Do you have to add private IP addresses to the trusted_networks list? I only added the public IP Addresses that are set up for our mail server but it does have a private IP and is being NAT'd.
SA is going to see the IPs as the machine running SA sees them.
Set your trusted_networks based on two factors:
1) according to how SA will see the IP when it does a DNS lookup on host names in the Received: header if no IP exists.
2) according to how the IPs in the header will appear, when they do appear.
For example: Received: from mail.apache.org (hermes.apache.org [209.237.227.199]) by xanadu.evi-inc.com (8.12.8/8.12.8) with SMTP id iA4F3VVt006313 for <[EMAIL PROTECTED]>; Thu, 4 Nov 2004 10:03:31 -0500
In this case, SA's going to DNS lookup xanadu.evi-inc.com. Since SA runs inside the firewall, it's going to get a 192.168.*.* address, not 208.39.141.94. SA needs to trust that private IP, not the public one.
