One of our customers had a small issue with an bringing an infected laptop onto their network. It appears that it sent out a bit of spam. In response we've adjusted visitor access and have modified a number of firewall policies. One thought did occur to me though. Is it possible for a virus/malware application to use the mail account for exchange and route it's garbage mail through the exchange server?
Another way to ask this, is if the user logs into the domain when he/she signs into their account, are they considered an authenticated user to the exchange server in respects for relaying?