Not so fast...
There is no problem assigning your mail server with a 10.x.x.x style address. As long as you have a NAT setup on the Internet/public/untrusted side of your firewall that allows inbound and outbound port 25/TCP traffic through to the 10.x.x.x address of your mail server, you're fine.
However, you will still need to set up a rule set. Garion's example will let anyone spam through your SMTP server if they mimic a user on your mail server's domain. So here's how you lock it down:
[*]IF mail is FROM anyuser@anycompany TO validuser@mycompany, accept it
[*]IF mail is FROM validuser@mycompany (using a 10.x.x.x workstation) TO anyuser@anycompany, accept it ***OR***
[*]IF mail is FROM validuser@mycompany (passing SMTP user authentication against an LDAP, Radius, or internal user database) TO anyuser@anycompany, accept it
[*]ELSE disregard mail
If the first two rules weren't expanded, I'd be able to connect to your mail server, claim that I was a user from your mail domain, and send spam to both your users and users on the Internet using your company's domain as a source address. Bad mojo! So to keep that from happening, you either need to lock down sending mail to external users via client source IP ACLs, or by enabling SMTP user authentication.