If your Exchange box sits behind the router, and your internal users are replying to messages and getting this error, then port-forwarding/filtering from the SME box wouldn't be applicable, since those packets intended for the Exchange server aren't routed though the SME box.
I think you were too restrictive when setting up your Exchange box, and as both an Exchange 5.5/2000 administrator and a qmail administrator, let me say this: Exchange sucks. Exchange 5.5 is garbage, and Exchange 2000 is riddled with bugs and security concerns.
Why not just use the SME mail server, which is much more useful, and impressively less expensive
