As far as I have understood it Botnet checks the first IP not being in
your "trusted networks".
botnet probably does such checks based on trusted_networks and
internal_networks settings: doesn't check IP in trusted_networks, but
continues on next IP when current one is in internal_networks
(where you should put your own mail forwarders and backups, altogether
with
trusted_networks)
Probably uses first_untrusted. So indeed, if one does not have
trusted_networks set up right, then Botnet will probably draw the wrong
conclusions.
Loren
