>... then I have a >DMZ containing the servers which must, for their very nature, offer some >sort of services to, or be accessed from, the Internet at large, such as >the web server, ftp server, mailserver etc.: these latter servers are >therefore somewhat more at risk of being compromised (although i try to my >best to keep them as secure as possible), and ARE thus DISALLOWED TO >ESTABLISH ANY OUTGOING CONNECTION, to minimise the possible amount of >damage a break-in could cause.
Sorry, what is purpose of this (see emphasized text)? May be disallowing relaying of any kind?
