Forwarding external-bound packets internally with ipfw

[patrick]

I have a few servers, and I'd like to force secondary servers to
deliver mail to the primary via a private network (each server is
dual-homed). Mail would be deemed "local" (destined for my LAN) by
specifying a bunch of CIDRs. I would like to accomplish this using
ipfw's forwarding support, but I am having a problem getting the rule
right. I first tried using ipfw forward, but after reading the man
page in greater detail, it seems like this likely won't work.

My next thought is to use ipfw's divert functionality in conjunction
with natd, but it is not clear to me how I could tell natd to forward
to the correct internal server using the redirect_port option.
Ideally, I would like to maintain only one list of IP blocks.
Additionally, it seems like natd wants you define a rule per IP, which
will get to be rather annoying when dealing with hundreds of IPs that
could easily be classified using a mask.

An example of what I want to do follows:

Server A: public IPs: 1.2.3.0/24, private IP: 192.168.0.1
Server B: public IPs: 2.3.4.0/24, private IP: 192.168.0.2
Server C: public IPs: 3.4.5.0/24, private IP: 192.168.0.3

When Server B accepts mail destined for Server A, I would like it to
route through 192.168.0.1 rather than the public IP.

The same goes for if Server C accepts mail for Server A or B using the
respective internal IP.

This isn't really relevant, but I'm using Postfix as my mailer. It
does have an option to force a relay_host, but it will not let you
differentiate destinations. This works fine with two hosts on the
network, but not for three or more.

Any ideas of how I could accomplish this?

Thanks very much,

Patrick