Lets be clear on what is an OPEN relay and what is not. OPEN relay means that client can send email ANYWHERE without authenticating. JBMS cannot be configured in this manner. However authenticated users can of course (by default) send mail anywhere to any domain.
You can configure on SMTPServer/Protocol instance that does NOT Allow for sending email externally (only receiving mail addressed to local users) and DOES NOT allow authentication and bind that to one NIC.
Another could be configured to allow authentication and relaying mail.
"trusted ip" as authentication is not secure and is an anti-pattern. We do not support it as a design decision. Assign your users accounts and passwords :-)