I am in the process of switching firewalls. Currently I have a Sonic Firewall inplace.  I have been tasked to switch the firewall out with a cisco asa firewall 5510.  The sonic firewall currently allows email traffic, web traffic, and dns traffic.  When I use the current config below on the asa I am unable to receive email from the outside network.  I can send and browse websites but I cannot receive email.  Any help would be nice.

ASA Version 9.1(1)

! hostname ciscoasa

enable password kdkfdjdjflkadjdsfj

xlate per-session deny tcp any4 any4

xlate per-session deny tcp any4 any6

xlate per-session deny tcp any6 any4

xlate per-session deny tcp any6 any6

xlate per-session deny udp any4 any4 eq domain

xlate per-session deny udp any4 any6 eq domain

xlate per-session deny udp any6 any4 eq domain

xlate per-session deny udp any6 any6 eq domain

! names

!

interface ethernet0/0

nameif outside

security-level 0

ip address 8.134.7.66 255.255.255.224

!

interface ethernet0/1

nameif inside

security-level 100

ip address 12.12.220.1 255.255.255.0

!

interface ethernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface management0/0

management-only

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

!

boot system disk0:/asa911-k8.bin

ftp mode

passive object network dns1_internal

host 12.12.220.10

object network dns2_internal

host 12.12.220.11

object network email_internal

host 12.12.220.12

object network email_external

host 8.134.7.70

access-list outside_access_in extended permit tcp any object email_internal eq smtp

pager lines 24

loggin enable

logging adsm informational

mtu management 1500

mtu outside 1500

mtu inside 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

asdm image disk0:/asdm-711-52.bin

no asdm history

enable arp timeout 14400

no arp permit-nonconnected

!

object network email_external

nat (outside,inside) static 12.12.220.12

! nat (inside,outside) after-auto source dynamic any interface

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 8.134.7.65 1

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip_provisional-media 0:02:00 uauth 0:05)00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

http server enable

http 192.168.1.0 255.255.255.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec security-association pmtu-aging infinite cryptio ca trustpool policy telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd address 192.168.1.2-192.168.1.254 management dhcpd enable management ! threat-detection basic threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ! class-map inspection_default match default-inspection-traffic !

!

policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns

preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspectip-options

!

service-policy global_policy global

prompt hostname context

no call-home reporting anonymous