I have been testing my asterisk voicemail to email system and I noticed that a connection from 192.168.1.1 (the router IP) was remaining connected to the IMAP server after the voicemail was emailed. Connections from my laptop came and went as I checked my email. I manually force dropped the connection to 192.168.1.1 at the mail server and it would just reappear a few minutes later. At first, I thought this was related to my testing of the asterisk voicemail system, but after a lot of experimentation, I discovered it was actually my cell phone. Now here is the issue. The cell phone's IP address is something like 192.168.1.136. Yet, when it got to the mail server, it was 192.168.1.1. This is why I thought the router was doing this. Both my laptop and cell phone connect via wifi. The laptop shows the correct IP on the mail server and the cell phone does not. Here is the difference. The laptop is only used at the house so it connects to the internal server name "myserver" at port 143. Because my ISP blocks 143, I used tomato to port forward 800 to 143. Because I use the cell phone from everywhere, it has to connect to my external address at port 800 which gets forwarded to port 143 internally. So the question is why does the port forwarding change the sender's IP address to the router's? Is this something that only happens when behind the NAT? If this happens from external addresses too, then this is a major security risk because the mail server doesn't require authentication for local addresses.