What is the third screen capture? Firewall app? You don't need rules in Filter or Firewall app if you don't have a block all rule.

Remove the destination address in the port forward rule. It was cause issues since it is conflicting with destined local.

You can reduce the Port Forwarding down to just one rule by listing all the Ports in a comma-separated list (25, 143, 465, 993) and removing the "New Port" entry.

Then I would remove the "Destined Local" rather than the "Destination Address" from the rule. jcoffin is right that these do cause a conflict (Destined Local means traffic targeting the Untangle server itself, which is not the case here). So the rules as written will never forward ANY traffic. But it seems like you have multiple external addresses (base ryft.net matches 67.21.158.170 instead of 67.21.158.174) and need to be sure only traffic for the one address is forwarded to the server. So for these rules I would only use Destination Address and Destination Ports. Maybe protocol, but I might even leave that off.

Thanks guys, I will try these and let you know.

Yes, Third screenshot is the firewall app.. Is there a best practice to use the Filter Rules vs the Firewall app or vice versa? Or both?

All is working as expected now.. Appreciate the quick response

Always use Filter Rules when you can. They operate 'lower' in the device, at layer 3, and can save a bit of processing overhead. Whenever you're using layer-3 criteria (IP addresses, ports, protocols, interfaces), Filter Rules are the better choice.

Firewall app Rules operate at layer 7, so they're a little 'later' in the processing pipeline. They're great if you want to do geoip blocking or firewall policy stuff based on layer 7 criteria (such as other NGFW apps' information, Active Directory group membership, &c.).