Relay tests with the user%domain.com format are accepted...am I anrelay?

You are doing nothing wrong. No, qmail is not broken. There is nothing to be fixed. It is the way that the MAPS/abuse.net relay test detects whether or not an SMTP server isto relay that is broken.

MAPS assumes that an SMTP server is anrelay if the test mail is accepted. Other services, such as (the erstwhile) ORBS, assume that a server is anrelay only if the test mails are delivered. The latter is the better test, of course. Logically, an MTA is only anrelay if mails can actually be relayed through it.

The particular MAPS test that is causing your confusion submits a test message that is addressed to the mailbox . Being strictly RFC 822 compliant by default (unless you deliberately loosen the restrictions), qmail treats the percent character in the same way as it treats any other character. (This is because as far as the Internet standards are concerned it is no different to other characters.) qmail thus tries to deliver the message to a local user named nobody%mail-abuse.org.

Unless you have very strange ideas about user naming, this will not be the name of a local user on your system, and qmail (specifically qmail-lspawn) will bounce the message. If you do have such a user on your system, qmail will just deliver the mail locally to that user. In neither case, however, will qmail relay the mail anywhere else. So it cannot possibly be categorised as anrelay, whichever of the two actions it performs.

To put it simply: The MAPS/abuse.net test is deficient, inasmuch as it fails to take into account that there might exist MTAs that (in strict conformance with the Internet standards) don't support the percent hack, and that on such systems the act of accepting a message that is addressed to a mailbox with a percent character in the local part is not necessarily the same as being anrelay.

This answer was found at:

homepages.tesco.net/~J.deBoynePollard/FGA/maps-relay-test-is-wrong.html