Bowie,
What does having the mail gateway on an internal network have to do with anything? If it is going to send mail to the Internet, then it must have a public IP address in order to do so. This address may be local to the machine or it may be translated by a router or firewall, but either way there must be a public IP address used by the mailserver. All the rDNS test cares about is that this public IP address resolve back to a name...ANY name. This should not be a problem for any mail gateway installation.
The originating mail server could have a private address of, for example, 172.17.1.60, for exmaple. It could then send that message through another SMTP server that trusts the internal server. And now you've got 172.17.1.60 in your headers as the originating server and that doesn't (and shouldn't) reverse resolve.
You could argue that the mail gateway should strip that line from the header but you can also come up with a variety of reasons not to. The fact remains that this setup is perfectly legitimate within the SMTP RFC and people use it.
If you want to start enforcing new rules that people should follow there are proper channels to employ. Dropping your users' legitimate mail isn't in your users' interest and as a professional sysadmin you are compensated to protect your users' interest. Punishing people for having configurations you believe to be odd, old or obsolete is a differently line of work entirely ;)
Best, Jesse
