> Thanks. That'll work (well, I'm going to try it, anyway). But more
> fundamentally I'm wondering _why_ acls don't work there. Should they? Is this
> a bug/feature?
> Cause that's kinda what the acls are there for, no?

No.  ACLs are like wildcards -- they can be used to match against.  You 
can put networks in ACLs, but it's unlikely that you would want to 
notify all the machines on a network.

