Though complete security is a non-existent entity in this day and age due to constant threats being generated every single day in the form of malicious coders and hackers, security protocols can be established to maintain a high level of security in the exchange.
There are some ways by which you can secure your Windows Exchange. SMTP Virtual servers are usually invisible and inaccessible to the general public, otherwise branded as unauthorized users. The default relay restrictions do not allow the users to send mails to external locations using the Exchange server.
Sometimes, the user tends to change the restrictions which allow the Exchange server to be used for spamming purposes. In other words, if the server is open for relaying, unauthorized users can use your server to send mails to others, which increases the visibility and be marked as a server for open relay. Sometimes, relay control and relaying is confused with spam; it has to be understood by the administrator that relaying does not block spam.
Anonymous access to the internal SMTP and the dedicated SMTP servers has to be prevented for IMAP and POP clients. The general Simple Mail Transfer Protocol servers do not need to have their anonymous access prevented because the authorization protocols exist by default.
Exchange servers are designed to automatically authenticate and provide access to mails and internal communications. They prevent unauthorized access therefore making sure that the mail flow is not disrupted. This provides an extra force or security to the SMTP virtual server.
Restriction of mail, message and file transfer submissions, and relaying access on internal SMTP servers could also help increase the level of security. The standard Windows 2000 server or Windows 2003 Discretionary Access Control List helps you provide explicit permissions to users and groups for access of the servers.
For servers which have to receive mail from the Internet, it is mandatory for you to leave anonymous mail reception but with extra security. This ensures that mails from different servers and mail service providers can still be received while maintaining a good security level in the Exchange.