[原文]Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam.
Barracuda Spam Firewall Self Whitelist Arbitrary Mail Relay
Remote / Network Access
Loss of Integrity
Spam Firewall contains a flaw that may allow a malicious user to arbitrarily relay mail. The issue is triggered when the sender's domain or Spam firewall's domain is whitelisted. It is possible that the flaw may allow the sending of mail not normally allowed resulting in a loss of integrity.
Upgrade to version 3.1.11 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.