If we use closed mail relay then it should support SMTP authentication in Integrity, Best practice is to provide some configuration properties :-
1) Authentication is enable or not - True or False
2) One property could distinguish between TLS or SSL enablement.
3) One property to define Password of Email ID used in property mksis.im.notifierAddress.
4) One property to define Password of Email ID used in property mksis.logging.email.from
PS: If organization is permanently moving on Closed Mail Relay and no open relay is allowed then it's a little bit difficult. Only workaround as of now is to get a virtual server from Mail Relay Team.
For the trigger mail notification i still have one custom way to send notification using Closed Mail Relay but for system defined notification (mksis.logging.email.from) there is no way with Closed Mail Relay.
Feel free to share your views, ideas on this and how you are handling this situation in your side.