Having an unauthenticated relay imposes the responsibility to configure it correctly (the “only certain addresses” part) and protect it (the “accessible outside the local network” bit). Are you sure it’s not accessible? Did you remember to test with IPv6 too? Will it remain protected after the next time you mess around with your firewall for some totally unrelated reason?
If it works - good for you, but be mindful of all the baggage that comes with a new service.
I’m running my email server on a POCO F1 ex-Android phone (running PostmarketOS now).
I wish I could get NixOS running on it, then I’d move other things also there.