Ok - I solved my publishing DNS issue, I decided to run DNS on my ISA server and have that serve as my SOA for all my public name spaces, but here is something I discovered, both with publishing my MX server and playing around with publishing DNS Servers. I have on my External NIC one primary IP address and several additional IP addresses for other services like web sites and FTP sites and so on, I discovered that no matter what services I pass through ISA it will not work unless I use the Primary IP address. Let me explain, My Public MX server was living behind my old firewall, in the process of migrating services over and replacing my OLD firewall with ISA, I moved the MX server behind my ISA server, I took the Public IP address for the MX server and added it as an additional IP address to the External Interface of ISA, then I published the MX server, I found that mail could be delivered but the return trip got lost, it was not until I changed the Primary IP address of the ISA server to the Original IP address the MX server was known as, did the mail come back to me. ? Same as the DNS issue I had, running DNS on my ISA server and having it listen on all interfaces one would think it would work even though the IP address of the SOA server is NOT the primary IP address of the ISA External Interface. I hope I was clear in my explanation. Any Takers on this one ??