Microsoft Exchange Server Encapsulated SMTP Address Open Relay
Remote / Network Access
Exchange contains a flaw that may allow a malicious user to use the server as a mail relay. The issue is triggered when the mail is sent with encapsulated SMTP addresses, which are not subject to anti-relaying rules. It is possible that the flaw may allow unauthorized mail to be sent through the server.
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.