I think I figured it out. The qmail-smtpd.c patch for SMTP AUTH had an exploit. It did require authentications, but it didn't care what credentials you threw at it, so long as you sent something. On that note, does anyone know of a way to get SMTP AUTH working with qmail without being an accidental relay?