My problem is similar. I can connect when on my internal network through a variety of means, including IMAP and SMTP/POP, with and without TLS. However when I try to connect externally, I get 'relay denied' errors in my Postfix mail log as follows:
NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx <but see comment below>]: 554 5.7.1 <email@example.com>: Relay access denied; from=<firstname.lastname@example.org> to=<email@example.com> proto=ESMTP helo=<Inbox>
(I have of course blanked out the IP address and changed the email addresses to show that I think they are checked)
Now, I'm not sure whether this is a Postfix configuration problem, or a sasl problem (I do not have a sasl2/smtpd.conf file that I can find anywhere on my system!), or indeed a NAT problem (see below). I have checked 'authenticate outgoing mail' on my client.
But here's the IP address discussion bit (possible NAT problem) as promised in the log entry: I have of course defined my networks and specified to permit them in Postfix's main.cf. However the error log suggests that Postfix might be rejecting on the IP address. It appears that it is seeing my public IP address from the public side of my router, not my local network IP address. I.E. my router might not be performing NAT properly. I.E. it is port forwarding, (Telnetting gets through fine) but not network address translating. Could this be (part of) the problem?
I hope you can help, I've been on this for weeks. I'm happy to post any config file snippets, log entries etc that you might need.
Thanks in advance,