Topic: RCPT TO:<%FR_EMAIL@mydomain.com>

[icpix]

There are lots of those in this afternoon's log. SME Server 6.0.1-01 continues to respond with...
 Sorry, percent hack not accepted here

It amounted to a stack of activity all at once. Is this an old issue (against which SME Server is already configured)?

I was unable to quickly track anything down on webmasterworld or google and so I am relying on the composite experience of the forum;~)

best wishes, Robert

[CharlieBrady]

There are lots of those in this afternoon's log. SME Server 6.0.1-01 continues to respond with...
 Sorry, percent hack not accepted here

Exactly as you'd want it to ... surely.

[icpix]

Emphatically. I'm curious what it's all about though. Meanwhile I tracked down the perpetrating IPs (a bunch of five in Ireland) and all feature heavily in the Google abuse groups for (typically) Nigerian/financial spam. I wasn't able to track down anything about the actual perpetration/wheez/hack.

best wishes, Robert

[icpix]

I'd misinterpreted the word 'hack' by assuming it was something done elsewhere against my server. It would seem to be more something done by design to the server or more accurately the qmail component. Following URL should make more sense than I...
http://x42.com/qmail/cookbook/percenthack.shtml

best wishes, Robert

[CharlieBrady]

Emphatically. I'm curious what it's all about though.

Incompetent spammers. What you're seeing (I confidently guess) is a variable in some spamming software, which should have been replaced by a valid "from" address.

 Meanwhile I tracked down the perpetrating IPs (a bunch of five in Ireland) and all feature heavily in the Google abuse groups for (typically) Nigerian/financial spam.

Report to the abuse address at the ISP owning that netblock. I'd guess it's Windows zombie machines sending the spam though ...