A trusted forwarder is normally a device on your network that first accepted the mail and then forwards it to the Barracuda. For example a virus server that prefilters your incoming mail, or a mail server that does RBL checking before it relays the mail to the Barracuda.
When you add a trusted forwarded that servers IP is skipped and the next IP in the hop is checked (using the header received lines).
You should NOT add as a trusted forwarder and external server or service that accepts mail from senders and then relays it to your Barracuda. When you do the Barracuda will skip that IP and as noted check the next IP in the hop. This is often a dynamic IP address from some IP service which is almost certainly going to be on a blocklist.
As an example Google has two different mail services. One sends mail that was generated by their web services (these are automatically trusted forwarders on the Barracuda Spam Firewall) and ones that relays mail from home or office mail servers (These are NOT trusted forwarders on the Barracuda Spam Firewall).
If a someone managed to hack into the Google network and start relaying mail from their trusted servers and they hit a barracuda we would see that and block the mail, if the relaying server was on out blocklist.
If you do not want the Barracuda Spam Firewall to check the IP address of senders down the received chain then do not add the sending server as a trusted forwarder. The only IP that should be added as a trusted forwarder is an IP you want to skip so the Barracuda will check the next IP in the chain which is the one that sent the mail to your trusted forwarder.
Note that Barracuda Network has a pre-filter service called the Cloud Protection Layer (CPL). The CPL servers are Trusted Forwarders on all Barracuda Spam Firewalls. This allows the Barracuda to skip the CPL IP and check the actual server IP that sent the mail.
If you have any questions please call Barracuda Support.
Link To This Page: