Even beyond just the open relay some will look for servers that relay then try to find an existing account. In other words they'll hack an email server. this and other tricks they'll use.

You best bet is to block all incoming packets from these location (countrys) either at the router or with a firewall. i mean really how many of us have ligitimate incoming communications with china unless you have people there or are a multi-national conglomerate.

just block entire IP ranges or subnets like:

202.0.0.0 - 203.255.255.255

(i have the list at work if your interested)

the only things we get from china and S E Asia in general are spam, porn and hack attempts

If you dont the next hole thats found will be used against you.

A couple of years ago, before i knew better 15k spam letters went threw my server in one day. it was so intense we couldnt send or receive any mail. even after i stopped the relaying they kept coming, tieing up our sever sending 'user not local' messages by the score. it took me 2 week to find all the black hole lists we'd been added too and get retested and our ip addy removed.

just block them all.