smtp auth; who ,how, why and when?

Question

Hello, 
 Using exchange 2010 
 2x Rx connectors 
 
 internal network 
 gateway, anonymous permissions only. 
 
 All users use Outlook, some users work from home, most users have email on their phones. Occasionally I use OWA from the outside world. 
 UTM SGxxx, configured for smtp proxy, no ISP smart host 
 There is one website with a user enquiry form. 
 I have no test environment so I am loath to poke around too much. 
 Questions: 
 Does exchange need the UTM nominated as a smart host and Why? 
 Does the UTM need to accept smtp auth from the internet for the outlook services described above? 
 
 if No? how do I turn it off (this question arises due to around 7 regular "Too many failed logins from xxx for facility smtp, blocked for 24hrs") but still allow the website enquiry form to pass. 
 
 Cheers

Ol Deda · Answer

Authentication is not a handshake with other external hosts like hotmail or gmail, but like i said users only can send emails directly from UTM (no need to logon to exchange). In this case you should disable the Authentication 
 In Relaying Tab: 
 1) Disable 
 "Allow authenticated relaying" 
 2) In "Allowed Hosts/Networks"  should be only Exchange Ip 
 In exchange configure a "send connector" with UTM Internal IP x.x.x.x.  (not host-name or dns name) 
 In this way you eliminate DNS Problems or some other failures in exchange. The Email will be handled by UTM where you can see more detailed logs in case of failure. You can leave Exchange Server without Gateway or DNS configured, and the email will still go out