Sending from Gmail, you can send 'on behalf' of somebody else. I've noticed when this feature is enabled, and the firewall is set to allow and redirect port 25 to the webmail server, only this traffic bounces.
Delivery to the following recipient failed permanently:     
[email protected]Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 Transaction Failed: Command "FROM" field differs from data "FROM" field. (state 17).
We have a dlink NetDefend firewall (latest firmware) configured with the service SMTP over TCP
There is also SMTP-in, SMTP-inbound and SMTP-av. Perhaps this is where the problem lies, however I assume that the plain SMTP service will either allow everything or nothing, not selectively reject emails.