In my Pix 515e there is an access-list entry : access-list out_acl permit tcp any host 184.108.40.206 eq smtp
( 220.127.116.11) is the public IP address of the Mail server.
do I need this ?, can somebody explain to me what this access-list is doing ?.
Why should I want any host to access my mail server through smtp ?
Sorry, I try to better explain:
that is the tipical configuration in order to allow your server to exchange mail directly with Internet; let's assume your mail server answers to the "MyDomain.com" domain and you want it is able to directly receive mail from Internet; you have to activate a public DNS MX record, a "public route" in order to make your mail server public.
Then, Internet knows that to deliver mail to your mail server it has to contact the public IP address of your server (that's using a private (or DMZ) IP Address.
Thanks to the mentioned acl, static and access-list, you allow the incoming traffic on port 25 (SMTP - Simple Mail Tranfer Protocol) to exchange mail with your server.
So, if you want that "Internet" can contact your email server, you need of this acl;it allows "ANY" because "any host" (anyone) can send mail to your server. If you have a smarthost in order to exchangemail, you can replace "any" with the smarthost server IP address.
I hope it can be helpfull.