I've tried it all. no inspect esmtp. no policy map. inspect esmtp tls with banner obfuscate off. i'm out of ideas. i always get 220 ******** when telnetting to mail server from outside. tried 184.108.40.206 and 8.0.5. any ideas?
cable modem -> asa5505 -> sa540 (router mode) -> mail server via static map policy for port 25 on asa5505
internal same subnet and different subnets works fine. works fine across site to site vpn. just get stupid banner when i access from outside.
policy map nat ip address is different than outside interface address. have other policy nats using 443 an 80 and they work fine.
Without ESMTP inspection the ASA should not proxy for SMTP.
Can you do a packet capture in and out https://supportforums.cisco.com/docs/DOC-1222 and see if indeed the ASA proxies and changes these smtp packets?
It turns out the servers / pc's was testing from were behind asa's with inspect esmtp turned on. there was nothing wrong with my asa's, for future reference.