ASA 5505 base DMZ license

you can publish an inside host on the outside, via static and ACL, if thats you mean . But then you do not have DMZ, as DMZ seperates your internet accessable hosts from your inside LAN hosts.

If I had the following config, could I access from the LAN a machine in the DMZ using its public IP address? The reason I want to do this rather than the private IP address in the 192.168.0.x range is due to the fact I do not want to show up internal IP addresses on the mail headers of the messages going through the box. There is no access list on the LAN interface, and so traffic should be allowed to go from a higher level security interface to a lower level security interface, but not sure whether the loop would be allowed? If this works, I would want to see the source IP address presented to the machine on the DMZ to be that of the firewall outside interface (PAT).

Also, I have multiple NAT statements for a single machine. What will happen with these?

Note that at the moment I am in the planning stage, when I put the configuration in the firewall I will enter the commands manually, and let the firewall software work out the order of the various sections.

Thanks. Andrew.