On Wed, 14 May 1997, Alan Thew wrote:
> I thought I had this right and had set the following
>
> sender_net_accept_relay = "138.253.0.0/255.255.0.0:\
> ....
> ....
>
> (included our Class C nets).
>
> I may have done something stupid with the netmasks but my (apparently)
> wrong understanding was that RCPT TO:<> containing addresses in the
> specified nets would be allowed but others would not.
No, you have misunderstood; sender_net_accept_relay specifies nets from
which relaying to *any* address is permitted. The option which specifies
which domains you will relay to from any host is relay_domains.
> I'm trying to stop relaying where mail from:<> and rcpt to:<> are both
> offsite.
Set sender_net_accept_relay to your local nets. That allows hosts on
your local nets to relay to anywhere.
Set relay_domains to any domains other than those in local_domains that
are on your site. That will allow all hosts on the Internet to relay to
those domains.
Hosts that do not match sender_net_accept_relay will then not be able to
relay to domains that are not in relay_domains (or to your
local_domains, of course).
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714