[exim] How the heck am I generating backscatter with Exim?

I just received notification from mxtoolbox.com that our outgoing mail
server has been listed by backscatterer.org as a source of backscatter.

The problem is, that I can't reproduce the problem except by being a relay
host (which the default Exim configuration allows). That spammers would
try this route at all seems pretty boneheaded to me, in this age of botnet
viruses doing an end-run around mail gateways and all that.

For example, if I were to try to run `exim -bh 206.190.54.127` (one of
Yahoo's MXes), I get the following:


mail from: myaccount@???

250 OK

rcpt to: nonexistant@???

550 Unrouteable address


While trying to do the same thing from an IP address in our
relay_from_hosts list, generates a bounce message later:


mail from: myaccount@???

250 OK

rcpt to: nonexistant@???

250 Accepted


So is there some kind of virus out there that goes out of its way to break
backscatterer.org by attempting to list every legitimate mail server in
the world or something? Because that's the only possible explanation for
what's going on here. Spammers trying to actually send spam in this way
would just get relay servers DNSBLed in short order, rendering them
useless for entire networks.

Or maybe this has more to do with backscatterer.org's Express Delisting
"service"? Are they now trying to blackmail us?