I know it is recomended to give an ironport ESA a public IP on a dedicated interface to take advantge of the reputation checking etc. I believe this is so it recieves the email frmo the original sender IP and if you put a relay between the Ironport and the original sender you break this. I know there is some things you can turn on in this case but my question is if I NAT from an external IP to the ironports internal IP this shouldnt loose the feature becuase the origin IP doesnt change and the connection is still direct to the ironport, not via a relay. Is this correct? Will i loose any functionality if I NAT the Ironport? Reason im asking is I dont have a free IP to give just to the Ironport but have others I can reuse since SMTP is not in use on these IP's.