On Thu, Apr 08, 2010 at 04:52:00PM -0800, Royce Williams wrote: > > Answering myself, I have reworked our *_networks to reflect our > architecture based on my re-re-re-reading. Nobody has said that my > example was broken (or was any good, for that matter), so I'm > operating from that. > > With all possible interfaces included from my dedicate MSAs in > msa_networks, my customers are still subject to IMG_DIRECT_TO_MX, > FSL_HELO_NON_FQDN_1, RDNS_NONE, HELO_NO_DOMAIN, DOS_DIRECT_TO_MX, > HELO_LOCALHOST, and the other "you look like an end user, not an MTA" > rules. > > Either my example is fundamentally broken, or everybody else is > already in there ripping and gripping rules anyway, and so don't mind > maintaining a similar list. > > Since there's no FAQ entry for this, but the reading for understanding > the problem is so dense, I'm starting to doubt my own sanity. :-)
As said, these checks are made on the external border. Your example does not have MSAs defined as internal.
