A security upgrade for Movable Type has just been made available that closes a hole that allowed spoofed mailing through its mail system.
This is in addition to the recent “Google patch” to modify external links in comments so that search-bots ignore them.
The two patches combined will reduce mis-use of your blog.
More info below.
This plugin closes a vulnerability in Movable Type’s mail subsystem. The vulnerability has been exploited to send mail to an arbitrary email address; it is no longer possible to add mail headers to an outgoing mail in this way.
All Movable Type users should install this plugin or upgrade to version 3.15.