That's what I've been trying to tell them.
But that's what their mail server is doing, picking up external (for their personal inbox) and then having the internal server deal with sending etc,
removing any sort of sneaky software trying to spam from the network.
I know that they do have a new Tech on hand that's giving them ideas and such, so I'm guessing these request from from him. He's probably been sniffing around logs
and seen many access attempts (which I've setup fail2ban to lock them down)