10.4.11 SMTP error

Hi all, We have a 10.4.11 server here running mail services. I've scoured the forums here and couldn't find anything _quite_ like the isue I'm having, though I did find some info that I will e sure to use for testing tomorrow (no VPN access or anything else for that matter to my office). Users can send/receive email internally just fine (i.e.: user1@internaldomain.org can send to user2@internaldomain.org just fine) and can _send_ mail externally just fine, but cannot _receive_ mail from any external domain. External domains receive no bounce back messages of any kind. There are no SMTP errors in any of the logs (I have set logs to debug level as well). We do have a second entry in our MX records for mail delivery. It seems that mail is being redirected to zoneedit.com (our secondary entry) before mail.mnn.org (our primary mail server). zoneedit then contacts our mail server but for some reason cannot get through. I've copy/pasted the results of an nslookup from my box at home: " andrew$ nslookup > set type=mx > mnn.org Server: 10.0.1.1 Address: 10.0.1.1#53 Non-authoritative answer: mnn.org mail exchanger = 100 mx3.zoneedit.com. mnn.org mail exchanger = 0 mail.mnn.org. Authoritative answers can be found from:" Up until yesterday we were receiving no errors although mail was obviously not being delivered. zoneedit.com is now flooding our postmaster inbox with the following similar messages (about 7000 times): "Subject: Postfix SMTP server: errors from mx3.zoneedit.com[71.6.145.17] Transcript of session follows. Out: 220 On behalf of MNN let me personally let me welcome you to our mail server! In: EHLO mx3.zoneedit.com Out: 250-mail.mnn.org Out: 250-PIPELINING Out: 250-SIZE Out: 250-ETRN Out: 250-AUTH LOGIN PLAIN CRAM-MD5 GSSAPI Out: 250 8BITMIME In: MAIL FROM: SIZE=231768 Out: 250 Ok In: RCPT TO: Out: 451 Server configuration error In: DATA Out: 554 Error: no valid recipients In: RSET Out: 250 Ok In: QUIT Out: 221 Bye" The recipient is a valid address and I cannot find any config errors in the GUI in server admin nor in the main.cf file... We have both an internal and an external firewall. We've turned off all rules on the external firewall right now. For obvious reasons we cannot turn off filtering on the internal firewall. We've traced packets from an external box at my house to our mail server at the office. It passes through just fine, and is registered on the firewall logs, however mail is just not being delivered. I'm out of ideas since I am no postfix admin. Any ideas here? I can post log entries tomorrow since I will be in the office. Our backup plan is to move the mail server to the DMZ since most people are suggesting this as it is "easier" to manage this way. However I have a few questions: 1. How exactly can we manage changes to the directory(i.e.: adding/removing users) through the DMZ? is this accomplished through a NAT and I can just add the server as a member server? My postfix admin skills are pretty fledgling - I'm much more comfortable with a Kerio or Exchange setup. TIA!