Sending your reply back to the list for everyone to use/abuse :) My_networks should really be considered trusted sources.. you are saying permit_mynetworks (which includes your relay-IP list) so if you think there is some potential they might send something dodgy, they shouldn't be in my_networks.. I am presuming since they are getting caught by RBL's you don't want to relay for them - sure fire way of getting your server listed..
What are your hotspots comprising of? Public pc's (who's subnets?) ? Ie wireless hotspots? let them send email via their own smtp servers, if they don't have one, then they can use webmail.. it doesn't become your problem then. If its a server at the hotspot you want to allow, then the original suggestion will fix it presuming the remote smtp server @ the hotspot is a local only config (doesn't relay for hotspot clients) I know I am suggesting another way, not really answering your question, but somehow what you are asking smells a bit like trouble.. Nick > -----Original Message----- > From: Andrew Long [mailto:furs...@gmail.com] > Sent: Wednesday, July 29, 2009 10:27 PM > To: Nick Sharp > Subject: Re: proper ordering of reject > > > What you have configured doesn't say reject anything from not in > my_networks, > > it says permit in my_networks, then carry on and do further > checking.. This I > > presume is because you might want to accept email to my_destination > (your > > domains this machine is final destination for) or virtual domains if > > configured.. > > I want to permit mynetworks (localhost + relay-ip) and reject all > else. However, since the relay-ip includes said hotspots, we want to > apply the further restrictions there, including the RBL checks... am I > missing something in our config or my understanding?