This isn't OS or Control Panel dependent, so I'm putting it here...

mail-abuse.org has a very useful utility for testing your server for open-relay. (Guaranteed to be abused by spammers.)

Log in to your server via SSH (or remote desktop if running a Windows server), and telnet to relay-test.mail-abuse.org.

This will run a gamut of tests on any mail server answering on your servers port 25. (Basically it attempts to relay mail through your server using various tricks used by spammers.) Here's a sample of its output:

Code:
Trying 168.61.4.13...
Connected to relay-test.mail-abuse.org.
Escape character is '^]'.
Connecting to 0.0.0.0 ...
<<< 220-We do not authorize the use of this system to transport unsolicited,  -0800 
<<< 220 and/or bulk e-mail.
>>> HELO cygnus.mail-abuse.org
<<< 250 server.example.com Hello cygnus.mail-abuse.org [168.61.4.13]
:Relay test: #Quote test
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <"nobody@mail-abuse.org">
<<< 501 <"nobody@mail-abuse.org">: recipient address must contain a domain
>>> rset
<<< 250 Reset OK
:Relay test: #Test 1
>>> mail from: <nobody@mail-abuse.org>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.
>>> rset
<<< 250 Reset OK
:Relay test: #Test 2
>>> mail from: <spamtest@maps1.pa.vix.com>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-unrouteable mail domain "maps1.pa.vix.com".vix.com>
<<< 550 Sender verify failed
>>> rset
<<< 250 Reset OK
:Relay test: #test 3
>>> mail from: <spamtest@localhost>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-unrouteable mail domain "localhost"ocalhost>
<<< 550 Sender verify failed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 4
>>> mail from: <spamtest>
<<< 501 <spamtest>: sender address must contain a domain
>>> rset
<<< 250 Reset OK
:Relay test: #Test 5
>>> mail from: <>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.
>>> rset
<<< 250 Reset OK
:Relay test: #Test 6
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-Unrouteable address for <spamtest@server.example.com>
<<< 550 Sender verify failed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 7
>>> mail from: <spamtest@[0.0.0.0]>
<<< 501 <spamtest@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 8
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <nobody%mail-abuse.org@server.example.com>
<<< 550-Unrouteable address for <spamtest@server.example.com>
<<< 550 Sender verify failed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 9
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <nobody%mail-abuse.org@[0.0.0.0]>
<<< 501 <nobody%mail-abuse.org@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 10
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <"nobody@mail-abuse.org">
<<< 501 <"nobody@mail-abuse.org">: recipient address must contain a domain
>>> rset
<<< 250 Reset OK
:Relay test: #Test 11
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <"nobody%mail-abuse.org">
<<< 501 <"nobody%mail-abuse.org">: recipient address must contain a domain
>>> rset
<<< 554 Too many nonmail commands
Connecting to 0.0.0.0 ...
<<< 220-We do not authorize the use of this system to transport unsolicited,  -0800 
<<< 220 and/or bulk e-mail.
>>> HELO cygnus.mail-abuse.org
<<< 250 server.example.com Hello cygnus.mail-abuse.org [168.61.4.13]
:Relay test: #Test 12
>>> mail from: <spamtest@[0.0.0.0]>
<<< 501 <spamtest@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 13
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <"nobody@mail-abuse.org"@[0.0.0.0]>
<<< 501 <"nobody@mail-abuse.org"@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 14
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org@[0.0.0.0]>
<<< 501 <nobody@mail-abuse.org@[0.0.0.0]>: malformed address: @[0.0.0.0]> may not follow <nobody@mail-abuse.o<<< 501 <nobody@mail-abuse.org@[0.0.0.0]>: malformed address: @[0.0.0.0]> may not follow <nobody@mail-abuse.org
>>> rset
<<< 250 Reset OK
:Relay test: #Test 15
>>> mail from: <spamtest@[0.0.0.0]>
<<< 501 Too many syntax or protocol errorsliterals not allowed
>>> rset
<<< <<< 
Connecting to 0.0.0.0 ...
<<< 220-We do not authorize the use of this system to transport unsolicited,  -0800 
<<< 220 and/or bulk e-mail.
>>> HELO cygnus.mail-abuse.org
<<< 250 server.example.com Hello cygnus.mail-abuse.org [168.61.4.13]
:Relay test: #Test 16
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <@[0.0.0.0]:nobody@mail-abuse.org>
<<< 501 <@[0.0.0.0]:nobody@mail-abuse.org>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #Test 17
>>> mail from: <spamtest@[0.0.0.0]>
<<< 501 <spamtest@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #test 18
>>> mail from: <spamtest@server.example.com>
<<< 250 OK
>>> rcpt to: <mail-abuse.org!nobody@[0.0.0.0]>
<<< 501 <mail-abuse.org!nobody@[0.0.0.0]>: domain literals not allowed
>>> rset
<<< 250 Reset OK
:Relay test: #test 19
>>> mail from: <postmaster@server.example.com>
<<< 250 OK
>>> rcpt to: <nobody@mail-abuse.org>
<<< 550-through this server. Perhaps you have not logged into the pop/imap server
<<< 550-in the last 30 minutes or do not have SMTP Authentication turned on in your
<<< 550 email client.
>>> rset
<<< 250 Reset OK
>>> QUIT
<<< 221 server.example.com closing connection
Tested host banner: 220 and/or bulk e-mail.

System appeared to reject relay attempts
Connection closed by foreign host.
Notice the System appeared to reject relay attempts, this means all tests passed.