Very interesting.
I have made deeper tests, also comparing with another SMTP plugin, and I found that this plugin has a real bizarre security corner case, that is very persistent.
I'm checking it now with my hosting company as this issue is on the border line between the plugin and the hosting server.
I will update here when I have more solid conclusions.