Thanks a lot for all the replies, public and private (especially Berk
for detailed explanations). It turns out that my nat rule was not
complete/correct (just as all of the replies had implied this
possibility).
So, for the record, the rules I'm using right now are as follows, and
work perfectly:
nat on $ext_if1 proto tcp from self to any port smtp \
tag IF2 -> ($ext_if2)
pass out log quick on $ext_if1 route-to ($ext_if2 $ext_gw2) \
tagged IF2 keep state
Thanks again for the great community support.
