I have someone who wants to send mail from an old scanner which is not capable of smtp authentication. Exim is running internally on the network on port 25 (protected by a spam-filtering mail server) and listening to the world on 587, requiring SMTP authentication to relay mail. I would like to set up a third port (access will be restricted by the firewall and ACL's) that does not require authentication to relay mail. I don't want to just enable for their IP, as that could open the way for spam-sending viruses on machines which share the same public IP as the scanner. Any pointers?