It has been noticed with recent plesk releases, it creates a catch-all address called ‘trash54321@domain.com’ with the numbers being a random string. This mailbox is not visible from the Plesk interface and exists even if catch-alls are turned off for the domain. The exploit in this is that the password for this account is set the same as the username.
If someone could somehow discover the username for that catch-all account, they could log in and use the account to relay.

The issue is worth discussed in the plesk forum and i found to be useful for those  facing this issue. [URL]

Novell, Inc announces its popular linux brand Suse 11 stable version to be released by June 19,2008. Suse 10.3, which is the currently available stable version is known for its user friendliness and its tremondous graphics. Its YaST control panel enables end users more control over their machine with out much linux knowledge.