Hello reto,
what is the source of the spoof attack coming from ?? if it is one of these, then the PIX blocks all the spoof traffic by default, since thats the way it is supposed to work:
1) 127.0.0.1 - loopback
2) broadcast address
3) land.c subnets - your same network...
If it is something else, we have to analyse what IP is that and see if it is required.. Are you not able to connect to the PIX outside at all from the internet ?? this should not be the case.. can you do a tracert and find out where it is dropping ?? Are there any other log messages on the PIX ?? Try going to internet through a laptop.. take the IP of that laptop and connect to PIX. see if there are any packets hitting the firewall with that laptop's IP ... am sure you can nail down the issue...
Hope this helps.. let us know..
Raj