SpamFilter is sitting on my DMZ, and my firewall is also a SMTP server. So the MAPS Blacklist servers will never be used (if I read the docs correctly), since my firewall is the initiating connection of SpamFilter. Is this true? If so, then the default configuration of Spamfilter will catch nothing for me. Is there any solution for this?

Mark,

SpamFilter is designed to be the proxy for your incoming email. The firewall usually simply listens (the fancy ones can do virus scanning at this point) on port 25 and then re-routes the connection to your SMTP server (which should be SpamFilter if you wish to use it).

If configured correctly (and if the firewall supports it) when passing the connection to the DMZ the server should see the original IP in the packet, not the firewall's IP. A similar thing should happen with your web servers inthe DMZ for example. They should see the real IP of the internet users, *not* the firewall's IP. If someone were to attempt a hack on your webserver, it would be very hard to find out who did it if you did not know the IP. It's usually very hard to cross-reference webserver logs with firewall logs to find out who connected when, especially when the clocks are not synchronized.

Roberto Franceschetti
LogSat Software