This is something that I recall seeing a bit as far as in forums, but never really found a solution for .... I have multiple SBS 2003 boes for various clients who at times get a flurry of what looks to be attempts to relay mail via smtp with inetinfo.exe. We see multiple Event 529 failed attempts in eventviewer.
I have gone through http://blogs.msdn.com/b/puneetgupta/archive/2007/08/20/unknown-username-or-bad-password-inetinfo-exe-advapi.aspx
but this is really identifying the culprit, and I would prefer to block any such attempt.
I am not an exchange expert my any means, but one would think that if I am receiving all email through a third-party, then I should be able to apply some type of filter stating that all other attempts should not be accepted? Right? How do others deal with this same issue, or is this just apart of SBS 2003 life and we should just keep passwords strong?