It means a whitelist for users in one of virtual domains. But if sender
of processed message is <>, i.e. it's a bounce message, then lookup is
hit, even if recipient is in foreign domain. So, the above construction
gives an open relay.
{:} construction was in our config file for historic reason. Replacing it
with {} does correct the situation.
I suggest to process looking with key=<empty> in special manner, because such
lookup is mostly useless, and can give undesired results in case of typos
and carelessness.
--
Alexey Y. Promokhov, system administrator
Joint Stock Venture "GP Telecom", Moscow, Russia
