This took me a while so I want to share some of my findings. My situation may be a common one so here's the task I want to accomplish:
I use Exchange 2007 Beta 2 as a "single server" setup - which means all relevant roles are installed on one physical server to send mails, receive mails, connect via Outlook and Outlook Web Access, etc. You can read this post which tells you how to do that.

Now I want to enable relaying without any authentication but only from some of my internal IP addresses.

This is what I did (there may be another way to do this):

• Organization Configuration / Hub Transport / Accepted Domains
  Create a new entry. Select "*" as accepted domain and select "External Relay Domain"
• Server Configuration / Hub Transport / Receive Connectors
  Create a new custom receive connector and specify the IP range of your allowed internal servers in the list "Receive mail from remote servers which have these IP addresses:"
• Now fire up the Exchange Management Shell
  execute: Set-ReceiveConnector -Identity "[type your receive connector name here]" -PermissionGroups "AnonymousUsers"

The last commands enables you to relay messages from this IP range without authentication.

Edit:
As Rodney Buike pointed out there is a more elegant way to do this: http://msexchangeteam.com/archive/2006/12/28/432013.aspx

Thanks for the feedback...