According to the SpamHaus Project–a U.K.-based antispam compiler of blacklists that block 8 billion messages a day–a new piece of malicious software has been created that takes over a PC. This “zombie” computer is then used to send spam via the mail server of that PC’s Internet service provider. This means the junk mail appears to come from the ISP, making it very hard for an antispam blacklist to block it.
I was afraid something like this was going to happen.
Looks like authenticated mail relaying is going to be mandatory, even inside a network.
The only IP address that will be legitimate for unauthenticated relaying is 127.0.0.1 (localhost) and the mail servers own addresses.