I have exchange 2007 setup on a single server. It is behind my firewall and I am doing a static mapping to go from the public IP to the private IP the exchange server is on. Since we switched to Exchange 2007, the spam is out of control. Outbound queue's are filling up with what looks like NDR attacks to other domains and we are constantly receiving spam such as email addressed from ourselves, to ourselves (Spoofed). With exchange 2003, I had this under control. There was the ability to control this somewhat. I could setup DNS block list and had control over NDR attacks and could check against SPF texdt records. It does not look like I can do any of this now. I have heard that if I want to do any of this, I now need a separate edge server. Could someone help me with this? If an edge server is what I need, I could use some setup advise. If that is not what I need, please tell me what I need to do. The spam is out of control.