I've tried the test, the result said my smtp server is NOT an open relay. Seems like I have a misunderstanding here:
Outsiders (who are unauthenticated) cannot use my smtp server to send email to other server (or to relay mails). That's why my server is not considered an open relay.
However someone can still INJECT mails into my server (i.e: send mails to some users) as anonymous sender, right? Sometimes emails sent in this way is blocked as spam, sometimes, they are passed CLEAN. So how to prevent it? Is it something like using "smptd_client_restriction" or "smtpd_sender_restriction"?