You could put a very wide range of addresses there and they may not have anything larger than a CLASS C. Opening up doesn't mean you will necessarily see a lot of spam or abuse of the server. Another party would need to know that there is, essentially, an open relay at that address and then know enough to spoof that address to exploit it.
You may find that upgrading the web hosting plan to include a fixed IP address could be done at very low cost. We provide it for almost all sites at no extra cost to improve their Internet identity and lessen the chances of something that slips by on one web server tarnishing the reputation of other clients. We use dedicated IP address for email domains for the same reason. When I last looked even someone like GoDaddy would upgrade for about $2 a month and there are other ways to make a business case for doing it. Some I've seen recently are charge 8 or 10 bucks but it is still money well spent for an organization that cares about it Web presence and reputation there.
If you can get it down to one, fix the problem, don't tell anyone so that it is an enigma. Not great techy or security advise I know but a practical solution for a customer that just expects that you can make it all work and allow them to run with a non-complaint outbound mail configuration.
I don't think I will be able to find it to send a copy to you but the crux of your problem is that the mail code running on the server doesn't include the ability to authenticate with a login to the SMTP service you are providing. Without ever having looked at PHP before, I was able to tear apart the plugin used on one clients wordpress site and add authentication to it. It was a simple and reasonably short project because there was not user interface for setting that kind of thing up. I just hard coded the account and the password into the PHP for the site and then, knowing how to send email from a prompt using TELNET, added those parts of the dialog between the sending end and the receiving end.
It sounds like it might be a tall order for ST to modify something to accept a specific sender wen the IP address may change. I suppose you could do something with Dynamic DNS at a server and use a URL but with that level of access to the server there would probably be ways to eliminate this completely. ST have been at this a long time though, maybe someone there will scratch their head and come up with something.
MAPI over HTTP - Let's flesh it out for Outlook with a full set of Exchange like features!