Hi,
- the smtp (mta) is aaa.bbbb.com (where aaa & bbbb are ficticious). I want the rely denied by default but also want granted access for users whom From:'s field is: *@bbbb.com and *@cccc.com (being cccc.com another domain which is NOT local to the machine; bbbb.com is the "local" domain, I mean, there is a MX record pointing to the mta's ip.). The problem is that my users can connect to the smtp machine from *ANY* ip. So the rely-filters only could trust in the "From:" line in header's mail. I know this isn't too much secure, since spammers could send mail spoofing the From: field (which is trivial).
however you do it (setting the respective domains to RELAY in /etc/mail/access should do it), you can be sure that this relaying behaviour will land your mta on ORBS and all other open relay lists sooner than you can imagine and spammers will just love that machine... Kind regards, Holger