> Quick background: I have a wandering, disorganized, computer-illiterate boss > who needs to send mail from his laptop from any network, without changing > any of his computer's settings. I've set up postfix to handle this, but it's > on a local 192.168.0.0/24 net behind our firewall. One of the networks he > needs to be able to send mail from is our local wireless network, same > subnet.
So, he's directly on 192.168.0/24, and so is the mail server.. I guess he's trying to access the mail server on it's external address, am I right? You can't redirect a packet back out the interface it was received on, so that won't work. Either he'll need to use a different address for each location (which can sometimes be handled by having the name server hand out different addresses to queries from different subnets, some popular desktop OS will cache the lookups for longer than you'd like, partly mitigated by stopping 'DNS Client' service), or the mail server could be moved to a different nic on the firewall, or nc can be used to forward connections as described in PF FAQ. authpf doesn't come into the equation here - the same would happen with ordinary firewall rules.
