I am getting a lot of spam lately and I think the problem is open relay in my exchange server even though I used www.test-smtp.com
and it said that All tests succeeded, no relay accepted. But when I check the Queues on exchange I see email sent to domains that we usually don't send (See queues.jpg) and when I check the sender I see firstname.lastname@example.org and we don't have that account. I already checked the small business connector to see if the Allow messages to be relayed is checked and it is not (see coonector.jpg) and on the relay restrictions I removed all IP addresses and uncheck the allow computer who authenticate to relay (see relay.jpg). The only problem that I can see is the Authentication, I have anonymous access enabled (see authentication.jpg) because we have some Xerox machines that scan and send the image to our email accounts but everything else looks good. Am I missing something or the authentication can be the problem for the spam? Any help will be really appreciated it.