You can easily check if you have an open relay with websites like http://www.mxtoolbox.com/, https://www.testexchangeconnectivity.com and http://www.checkor.com/
When you found out that they say that you have an open relay you can double check that with the following command :
Get-ReceiveConnector | Get-ADPermission | where {($_.ExtendedRights -like “*SMTP-Accept-Any-Recipient*”)} | where {$_.User -like ‘*anonymous*’} | ft identity,user,extendedrights
Then use the following command to close the anonymous relay :
Get-ReceiveConnector “YourReceiveConnectorName” | Remove-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”
Then re-check using the mentioned websites. 🙂