Apache James Server is configured by default to avoid being an SMTP open-relay.
SMTP Auth and "Verify Identity" options are enabled when you install James (read more).
Apache James Server supports SSL/TLS (read more).
Apache James Server supports different user storage (read more) - LDAP support is partail (work in progress).