Received a call from Roland regarding spam emanating from 165.95.1.135
I checked /var/log/maillog and found that somehow nullmx.soho.com was able to rely mail. It looks like the A record for nullmx.soho.com is set to 127.0.0.1 which is just fine for the local sendmail installation.
Also discovered that 165.95.1.135 was still running FC3 with no security enabled. Decided that now is as good a time as any to upgrade to FC4 and will make sure that security is enabled.