Never relay a message

You recall my Exchange 6 post on January 21st? I allowed Exchange to relay messages to the site's own domain, through their web host's SMTP server, because this is a "shared namespace" (not all user accounts are on the Exchange server). The following Monday the web host admin informed us that 40,000 spams had been sent to users at this domain from their own IP address!!! I think the culprit was a compromised workstation on the LAN. To fix the problem, I disabled relaying and used a setting in the SMTP virtual server that says "Forward messages with unresolved recipients to: {insert mail server name or IP}". Problem solved. Note that no SMTP authentication is required in this case.

At the same site, I drastically shortened the amount of time that Exchange spends on retrying message delivery so that users are quickly notified when there's a delivery problem.