Hello, Recently, we've been seeing instances of viruses propagating into internal mail servers, completely bypassing the MIMEDefang relay. The problem has nothing to do with MIMEDefang; rather, it's a symptom of lax network security. If you are using MIMEDefang as a filtering machine and then relaying to your real mail server, you should follow these precautions: 1) Do not publish any MX records pointing to your internal mail server. All published MX records should eventually relay through the MIMEDefang machine. 2) If you have an A record for your domain (example: roaringpenguin.com has an A record of 209.195.84.23), make sure that the machine with that address either isn't running a mail server or will eventually relay through the MIMEDefang machine. We've seen instances of spammers trying A records for domains. 3) Even if you don't have MX or A records pointing to internal mail servers, you should firewall off port 25 on internal mail servers from the outside world. We've seen instances of the MyDoom virus bypassing the MIMEDefang machine by port-scanning for something listening on port 25. The basic guiding principle: Do not permit any path for Internet e-mail to bypass your MIMEDefang machine. Regards, David.