Postfix behind NAT firewall

We've been running an antiquated iMail server on an Windows NT4 box behind a Netgear firewall that uses NAT for port forwarding; the situation has worked fine, except that the mail server hardware is old and on the verge of failure, and the software is, as noted, antiquated.

In recent months, we setup a Postfix/MySQL/Courier-IMAP virtual mail server on a linux box, put it up on a public IP (using iptables for a firewall), and started moving some of our domains over to it. For domains still hosted on the old system, we've forwarded delivery to the new server. The new server has dual NICs, one for the external IP, one for the internal network; currently, it receives fine on both networks.

One item on our DNS still needs to be finished, but it's a complex issue, and in the meantime we want to host all mail on the new system. We thought it would be as easy as simply forwarding from the firewall to the new server via the internal IP, but it's not working that way.

Things I've tried:

• proxy_interfaces = xxx.xxx.xxx.xxx
• relay_domains = $mynetworks (where $mynetworks includes the local network)
• mydestination: added the external IP to it
• inet_interfaces = all

So, the basic desired setup includes two components:

• internet -> external IP on firewall -> internal IP on postfix server -> postfix
• internet -> external IP on postfix server -> postfix

I've done either one of these things by themselves, but never in combination. Anybody have any ideas?