Microsoft Knowledge Base Article 310380 contains the following summary:
This step-by-step article describes how to prevent Exchange 2000 from being used as a mail relay.
Note that the default Exchange 2000 configuration does not allow unauthenticated users to relay through the server.
Exchange 2000 provides full Simple Mail Transfer Protocol (SMTP) mail services.
The Exchange 2000 SMTP server can be used to receive and relay e-mail messages to other Exchange 2000 servers
on your network or to other SMTP servers on the Internet. Mail relay permits Exchange 2000 mail clients
to send mail to users in other organizations. If mail relay is not permitted, the Exchange 2000 server can only
receive and send mail for users in the same mail domain as the Exchange 2000 server.
When the Exchange 2000 server relays e-mail messages, the Exchange 2000 server can forward mail that is addressed
to mail domains other than its own. This permits Exchange 2000 to forward mail to any internal or external network
SMTP server.
There are dangers inherent in making an Exchange 2000 server accessible to Internet users.
The Exchange 2000 server might be used as a mail relay by Internet users,
which you do not want because unscrupulous users might forward mail to your Exchange 2000 SMTP server
to distribute unsolicited commercial e-mail messages to large numbers of computers. This can have a severe adverse
affect on available bandwidth for your Internet connection and might lead to your mail server being placed on
"black hole" lists of open mail relays. If your server is placed on such a list, other mail servers may not accept
mail from your domain.