Do you make access to group mailing aliases within your company or domain available to recevie mail originating from outside of the domain?

I would say that can only be decided on a list-by-list basis. I could see some being useful and others being detrimental.

In practice, our company has its group lists exposed, and I've never seen them get spammed. The only time I could imagine a spammer getting hold of a group list is if someone put that in their return address field (which is a no-no) or entered it into a web site's data form (bigger no-no).

I have found it useful to sometimes be able to send an email to our local "[email protected]" address when I'm away from the office, but this is very rare.