Here is my scenario. I have a mail server 192.168.1.2. I have a proxy/firewall server 192.168.1.1. The proxy/firewall server is running Redhat 7.2 and I have my firewall configured through ipchains. On my mail server I am allowing message relays from 192.168.1.0. I have the proxy/firewall server set to forward all traffic on port 25 on my outside address to the mail server 192.168.1.2. All forwarding that I have set up is done with XINETD. This is where the problem comes, everything works fine except that I am still showing up as an open relay. I need to set up my firewall to allow traffic to be forwarded from my outside address to the mail server without people being able to spoof the IP and send through my mail server. What is the best way to forward the traffic from port 25 on my outside address to my mail server on an inside address without me being an open relay? What is an example of a rule I could add to my firewall to stop this. Thanks.

AFAIC, relaying is an MTA thing, so except for adding the Class A and B addresses to the outside eth device like:
iptables -A INPUT -i eth0 -s 192.168.0.0/16 -j DROP
iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j DROP
iptables -A INPUT -i eth0 -s 255.255.255.255 -j DROP
iptables -A INPUT -i eth0 -s 127.0.0.0/8 -j DROP
iptables -A INPUT -i eth0 -s 0.0.0.0/8 -j DROP
iptables -A INPUT -i eth0 -s 169.254.0.0/16 -j DROP
iptables -A INPUT -i eth0 -s 224.0.0.0/4 -j DROP
iptables -A INPUT -i eth0 -s 240.0.0.0/5 -j DROP
iptables -A INPUT -i eth0 -s 248.0.0.0/5 -j DROP
you'll have to configure Sendmail to disallow relaying.

My thoughts exactly