Routing external network traffic to a service that only listens on loopback

I'm running protonmail-bridge on a server on my home network, and I'd like to have several other machines utilize it as their IMAP/SMTP server without having to run duplicate copies of the bridge everywhere. However, as near as I can tell, protonmail-bridge does not offer any configuration options to instruct it to listen for traffic anywhere except the local loopback interface. I understand the desire to avoid exposing it to public networks, and anticipate the lack of configurability is for that purpose, but if any of the machines I want to connect to it on my home network are compromised, my perimeter is already breached in a much more serious way and so I am unconcerned by the security implications. In attempting to make the protonmail-bridge service accessible, I've tried a number of approaches. I also run an NGinX server on that box, and I initially attempted to set that up as a mail proxy, only to discover the amount of work required is unreasonable (completely removing my existing NGinX service, working around issues with repos I've run into to download new binaries, getting proper flags to compile with the mail extension, etc.). After concluding that approach was excessive, I started trying to reconfigure firewalld (it's a centos 7 box) to assign both loopback and my NIC to the same zone and do port forwarding; that consistently failed as well. Out of curiosity, I explored setting up socat, and succeeded with the following command:

socat -d -d -lmlocal2 TCP4-LISTEN:25,bind=100.100.181.49,su=nobody,fork,range=100.100.181.0/24,reuseaddr TCP4:127.0.0.1:1025

Through that, I was able to telnet to my local NIC's address and reach the protonmail-bridge server. However, I dislike the idea of daemonizing a pair of permanent socat processes just to make this operable. I found a suggestion on doing this with IPTables (in this answer ) and so I shut down firewalld and migrated to using iptables directly. However, having implemented an equivalent rule for my network, I continue to get connection refused when trying to reach the protonmail-bridge service via my internal NIC's address. Is there any way to actually do this by configuring my centos box's built-in services and standard services like iptables or network manager, or do the OS and tools' internal limitations around considering loopback traffic martian mean I will inevitably have to set up some daemons and keep socat tunnels up permanently for both SMTP and IMAP traffic?