While configuring the Barracuda SPAM Firewalls it can be logical to add your email server’s domain to the trusted senders’ domains and to the trusted relay domains – nothing more confusing! Doing so will make a lot of spam coming through your firewall because many times spammers modify email headers in such a way, so they pretend to be from your server’s domain. Moreover, doing so will render your spam firewall to be an open relay for a part of spam with such modified headers.
So let this be a lesson for everyone – do not trust anyone, even your own domain, when it comes to defense against spam.
I think, that someone from Barracuda Network shall think too about improving the defense mechanism – why the firewall does let emails from trusted domains get relayed even if they were sent from an external, not known IP addresses?