I have a 2866 at site 1 connected to a 2862 at site 2 via a Lan to Lan VPN.

Site 1 routers IP is 192.168.1.1 while site 2 is on 10.27.27.x

At the 2862 end there is a mail server running (hMailserver at 10.27.27.56).

Port 25 at the site 1 2866 is open and forwarded to the mail server at 10.27.27.56 - down the VPN

What I have discovered is that connections made at site 1 and forwarded to the mail server at site 2 are appearing to the mailserver as coming from 192.168.1.1 (the router address) rather than from the actual connecting external IP.

This is a disaster. All mail servers are constantly being hammered by spammers looking for open relays. The mailserver is constantly banning IPs that keep trying and failing. The result in this case is that 192.168.1.1 is banned 100% of the time and is effectively dead for the purpose of receiving emails.

Is this behaviour normal? Shouldn't the site 1 routing be passing on the IP of the external connection?

Clearly for a local mailserver at site 1 it must see the the external IP. Why should the fact that is going down the VPN change this?

It strikes me I must have done something wrong somewhere. (This is the first time I have set up a VPN so maybe something there is wrong.)

The VPN is using SSL Tunnel.