This really has me puzzled. Since a couple of weeks we are using new Exchange 2007 servers. Everywhere I look it tells me it is virtually impossible to turn an Exchange 2007 server into an open relay by accident, but somehow we seem to have one.
We're getting email rejected by spamfilters telling us that we have a open relay.
If I do a telnet to the external IP address it seems I can send email from another domain, so this points to an open relay as well.
In the Exchange configuration on the properties of the Hub Transport the is no checkmark for "Externally Secured" on any of the receive connectors.
In the "Accepted Domains" there is no wildcard ("*"), only the domain names that we accept email for.
Does anyone know what else could be causing the open relay?
For security we use a Cisco ASA 5505 firewall, could that have anything to do with it?