Actually, unless NAT is configured to do so.. the source IP address should
stay the same, so any outside IPs should be logged as trying to do zone
transfers.  Besides, zone transfers should only occur between primary and
secondary DNS servers, it should not be a re-occuring thing as Mike is
experiencing.

From: "Furmanek, Greg" <Grzegorz.Furmanek@asu.edu>
| I guess that sounds like an option.
|
| If you NATing connection in your firewall the
| bind box will see only the firewall IP therefore
| it will think it is doing zone transfer.