iptables/smtp/dns question

[greenberg at hcfama.org]

Hoping someone can help me clarify a problem I am having setting 
up a firewall.

I want to put our mail server (qmail) behind an iptables-based 
firewall as part of a dmz.  Our LAN uses a separate range of private 
ips.  They are physically segregated running through separate NICs.

I tried it out last night.  I could send mail from the LAN to the mail 
server.  I could pop mail from the LAN.  I could receive mail from 
the internet. I could not send mail to the internet (the mail did get 
to the server, but sat in the qmail queue).

In retrospect, I am wondering whether the problem was actually 
DNS-related.  We use a DNS server OUTSIDE our network, i.e. on 
the internet.  I was allowing traffic out on port 53 from the mail 
server, but not allowing it in.  Would this have prevented SMTPD 
from being able to resolve email addresses to ips, and thus 
queuing the mail on the server? 

Sorry for being long-winded, just trying to be clear...