Hi,

Last week we have replaced our old firewall (ASA 5540, IOS ver:8.2.5) by ASA 5545-X IOS ver:9.0.3. Everything works fine other than outgoing mail. However, there was no issue in old firewall.

OLD Configuration(ASA 5540, IOS ver:8.2.5):
-----------------------------------------------------------
static (dmz,outside) 203.223.92.38 172.16.252.31 netmask 255.255.255.255

access-list INBOUND extended permit tcp any host 203.223.92.38 eq smtp
access-list DMZ extended permit ip host 172.16.252.31 any

NEW configuration( ASA 5545-X IOS ver:9.0.3):
-------------------------------------------------------------
object network obj-172.16.252.31
  host 172.16.252.31

object network obj-203.223.92.38
   host 203.223.92.38

nat(dmz,outside) source static obj-172.16.252.31 obj-203.223.92.38
access-list INBOUND extended permit tcp any host 172.16.252.31 eq smtp
access-list DMZ extended permit ip host 172.16.252.31 any

=========================================================

In command prompt it shows 550 5.7.1 Unable to relay. We have tried microsoft,Linux mail server, the issue is not in mail server.

In firewall log it show FIN flag from outside. Please help us to solve the issue.

Regards,

Mirza Rakib