask 255.255.255.224 dev br0
route add default gw xxx.xxx.xxx.161 dev br0

Anyone see anything I'm missing?